Resubmissions

27/03/2024, 09:17

240327-k82gjacb8v 10

27/03/2024, 02:33

240327-c2b93aag24 6

General

  • Target

    9af7cff793aa9a53b890331046d268e3627bb2a6b5613cdb49619c07412ccc03.zip

  • Size

    8.2MB

  • Sample

    240327-c2b93aag24

  • MD5

    92718e3da8368e0928e9344b45170125

  • SHA1

    4c8743e3392e3e0db3d0c8979213823c747fab9e

  • SHA256

    9af7cff793aa9a53b890331046d268e3627bb2a6b5613cdb49619c07412ccc03

  • SHA512

    d2c7a9d7008f8e1cc4ce20745368841de68f23cab11ed257e17ea6df44b3f81e40d18441a9762c772b8d8a100bf6827912431723ab2c1c56db6ace9f3f621b9d

  • SSDEEP

    196608:E2GWKqkGTSOwUDpZm4NPaRzviayZenDJuOGZWCU/Z73zN7:E2Gb9OwQmeaJiay8NuzWb/Z73p7

Score
6/10

Malware Config

Targets

    • Target

      npp.8.6.4.portable.x64/langsMod.html

    • Size

      2.6MB

    • MD5

      8f28087d8d0e716368314c2f1a159280

    • SHA1

      7e383ae0f632c02ef98168b6c1a33fd449d6c393

    • SHA256

      0b3731c524e6ba716f15087d85eae7e6225b6b51d4ae2fa6c142ff1523f57046

    • SHA512

      aa21ab18a12a69ff25b24b1c255b0bdc7961985150b07a7f3f4b0909e212295bd781548cd8ea817f3144dfad845aff93df40a513bdb637db7b89bb08fff01eab

    • SSDEEP

      49152:C+sGc1TASKVbmYIBotpg0TunuNeeigv0XIMw4h2pk4PxKS5VinRfepLm7j5:WTAfVbwotpgruNeW0VHhL3S5VicLaj5

    Score
    1/10
    • Target

      npp.8.6.4.portable.x64/notepad.exe

    • Size

      6.9MB

    • MD5

      8279706ad64d33bf4eceb2c1becef274

    • SHA1

      582cd15c2d1bf27da142ced63ffe490818bf4fa7

    • SHA256

      712abdd019cd2e4d96cee74d94eafba8f21ffc35c99a656c228a179ba6f5b310

    • SHA512

      69d5f5a2ceaa10a822d24af6c0cfba91804886c7fdb634931c2c6149dec29b98a7770fa7e3cb8630a525c088c39a84382ad30556aa9d4092e4b2e356af39cf9d

    • SSDEEP

      98304:1UZbk6fd56GkLWD9hWfa3s+wuP8ThKV/mo:ybkRVLUhWUz/PIK55

    Score
    1/10
    • Target

      npp.8.6.4.portable.x64/plugins/Config/nppPluginList.dll

    • Size

      204KB

    • MD5

      e7ab0446d3d300d93ab65dd9f94dd59b

    • SHA1

      999f0dd30d4aa5224ade7b1bb2d4410494ee7324

    • SHA256

      83bd50d9c6d57a58e75838e92c4d5cc61d1cc604b4db033559c756b857f267fe

    • SHA512

      93016a843cee731c7b6195e36b218806734506e1aa44648731510962db1f8e405d1fc1952936a23340397c6b4fbb11ff0b832646970a79644042457cab3b159d

    • SSDEEP

      3072:cuQtUEW4pggQikeV29r97Fo/rg4aSuhJFAcT15fabjsKeBcHzmVR53vi:ktUr4/Dkq2FH51lQ/q

    Score
    1/10
    • Target

      npp.8.6.4.portable.x64/plugins/NppConverter/NppConverter.dll

    • Size

      198KB

    • MD5

      7ce0e43b22274d55d7c8fbe937fdd70a

    • SHA1

      b8b42b145e0fad49c3f497dd291d95629b24bc0e

    • SHA256

      15b522475027a659988edcd0b9efa18f2cf9d04ecf5f88d1c577eb8be1f55156

    • SHA512

      98c40c83b9e4c7f92f83a3c8fc8974c818edadc89b1aeb59922062b514fac47be9a3cf90859ee07dc9f641066a4d65182dc6b7641c41bde55c601bf08302533e

    • SSDEEP

      3072:esyQLpFufl6OPM07zq06MuUy8wqy9XGOeXLXTbi0A7zR9zk:5FLIl/M060Or6ucjb5AfR9

    Score
    1/10
    • Target

      npp.8.6.4.portable.x64/plugins/NppExport/NppExport.dll

    • Size

      153KB

    • MD5

      b29065b03a282b5560464fcc657945b2

    • SHA1

      b4f9cec583775c22ed7fbc967743df9effeb7d2a

    • SHA256

      f235cc34e126b47847b9aa89bf5ead47948de4d190b5fe2117ae6deff47e63e6

    • SHA512

      3872f4d85a88363c2538b41d85b6cfbfc14b1abe2b452cb9f71cbe310f53cc2522f1f072fc33853d17662a3cb39c656d698559b4a40bf5d9cffdfa11c47116d6

    • SSDEEP

      3072:JHWvf4whXRxCtyAKfbn52zwjMdsI54tWfdHak6y/c:lWYwtRxCYAKfb5uwodsIjd6k6d

    Score
    1/10
    • Target

      npp.8.6.4.portable.x64/plugins/mimeTools/mimeTools.dll

    • Size

      145KB

    • MD5

      3b1f714950b8d0134866dbc75e66eff6

    • SHA1

      6564dfc3c079fe789546350271e4cc19ba0ccdeb

    • SHA256

      148b29123bb0c28614858460d7a10707469fecebd6a9ff1da98a0c76a89a9819

    • SHA512

      376ae4b80c1518c724ac75dc78388747d7ae18b624a39cf74398c404bbf7a283c8c4fe8eb27673b9c99e1195aabbb81a2f08fccb01e192ee07ac1f7c2afdb630

    • SSDEEP

      3072:w3/HUI6sbzc1/x5py8qLlCat4HVOtzNNG0vBxN049K7lH:w3H6sX+/xzy8qLJ4VqNm49Q

    Score
    1/10
    • Target

      npp.8.6.4.portable.x64/updater/GUP.exe

    • Size

      818KB

    • MD5

      7073a8f48d526090a30c5c7e6191ca08

    • SHA1

      2908951eb08202ae355a4e5a6f06076725bee725

    • SHA256

      35663bf0e84cd3f9ba8949375fae8451263954154274ad4454b86920252424dc

    • SHA512

      74705e6275b8a9e9e2eaf99e0c64ef041a52fc78ddf20190cfbe96a2e7412d92a90d912c17b996c3c4f7d5cb4f3f647ccfe4da56a0e592f15e7b86644e319753

    • SSDEEP

      12288:ZySK0M5qRxaBr5wFNbgpA0WUVzOR63AczZXBS3CNmBDIOh68ADKbp34zZZ6dNNoJ:QqMo2aWqT2KbpIFZ6PNeTw

    Score
    6/10
    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Target

      npp.8.6.4.portable.x64/updater/libcurl.dll

    • Size

      728KB

    • MD5

      608dcba727dd4d046051968605e71553

    • SHA1

      859eb7b3b1eb4c79b6d90b2eff0429c6a766f499

    • SHA256

      012c73ef798e6656e0f2180c5b1f2175be4e72bfae830d1f2521a2566d2d0ec5

    • SHA512

      16fd945825c6d7f55854a53bea1a780bf350c6134c9b41f2d8440c376c38fd7f6ec83ae0c3bd3063245938465b18b38158d35e7bea6ff69bda2f6e93ce2bf8f6

    • SSDEEP

      12288:KvnFnd1uk7byyzwn5l2rsc2QwEBhdoqyTvl0cWmlqhKyMv:KVekCoa5l2P2B6hdQvl03msMy

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks