0eb6ba91a1615a97769c2df504d702f99d3e99455aa2297444c1f3c4b450e062

Sharing

Copy URL

Twitter E-mail

General

Target

MEGAsyncSetup.exe
Size

14.3MB
Sample

240327-pg85hsfa4w
MD5

e15c30451a7cdf9a5a12e43e04bbdbb0
SHA1

d24ed5129890b3e22668609d4590b4d20bda3081
SHA256

0eb6ba91a1615a97769c2df504d702f99d3e99455aa2297444c1f3c4b450e062
SHA512

1b94d4625bf86c2dc662d590a7ed21c1c265c696804e9af2749f837d61bcbb13ef7de18d533ba07098e6466dbcc6e865e72825d1e727d55d547e33b571ae4859
SSDEEP

393216:qPsCwDEXjk8j+xOOt1Flfk29VZxGCDGpdRozKktRa+9A:3Crj6F1k2VZxGKsdRya

Score

8^/10

upx

Malware Config

Targets

- Target
  
  MEGAsyncSetup.exe
- Size
  
  14.3MB
- MD5
  
  e15c30451a7cdf9a5a12e43e04bbdbb0
- SHA1
  
  d24ed5129890b3e22668609d4590b4d20bda3081
- SHA256
  
  0eb6ba91a1615a97769c2df504d702f99d3e99455aa2297444c1f3c4b450e062
- SHA512
  
  1b94d4625bf86c2dc662d590a7ed21c1c265c696804e9af2749f837d61bcbb13ef7de18d533ba07098e6466dbcc6e865e72825d1e727d55d547e33b571ae4859
- SSDEEP
  
  393216:qPsCwDEXjk8j+xOOt1Flfk29VZxGCDGpdRozKktRa+9A:3Crj6F1k2VZxGKsdRya
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/AccessControl.dll
- Size
  
  8KB
- MD5
  
  65d017ba65785b43720de6c9979a2e8c
- SHA1
  
  0aed2846e1b338077bae5a7f756c345a5c90d8a9
- SHA256
  
  ccc6aaf1071d9077475b574d9bf1fc23de40a06547fc90cf4255a44d3bf631ac
- SHA512
  
  31a19105892d5a9b49eb81a90a2330c342a5504fa4940b99a12279a63e1a19ee5d4b257d0900794ff7021a09408995a5d12e95cc38f09cf12fb2fd860d205c95
- SSDEEP
  
  96:18YNfTAJj9KMMVSyPg8uxZAQ/zdVJF/mSsQwV6i8zRRxqBt/FZTIVe7/cIH8ykeO:1XwKMMfPuxJ/zb+b6fR+bZEwywQ9
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/CPUFeatures.dll
- Size
  
  9KB
- MD5
  
  8dbdb1e97b8bb2a24412dd2a8995fb73
- SHA1
  
  718f255611dcaca48679d11edcd4ccc4b70558e3
- SHA256
  
  4e4099a55fc7243f98b42041ad3052c0f04979597c76b43a4f95fa548bf69ad7
- SHA512
  
  db95fb87f3e6b1333b857b26b80bde18b63f7b07e42cd640c310478dd327b4b1ea8a6b6dba8404ba95e3e5217112f169ed900971b409b2eb4033b99b890e5c50
- SSDEEP
  
  192:Bsj793YDyrl/aSINP0og4DmPeQXID0IzK0suP3rk0p2XyA:BsH9Iury5j3y+D0GK0suP7k0Q
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  be828e6e1885cc5a25e18f123e2a76a0
- SHA1
  
  96432bf2da4e1c454f49f76e20855f27c2fce2f9
- SHA256
  
  01773690efda3c1fa609287f4bf2277f3d366fe4a1ddc099d2949fab54f0fbd4
- SHA512
  
  983e9a9e941b162031b8acf372c3ec12180b54f8e5f7172a6e87599e127170240841889d6e346a730f4970c9079f5f9cededc2730f910eb4e0bb897f68cfca70
- SSDEEP
  
  48:S46+/ITKYKxbWsptIpBtWZ0iV8jAWiAJCvxft2O2B8m/ofjLl:zKuPbOBtWZBV8jAWiAJCdv2CmCL
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/StartMenu.dll
- Size
  
  7KB
- MD5
  
  51937c5c11d9a2c3261dc976e48003d8
- SHA1
  
  33bac426167a88d6afc269a09865f950dfbaaac4
- SHA256
  
  6dd790a014a55ddd7df741a6e6afe0c9df936e7b463cd203563c991b4ea1e5ee
- SHA512
  
  a95828c5317b318752aec0c91bf1453a814ab8e1ef39e04face90952ec53e1523f26fea1c91e4fac97e311f6b3460e20e2fa9dca596eabfcf4b7ba920af7b910
- SSDEEP
  
  96:p8dPIKJhMuhik+CfoEwknt6io8zv+qy5/utta/A3lkCTcaqHCI:aZIKXgk+cx6QYFkAIlncviI
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  ee260c45e97b62a5e42f17460d406068
- SHA1
  
  df35f6300a03c4d3d3bd69752574426296b78695
- SHA256
  
  e94a1f7bcd7e0d532b660d0af468eb3321536c3efdca265e61f9ec174b1aef27
- SHA512
  
  a98f350d17c9057f33e5847462a87d59cbf2aaeda7f6299b0d49bb455e484ce4660c12d2eb8c4a0d21df523e729222bbd6c820bf25b081bc7478152515b414b3
- SSDEEP
  
  192:eF24sihno00Wfl97nH6T2enXwWobpWBTU4VtHT7dmN35Ol9Sl:h8QIl975eXqlWBrz7YLOl9
Score

3^/10
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/UAC.dll
- Size
  
  18KB
- MD5
  
  113c5f02686d865bc9e8332350274fd1
- SHA1
  
  4fa4414666f8091e327adb4d81a98a0d6e2e254a
- SHA256
  
  0d21041a1b5cd9f9968fc1d457c78a802c9c5a23f375327e833501b65bcd095d
- SHA512
  
  e190d1ee50c0b2446b14f0d9994a0ce58f5dbd2aa5d579f11b3a342da1d4abf0f833a0415d3817636b237930f314be54e4c85b4db4a9b4a3e532980ea9c91284
- SSDEEP
  
  192:5cdcpry0igQ1Ii1rzn6U4gbfW6irWP+vOg7XRSEi+OPLjte86jugnincl0Nr90Og:WqVibvTh4qnFP+OPEzinclP+
Score

3^/10
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/UserInfo.dll
- Size
  
  4KB
- MD5
  
  352495269f7d223991247cd2f2eec4db
- SHA1
  
  22a4aae719ba575c7b90524595a1eac500c2209f
- SHA256
  
  2071ad3c37ddc62c9fdbca7e2551d16bee11b0ef0f510cd16ddc098cd368fbc1
- SHA512
  
  07005457d0f76fbb412dbbf094460020b486ebd073446265f252226f52e4705d95a0d05a1f32a39c6f3bd3a9853be837e9425360341581ebf36493939c629608
Score

3^/10
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/execDos.dll
- Size
  
  5KB
- MD5
  
  0deb397ca1e716bb7b15e1754e52b2ac
- SHA1
  
  fbb9bcf872c5dbb4ca4c80fb21d41519bc273ef5
- SHA256
  
  720be35cd1b4a333264713dc146b4ad024f3a7ad0644c2d8c6fcedd3c30e8a1f
- SHA512
  
  507db0bee0897660750007e7ce674406acf9e8bf942cf26ded5654c07682757b07c9eb767bead0966478abc554dc9a6461c4288dc35d12cacfadad4c128f1bb7
- SSDEEP
  
  96:J++xDiP4p7t7dNOt3stxtRFFXxGD6qxlnKE6ttdH3r3:Rx9pJ7jQs5toD6Cln/6tt1
Score

3^/10
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  477b78e5db22b4e651b6bec39d5c1acf
- SHA1
  
  418038f8d4db22471f55206aa8eb372f3f133d0d
- SHA256
  
  80d84f6c405f4e7b51d3e0c7c10b06ce60b28a43451bbe0e6e464d5e4783fc35
- SHA512
  
  6658a0718a6c15a6f0767d87d604ced9d2f3a1494eb6e44d39507687b9e675a05d026b68a7ef8a311b10863e229a963c8ea6f6efb1d92b0657b32ee836adfe21
- SSDEEP
  
  192:oB8cxzvTyl4tgi8pPjQM0PuAg0YNyPIFtSP:oBxzm+t18pZ0WAg0RPIFg
Score

3^/10
behavioral19 behavioral20
- Target
  
  $R0
- Size
  
  557KB
- MD5
  
  7d74110915b8e91686658528a9cde11a
- SHA1
  
  688d8848b27b12953bb319c6601e79650a6249f3
- SHA256
  
  a6924c4d32dfcc9dd7c157657fff3f9bb7d5968b3bcb637f8773381a8087c3ef
- SHA512
  
  6dcc6b487fc1652768a40e6495d73aa3a55a329bcc231d44ea8a04ea4c931e90561e94cc831ba9ae3034f7a84de5eabacf35ca3a3516263458b1a64d041b3617
- SSDEEP
  
  3072:1K1mn7+i8IqwT9vtYAJCQLYmVSgxtZJCF1gX+WlbVkmZr7gfW:1Kgnp8zwTnpqm0gx9hlbVzr7X
Score

1^/10
behavioral21 behavioral22
- Target
  
  MEGAsync.exe
- Size
  
  7.5MB
- MD5
  
  2868351d4f0ffd7c2b7c8e6f6f34d9d7
- SHA1
  
  75635dee12b967fcfc559cffc2863d8db5d0dd21
- SHA256
  
  33c3d6a42fedcba271d8f323e7acafa2ef8982ec4cf9103796439ead7c180d81
- SHA512
  
  87ea512a8c45ae97aa7f4bae157cc1ecea5827bf32f1e0f162698d61fa1e3136cadd7e993405802eee745574cb4b17bd497f7b7b004281fe95c87d81b008141a
- SSDEEP
  
  196608:Oj8+Xib29pVtujvUXVa2Eb8WQ7f6q5wZ91K3:d+yb29pVtujvUXVa2Eb8WUL5wZ91
Score

8^/10
- Downloads MZ/PE file
behavioral23 behavioral24
- Target
  
  MEGAupdater.exe
- Size
  
  742KB
- MD5
  
  4ea18d70b27a65bcc9fcb316ba6d4ba8
- SHA1
  
  e47006b2e1ab69e0e7ecfbf2f0b22d076585dc41
- SHA256
  
  add51aae7d3198076993a61e7a6926cbf0b35edd691abb90d69ab23e9cc8ac34
- SHA512
  
  d51cee0e8d9fb4a94464cef3844f9f0de7f1edd35e522554c0b14f787753065ccbdcdae1410768ed4c98b13ad95d64be0a70b9d6a5aba765d79a35128ff5edbd
- SSDEEP
  
  12288:abG7awM+dYCWvP3wMY48/+Vy5k+LzL+iWAcZOQSNOrYWsysba:iG7a3+dqvP36Z+VqzL+i3Q+OrZi
Score

1^/10
behavioral25 behavioral26
- Target
  
  Qt5Concurrent.dll
- Size
  
  23KB
- MD5
  
  4f8798ad4d6094fca91f72d1299f67be
- SHA1
  
  0d58a2379e041a584db656ef8acdd6f683c6d5f4
- SHA256
  
  dc9aecc769adeee95d7ceba421de9a8f2c3c3d6a6a811a96b582747391c8aeff
- SHA512
  
  3f0b65ebc54f216a09f7e7c51bb5a5360f4ad6ef13a1206be5b8b717c35c022faaaee779047e3905a0b1debf6f4f887d289102fd778e35275cf2aa2f7da07253
- SSDEEP
  
  384:ekOL/9T/XeKJjSQO6jX7gUPykq7F8mHp9ZMmiQ6AE0tHkO1x3SdwKz8la3J9ycIR:JmjSezN7IZMnAx5kC3SKW8luJYGLieM
Score

3^/10
behavioral27 behavioral28
- Target
  
  Qt5Core.dll
- Size
  
  4.4MB
- MD5
  
  734e502b734d91c932499cff52ffb853
- SHA1
  
  61aee8f6f200fda07325dce15ddb0bbe3996dfcc
- SHA256
  
  eec541a9d7aa183a811583a6be7befaf7ff7c588a485a0adda6a4df44bd4eab7
- SHA512
  
  e93d0d538b5ce4b9eeaaa3e361e198df0adafab7c02f05d31d4a581e34b7c7359d3e2416cce4d71c16204fdd6ca90138e9b622f2ac682c422470a229464af31a
- SSDEEP
  
  49152:gg7R0PnB5Y8Vh8+gARa61cjr94fJsv6tWKFdu9CkTQ7aCT0AaasQLlRtgqEkLx0D:r7RIB5JgkrqP9UJsv6tWKFdu9C2DuiQ
Score

3^/10
behavioral29 behavioral30
- Target
  
  Qt5Gui.dll
- Size
  
  4.8MB
- MD5
  
  23ee6cab24a1485482cfc2773a10ac10
- SHA1
  
  1ad1ee8a0fe4ff7bf022b4978a8c118f4b119631
- SHA256
  
  5b7d31c48b0f1396b8c6d080c40893d47c4e94928a385f636a556617e4aa0556
- SHA512
  
  5ca0e68e55a5593f661ba612b4e6b45166aa603f41e83e8bec4ba7a9c3dbe8ac6ec6c5c76c7aaa55096cb12e5843f8ce07dd816fa0b44b77845d7f15c1ba16cd
- SSDEEP
  
  49152:S5znUGL/Y0CgtbZPpBEHivkKrfB5sIjat0vKf/8Mkj1IGbdWckJ+4Ncxy7Lp97ga:mjv9pvLrxvSA1IGWNzj1Cwp
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

UPX packed file

Downloads MZ/PE file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32