cf1df17c2105cf334c8e66dea374d34639ada4d4f51492a30901ab60591567ab

Sharing

Copy URL Twitter E-mail

General

Target

e1f9d0f864bb89a7084b8af4c959d04c
Size

4.8MB
Sample

240327-smb9hseg76
MD5

e1f9d0f864bb89a7084b8af4c959d04c
SHA1

9c62226f3fff8dc2837f8ca35cd971fdff1cd4ec
SHA256

cf1df17c2105cf334c8e66dea374d34639ada4d4f51492a30901ab60591567ab
SHA512

bff25cd9172201138745716c4d7576b6543825be8f50bd6fad21050ca2059cc0289b88f5374df0b3efc07ea78f1bffc61b604cb005c118a222a6a1183ac79805
SSDEEP

98304:Ju4SN45NAQlMorMuMdt2W0bEJ4xDamohP4gsCUDkMkmLOMhO:G45Nd29/dt2WsEJnSClLmLOuO

Score

7^/10

aspackv2

Malware Config

Targets

- Target
  
  HA_MarioXP120_DYJ.exe
- Size
  
  4.8MB
- MD5
  
  b440c20cca1941852f65e44a2d8c3303
- SHA1
  
  ce8f0db79e6c168649d371be0749430ef71dd1ec
- SHA256
  
  ac7b79bd973c76fdc27e3b43a6f51742fc73c492b1d2a8fdd857173f77bf1560
- SHA512
  
  ac9b15f19f469d1cce46634c40583914193e16b17fc2cef0d4c2ff1389ec0487ed291e1fb083f2716f9739e0f4e2089a733387f4ac7371aa8fbbada1810c3883
- SSDEEP
  
  98304:sha2BPHVibYaZDkSB1jURkdp4vHSUgFRqHJLG2RDxgLeSMdHU6zx9:gvVibYTR6MHDgcK0gMdHU6V9
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/AdvSplash.dll
- Size
  
  6KB
- MD5
  
  ca5bc3627eced1e65e92bc681d1dd428
- SHA1
  
  5fb30cd6afcce2377feaed143debac138007d4e4
- SHA256
  
  eb23e2436003fbaba5b08d441f98560c7f26bd25ba21910fb8f7446832bf3e32
- SHA512
  
  eca6959adbf0a32015b38979e125f5812e1baa9d40e807993326a5bb362d6b42496510a467da99c38c5f266f2bb0705c3506b2979427e817651f04792f6e0a23
- SSDEEP
  
  96:BQNyX2PtUZsM88eo93NaqqhN51xWabkkEkk/StC1woo:BFXYt38B9V61dk/kkStC1
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  12KB
- MD5
  
  83304a78d2b6ea45ea8404f4cd78721f
- SHA1
  
  d5c5d19653c751c08579dd094bcc9fef1841af00
- SHA256
  
  92344973083c0a5d8f5732814c1315124e8e0a2f1ed912583a081f95f7549414
- SHA512
  
  94076cc935927925641d668c19b389d007ff7e8623f2afe706fc73d1ecb97210577a828a727404b200d9870e14b23d6bd047de9201d629e7443a929c0740c67e
- SSDEEP
  
  384:BKlm7i+c3QW6ckPhyDEaLn42bbBBIXwZ:0qi8BcyhEhLpbbTI
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/StartMenu.dll
- Size
  
  6KB
- MD5
  
  4221b986a7f977d3658b7ed994762796
- SHA1
  
  2d1455a73653e0449de7aa39a2d4c9bd5be8d2f7
- SHA256
  
  a7f9f6427cb8ecb308dfd2ac622168b73a605614a83b7a9f6e3d416e7e9061c8
- SHA512
  
  e37415ae4166c99995999cceefe2cade1c9f4e7950d61231acfd220fe30eabec4208ba2d2fcd4e363d2f5fcf84af127291412710f3767dfd29e25cfa4e571f09
- SSDEEP
  
  96:oLJdRZk8OkmE+WHw0FMXF6CWhFxKpKscQhEfP0:oLjPk8OT30FFAdCP0
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  d4d09da0218ba046a66a294f0cca9dfe
- SHA1
  
  417b1acdeb0a4de6ac752a93080ca5b9164eb44b
- SHA256
  
  9090e47d239aa1da9598a483861165e0153c01ad9ff9d65cb6c0f4497a1da5b3
- SHA512
  
  3bc9a65842301dab56c139cc5a3457158d37ef294583728c93da1e11ae457df9551b0f8fbd03d5ea3058f3bc794d0ede57ea3efd5d663b45d25647a39cd955bf
- SSDEEP
  
  192:/OSsJI/rqmIDNLU0dq51EgAiNbubv6nLZ:pHQQ0d01Egbq76n
Score

3^/10
behavioral10 behavioral9
- Target
  
  CNCS32.DLL
- Size
  
  168KB
- MD5
  
  6f024d9c53203899b3454cb32c634826
- SHA1
  
  f5a057ad72688ac9c76e0575bd34a17f608f304f
- SHA256
  
  3ecc86fbc5c82e5959d9bf26a3f5060d93f048fc22c19903a701b75b0b962a0e
- SHA512
  
  4d3fe0cac7b20a03caa35a84f688ba76718a6cd3fa6998d0358aa6b9d42c11e4d786a587fa78d14d63e4a77bd62dcb1f58a88df6123c9db53615a61605119b63
- SSDEEP
  
  3072:565uNwv17bInBT4XrNOQ7qGC7dNgUBMfEAU9LpnHtZbRhqv+wkdx:I8NwN3IBF7dNgU1PLpnHPc
Score

1^/10
behavioral11 behavioral12
- Target
  
  Editor/MarioXPEdit.exe
- Size
  
  691KB
- MD5
  
  55fb2654497f18958b5d724caa134144
- SHA1
  
  df5bbcd3ae120bbbd49e7af7538602f69c22700e
- SHA256
  
  49b3db245c8dc00716776fbc7bd073d832b3e8b94140385e37bd7e25b26a457d
- SHA512
  
  ac21a179cf03d0e9689fd1c93de70ca7d5501017035f673b56cc7d86930c50ff4b889664fe454052f78c1f1e6442c2361a74c3f33f77917caaa9aa46e3af0316
- SSDEEP
  
  12288:FTRW9VTaKt1JFHm3CkB9tATf1LtZwdr1zQ6i80BI7RTvKC9EQ:FTRyVTaK7JFHsC4ATf1LLC1k1W7RTvs
Score

1^/10
behavioral13 behavioral14
- Target
  
  MarioXP.exe
- Size
  
  270KB
- MD5
  
  6bb5fec7810745125c712f2b68b1060f
- SHA1
  
  71972f2fbf42a147ef4160e53051bc168e329637
- SHA256
  
  649953c95312a8c0f90e0f7ecb97eaa33adc1ec2a0a77120d6752ce8e86b127d
- SHA512
  
  c4f8de231df90607125829b3d4be49b6d9c2c76024440cabd1f88d5cc096294cde78d6da3806d11e53310b0a59c2bd2a2f5046ed108e5f08da7d865fd2171631
- SSDEEP
  
  6144:QUgyENq4TeqXbh3+7aETR/oqMoSNRdUX5M:QCbwvF3FETRvMPNRdm
Score

7^/10
- Loads dropped DLL
behavioral15 behavioral16
- Target
  
  help.chm
- Size
  
  291KB
- MD5
  
  48346568f94424f7f7ea99e9b196eb9c
- SHA1
  
  5b6fdb46ea00727b19803eef468a565924ce9042
- SHA256
  
  c8c991756a0898123a36ac8d42c30876b85e239ae5d4bb54dbf5dee29a116e45
- SHA512
  
  82b650d1ebc54a2b090144606fa554ebd5870dd50f4549df3a3124b626833880ed6a4fd75ffe76ee0dadfc6488ccb8002d7670381527d8dc63fef4ad2a91d277
- SSDEEP
  
  6144:saM4VSHNSItBB96/TEpzibplyeQTXQN1/2a82oy8kbW:RM4YSeNQgpzcKXQNpoyPbW
Score

1^/10
behavioral17 behavioral18
- Target
  
  uninst.exe
- Size
  
  64KB
- MD5
  
  0acda2920e334da47c9e67f4291da37d
- SHA1
  
  f98513a69512cbc61957495a1e538f586119ccde
- SHA256
  
  c2794beeb985646b0e6c4b9d42ed60a010c5112fe9885bfa6fd8ec41a0af3561
- SHA512
  
  7dc9101523d638c2df284c6d2af68ca194b39098ed6693855bf18e1d03cfa6a218301dad4bc0b453e4b0aec66ec047c5663a73582ba92cc3e3d1801eceb6262e
- SSDEEP
  
  1536:Nw0smWTNb9Ngvyqbzp4ZKPJU6NsvqUqyY97:OBminNgVbzp4YPJU6lUqy47
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral19 behavioral20

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Loads dropped DLL

Deletes itself

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20