a495a606305b3d9fe284756024b4010022357115d34abe062e745c5d7d651f28

Sharing

Copy URL

Twitter E-mail

General

Target

OctoSniff_PTO.rar
Size

18.3MB
Sample

240330-h12ffsbe45
MD5

4d01e2e28712f657b245e7738f37edda
SHA1

b80e925ec275c9e6f352776ee3647d8302851e46
SHA256

a495a606305b3d9fe284756024b4010022357115d34abe062e745c5d7d651f28
SHA512

249603b0512f0fc97f2d45e05fcba21535427de06a74a8ad0fa6be327bd8aa5d84f01a14e4b3557490dbd1bd11f26b194977dfde6b4c4e506ebbb7694a4da14f
SSDEEP

393216:OYlQq8aI2magXQj+B8p36FO8zu8ocCzwvj7f3aZWQ:iN/NQj+BIqFO81xvPa

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  CrashReporter.NET.dll
- Size
  
  220KB
- MD5
  
  73a9326cf5aa794ac51cea292381aa8f
- SHA1
  
  aa5a1887d9708fb5cb6fac224b3fff781b269634
- SHA256
  
  429c414b9f5297e96964dc934fe6c984df4ec49f322389dda7fcdb6a9c7c667c
- SHA512
  
  c6a2d8bebb2cf6631e5ce76b2fe0b44dc87c7ced4c94dc69237bfa339ec4a580941c7e941925acc3fd799e2be3c8aee1feb2f00740f60169a07d819a8fca1e29
- SSDEEP
  
  3072:ZQAlqyCNYK0XX1jFrds+g9q9HBhgpgpE1Q85IO/c4ZnNpvFi:aqq9N3SFhJs+g9ShhYHGEX5pvF
Score

1^/10
behavioral1 behavioral2
- Target
  
  DiscordRPC.dll
- Size
  
  79KB
- MD5
  
  ad463f573775c43a561ade842c41b0e8
- SHA1
  
  e70e10a18a3ae85cd1ca9be66a7bb46d99ccccd3
- SHA256
  
  6a18dfc8bdc6030787b5814c76b8663dbe5b8ca469beb65a2ca9f5731fa1906f
- SHA512
  
  0c790e70150148f4cc516cc9abcdf42a5b28a0785a61cd02ab7d59776df25eaeea287c98522d4b3271cae8bf35f98d91049c6474e81cc2745dc32a808832efe0
- SSDEEP
  
  768:Jp+8VvNVQPCNRRUzpEqrK0V2Yct83YVhEbqoL/wDIijcJRM2S0B+mhx9HS4i6E4m:nVvNGP6U1bwueoRPMVo+mhxVS4i60
Score

1^/10
behavioral3 behavioral4
- Target
  
  DotNetProjects.SVGImage.dll
- Size
  
  105KB
- MD5
  
  5f15a3b5c3894d37f5f2c7aa7457dc23
- SHA1
  
  435a02b6d609f3af7d403b230a54b6b449d11b64
- SHA256
  
  5f293c0b972c34788ec9b5f7ee9c584836a065797b9a4a24c4165461445744c0
- SHA512
  
  7a9005505eb4714d22bd89b0a957f360adc26f0c8e01c24afe98ff24fe40aed97c7575703fbb75b0ed880ecd6ec4fbe4f0315ca011ffaf655733613cd3a017a5
- SSDEEP
  
  3072:+i7Td7Q0W6BfjhIEF/GA2UzzZgAkN9lP2nHx:+6TPflgAe
Score

1^/10
behavioral5 behavioral6
- Target
  
  Dragablz.dll
- Size
  
  232KB
- MD5
  
  11f95af26e9c2132c9cb2968389d58e1
- SHA1
  
  017edfe93c01a7a2ee9f9abfd7714c9dab3067aa
- SHA256
  
  922ad6b96d275619b41dff20904faf4abc953def2a18ebaf92c8673540f2d993
- SHA512
  
  704becd9d6daeb0aefbf3647a28ccc2f8882484fe05b6cbeb7df58400c2619ed278086aa154ababcaa7fe96121f48486d7d23ddac4a50bfd78be473c558ef120
- SSDEEP
  
  6144:mzaYSGAievCYsBKRo/fofr4vMMRf6fzf7fWX2:m+VsBKi/fofr4lf6fzf7fWX
Score

1^/10
behavioral7 behavioral8
- Target
  
  Jupiter.dll
- Size
  
  16KB
- MD5
  
  1b79df126cb7aaf7d1f40bef36e843a4
- SHA1
  
  ce1c846754b538eb39d991547f65450a23969f54
- SHA256
  
  4a21780d164984cd0c9419740b8ad78fac6195b68947a9c2b975ffa55b0df374
- SHA512
  
  30cc3c412818f336b602e825d95efa5a07b8c6f8bab0a84f8efbae0dd44b868294988627b7f88b5b7af73697c730cc595cd14f915bd110c044aae42ba77da37f
- SSDEEP
  
  384:HnE7wWc/ukALvhjYRCkHSpiKGulG8MkMyQPogrjjEsyYyYrYUY2Y7Ycp3LV3:HnE7nvjyWnxYs1
Score

1^/10
behavioral10 behavioral9
- Target
  
  MaterialDesignColors.dll
- Size
  
  292KB
- MD5
  
  39367419516f5f3df9ab1f9e5d0bbcd5
- SHA1
  
  762c9acdb09bfdf40e700645131999202abbc871
- SHA256
  
  976eea4567656d536a6344b3834f958f2b9e27401b94c643681770437d5abc68
- SHA512
  
  20ea8a64a14579ef5403eae8a6345afa0f9b12229fdb8bc869f7a8cdd4e785093b9f60f9445be738266a161d75f53a8b8e42a69b2f9b4cbf4684f5dbf5113ae9
- SSDEEP
  
  1536:2ZJb/nKyGMbYrE4jKg4J4A+0MDR1TU7fKoVxbYCCMIRFxcE5istk0uWE1Ci4oggj:2DDrYrE6oJU907fKoVxb+Y
Score

1^/10
behavioral11 behavioral12
- Target
  
  MaterialDesignThemes.Wpf.dll
- Size
  
  7.1MB
- MD5
  
  fbd761926164043ac71ee9b83ab37fd1
- SHA1
  
  38d44b0f40fa31124ba139adeb6f7adc7e53ee19
- SHA256
  
  013a42b8c6ffa29e2198eed4faf6168247b6550a4c4ed5d82023a1d82a08e27e
- SHA512
  
  c2a0be2d8b5b98dc19ad167aadc1e68905ad259e3b0e020cfb95a8a816964549c98a9c5bc44b8f4640147bfd8555e799216b8dba13bf0eefed9582782da552d2
- SSDEEP
  
  98304:OXJDntBksKY+ND3WyA4+TLVei10vMzPv8/4C8B5XVS49Xzy83IiEcJMrCR2fShTf:onJ45/9iD54+V11bFv4z
Score

1^/10
behavioral13 behavioral14
- Target
  
  Memory.dll
- Size
  
  41KB
- MD5
  
  861f605e65535934717879d23e224ae0
- SHA1
  
  bcf79288b60c0b38c050dd212e049f1a7694a968
- SHA256
  
  72a3ec9044f3cb9d538eb00dd2aae1a431184578161394071c59411734b10894
- SHA512
  
  97cffc7f2f2781c38659a1d394dc777238d6b2385dd2b82907f271e75b25d513f969c4f7ea1d23ee426979fb1996bd9f2dd3961ded000c8f967db2d584cb6815
- SSDEEP
  
  768:Cfq8OZ3DAnw5rH0tbN/OBerDmmsjxSxIYxaLPut6tYcFwVc6K:Cq3ZTdVcN/OBerDmVtSxIJPutWwVcl
Score

1^/10
behavioral15 behavioral16
- Target
  
  Newtonsoft.Json.dll
- Size
  
  683KB
- MD5
  
  6815034209687816d8cf401877ec8133
- SHA1
  
  1248142eb45eed3beb0d9a2d3b8bed5fe2569b10
- SHA256
  
  7f912b28a07c226e0be3acfb2f57f050538aba0100fa1f0bf2c39f1a1f1da814
- SHA512
  
  3398094ce429ab5dcdecf2ad04803230669bb4accaef7083992e9b87afac55841ba8def2a5168358bd17e60799e55d076b0e5ca44c86b9e6c91150d3dc37c721
- SSDEEP
  
  12288:Lf9WGsSVSM2mxL2nRiOr8gUckc6V/g2GhBzj05cH:7XNL2PVh6B+Bzjmc
Score

1^/10
behavioral17 behavioral18
- Target
  
  OctoSniff.exe
- Size
  
  17.2MB
- MD5
  
  46735989b55ac72415a4a81db7ae80f5
- SHA1
  
  d617a9a20b883cf76dd25c6012431f1986edbf37
- SHA256
  
  139c77f42d7f66ecdafbaa7ab063b8caaddec726b64bfb2b71c3e9822d24acd7
- SHA512
  
  2204045fa0744ec43b239893ac9038758cebb27b16ab9a9d1fbb48efde4f8e31786f1578505beca82c0f74beb685fa493520358369c5472f0831065e1dfdf5d5
- SSDEEP
  
  393216:9JQaPHrQqXs140qMhu8369sV+HLz9SKUeNdDhHidcyNWi/x3E8sXzphsBOO0FmPR:9JQaPHrQqXs140qMhlK9sV+HLz9SKUeW
Score

6^/10

discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral19 behavioral20
- Target
  
  OctoSniffo.bin
- Size
  
  532KB
- MD5
  
  a2836c96e7e8cd44c0db5b8921067115
- SHA1
  
  fbafe49a6dd58f8b2208001ab2ba200ff5a32215
- SHA256
  
  739314b192890c3db654eddbfeb11c172f4cc9ed761b79f6552126f031d8ff15
- SHA512
  
  c9af6fe2ff98ec2d2b9c17873002430952c757fb632293cdc362b0c237b14c099759957eb2e98a8e704bc44555ff3aef21def2f64f831c77935769ce0c9660bd
- SSDEEP
  
  12288:GiON6et/fGRZHeeP6S4hNS/CeguR5SoV58pf:Gft/+e0p4hNwCOOoV58pf
Score

1^/10
behavioral21 behavioral22
- Target
  
  PLEASE_INSTALL_ME_FIRST.winpcap.exe
- Size
  
  893KB
- MD5
  
  a11a2f0cfe6d0b4c50945989db6360cd
- SHA1
  
  e2516fcd1573e70334c8f50bee5241cdfdf48a00
- SHA256
  
  fc4623b113a1f603c0d9ad5f83130bd6de1c62b973be9892305132389c8588de
- SHA512
  
  2652d84eb91ca7957b4fb3ff77313e5dae978960492669242df4f246296f1bedaa48c0d33ffb286b2859a1b86ef5460060b551edca597b4ec60ee08676877c70
- SSDEEP
  
  24576:UBOldyR6ORWsaM2QROxa6jsqUENfJjNK/CG6niqiL:2KzqWsayROxa6QDENuaG+ifL
Score

7^/10
- Loads dropped DLL
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  325b008aec81e5aaa57096f05d4212b5
- SHA1
  
  27a2d89747a20305b6518438eff5b9f57f7df5c3
- SHA256
  
  c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
- SHA512
  
  18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
- SSDEEP
  
  192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo
Score

3^/10
behavioral25 behavioral26
- Target
  
  $SYSDIR/Packet.dll
- Size
  
  99KB
- MD5
  
  2ce150705bbeb30e6c8059cc530043aa
- SHA1
  
  3d8615f9d8f8f7a5d78b3c06bf746948b9ef6ba5
- SHA256
  
  cd9f4fb077c25013226e0883f9ae02e9ced9b71f07637081e55ae70fd0788f29
- SHA512
  
  9f7573ca679ef0cc0e1d815f605a399e87f7a046e3e51970d2c7597329b19e118cc2da7240ee854e13e31582f12bab8be506d1612ac81d5b453ef366d4674dcf
- SSDEEP
  
  1536:zbDKMXRC2wKDDuDirGfqs97WcETlsxtl2o+V:PDKMtfuysAcETlsxtco8
Score

1^/10
behavioral27 behavioral28
- Target
  
  $SYSDIR/pthreadVC.dll
- Size
  
  52KB
- MD5
  
  f04a90f917ba10ae2dcbe859870f4dea
- SHA1
  
  6668ebe373ce58c33017697c477557653427e626
- SHA256
  
  99c61abf41c3aec38cab3ed6270adbca9a247bbf5f9aa9d29ecb0659a5527f48
- SHA512
  
  aec29301b9ce311b27f1590b0e0c4121acdc183a30b570e087d77b7035684f02a6dfbdee950c37f3023b32e2ea5a075a5fbe6d18a2804da9490d4959733bb516
- SSDEEP
  
  384:hSvfC8Vv0Vy7ojuq7GQcdWTc4zU+GFronD/yD5rBEe0kiH32Jp9AhOW:wt+TGQcdWYdMG59EeJiH3YzW
Score

1^/10
behavioral29 behavioral30
- Target
  
  $SYSDIR/wpcap.dll
- Size
  
  275KB
- MD5
  
  4633b298d57014627831ccac89a2c50b
- SHA1
  
  e5f449766722c5c25fa02b065d22a854b6a32a5b
- SHA256
  
  b967e4dce952f9232592e4c1753516081438702a53424005642700522055dbc9
- SHA512
  
  29590fa5f72e6a36f2b72fc2a2cca35ee41554e13c9995198e740608975621142395d4b2e057db4314edf95520fd32aae8db066444d8d8db0fd06c391111c6d3
- SSDEEP
  
  6144:E4yIm5rC9WNWwKcNBSCiLvK8+jKgZBwIbg2:jyIm59WwpqCuEKIwv2
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks installed software on the system

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32