12ed55672422406776291c47ecfa40d49a1bc39ecd5bca9710ee6c860177d6c9

Sharing

Copy URL Twitter E-mail

General

Target

Install_FSUIPC7.zip
Size

39.0MB
Sample

240405-dp4zzsbd72
MD5

ac00e62b3b31c080723a49d6c5207799
SHA1

e9ecc2b5be38b98d3d5dca94ab52f0affe3049bd
SHA256

12ed55672422406776291c47ecfa40d49a1bc39ecd5bca9710ee6c860177d6c9
SHA512

6f63a95b1b242d140ea838b9239bd7ca1abb3035b3fc4493d51400aaf77ca7ef52e5c1bc4a145a2ab048168b5e698f328a5599cda79238a4b6b1675afb79f5a5
SSDEEP

786432:KRtyVH9otTx13gSN3CnqgTV0PMYtFSgL+LTOy1nUp0fMq1K7mO47mGxz:KRkH9oC43Cnqg4MYtfYTVU6f1HHxz

Score

8^/10

link pdf

Malware Config

Targets

- Target
  
  Install_FSUIPC7.zip
- Size
  
  39.0MB
- MD5
  
  ac00e62b3b31c080723a49d6c5207799
- SHA1
  
  e9ecc2b5be38b98d3d5dca94ab52f0affe3049bd
- SHA256
  
  12ed55672422406776291c47ecfa40d49a1bc39ecd5bca9710ee6c860177d6c9
- SHA512
  
  6f63a95b1b242d140ea838b9239bd7ca1abb3035b3fc4493d51400aaf77ca7ef52e5c1bc4a145a2ab048168b5e698f328a5599cda79238a4b6b1675afb79f5a5
- SSDEEP
  
  786432:KRtyVH9otTx13gSN3CnqgTV0PMYtFSgL+LTOy1nUp0fMq1K7mO47mGxz:KRkH9oC43Cnqg4MYtfYTVU6f1HHxz
Score

1^/10
behavioral1 behavioral2
- Target
  
  Install_FSUIPC7/Install_FSUIPC7.exe
- Size
  
  38.8MB
- MD5
  
  a63d46d2bf213cb86d5b0e76b924cb81
- SHA1
  
  1c81646bb9a0a246174cdbc7c078fcaec4ab351e
- SHA256
  
  0883539cd07f4afaab921ee2853387f2177bd81b1556d1ab37565d622136cea9
- SHA512
  
  76e8682e898605a84cec9e1220fa324204c31c3cabf29f57eae5a227810448dd1e05cdf680bca21fbff9ae1313b2a1b64a9a76eab667f6d3632779088288cd76
- SSDEEP
  
  786432:xVeTXnqDvnPOu3t+ouOSZJmrMkPxUUv0XnOkzxeCCT8AnA7IO+zUivm:xKXnqr9+ouOS2MkPpsnDELnnz/vm
Score

7^/10
- Loads dropped DLL
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  0063d48afe5a0cdc02833145667b6641
- SHA1
  
  e7eb614805d183ecb1127c62decb1a6be1b4f7a8
- SHA256
  
  ac9dfe3b35ea4b8932536ed7406c29a432976b685cc5322f94ef93df920fede7
- SHA512
  
  71cbbcaeb345e09306e368717ea0503fe8df485be2e95200febc61bcd8ba74fb4211cd263c232f148c0123f6c6f2e3fd4ea20bdecc4070f5208c35c6920240f0
- SSDEEP
  
  192:qPtkiQJr7V9r3HcU17S8g1w5xzWxy6j2V7i77blbTc4U:F7VpNo8gmOyRsVc4
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/modern-wizard.bmp
- Size
  
  25KB
- MD5
  
  cbe40fd2b1ec96daedc65da172d90022
- SHA1
  
  366c216220aa4329dff6c485fd0e9b0f4f0a7944
- SHA256
  
  3ad2dc318056d0a2024af1804ea741146cfc18cc404649a44610cbf8b2056cf2
- SHA512
  
  62990cb16e37b6b4eff6ab03571c3a82dcaa21a1d393c3cb01d81f62287777fb0b4b27f8852b5fa71bc975feab5baa486d33f2c58660210e115de7e2bd34ea63
- SSDEEP
  
  24:Qwika6aSaaDaVYoG6abuJsnZs5GhI11BayNXPcDrSsUWcSphsWwlEWqCl6aHAX2x:Qoi47a5G8SddzKFIcsOz3Xz
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  6e64e5d5f9498058a300b26b8741d9d5
- SHA1
  
  837ce28e5e02788da63a7f1d8f20207d2b0bf523
- SHA256
  
  8d4b1c275fd1cd0782a265080b56d1aec8d1c93edca5ef3b050d1d20d7b61f33
- SHA512
  
  f53514d36021d79f85df2494d403f03589b3ad848889b9224f962cc932ef740f127131a914c7171ad8136ca1ef631285ea1c80576db18ccf8ea56940eb00ea1e
- SSDEEP
  
  96:oWW4JlD3c151V1gQoE8cxM2DjDf3GEst+Nt+jvcx4P8qndYv0PLE:oWp3ggQF8REskpx8dO0PLE
Score

3^/10
behavioral10 behavioral9
- Target
  
  MSFS.bat
- Size
  
  4KB
- MD5
  
  590fa2ce71355aeb5607905509a140c8
- SHA1
  
  02d134061209bacf23efe744cfbf2aca1540718f
- SHA256
  
  b33f9b1a0f5cc34ba1dfb76855d0c6921f08298f942f9044d9868e74e285548d
- SHA512
  
  4cd3739bcd3afe957e61f540c7a9495e989ef707e1eee9041dc07b4dae45ac3469a0ba87ad841840c26f24caa35bb4c58ce3663a94ad44f42d38356a808effe4
- SSDEEP
  
  96:DNhEkndgsddddddddddhZ0C/U49l2ernfcRAN8:JrU49lJz0r
Score

8^/10
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral11 behavioral12
- Target
  
  Install_FSUIPC7/Installing and Registering FSUIPC7.pdf
- Size
  
  243KB
- MD5
  
  c08cc90cd2c85c2ca8d0a0050eb66507
- SHA1
  
  2dadfe9c2b09ba5c55e5dac00c91ac1e90468b3b
- SHA256
  
  4dabd46804d75f9d6202295b4d8dc00f12d7d5feac7af9b9df1522fabbf2ace3
- SHA512
  
  6457e5ec7082b9d5b7f84be94d7223a6312cf2523fe7eb9c5729074623fd22dc8c171306a4bd1c5a9e9635f38ea68eaf535f456379f95f8c79ecb4ca6510c02d
- SSDEEP
  
  6144:TSnKgSfbz1Q4eK4UcQzzdGU+1+ICxmY5981ppeepaPvlbSiZ:xgmbuK4gndV+Qx59+09Pvl+e
Score

1^/10
behavioral13 behavioral14
- Target
  
  Install_FSUIPC7/README.txt
- Size
  
  9KB
- MD5
  
  295a20cd0b9e9a92c4d82ff8cee7d3d3
- SHA1
  
  7ae2d0999314840eff67e2689f6775e73038ecfa
- SHA256
  
  9f7abe5f6f0c9e4fa72e71ff0d857505755c4508e443386945f5061479ea8e8f
- SHA512
  
  30d621ef0623ffb16699ed633a3db1305d34c385a131f8ddbb846fb5874f8bba8bc4bc9efc4b5cf055edea54382c11fa620825665b68da30e509fd10cac862c2
- SSDEEP
  
  96:67LlN96qeo2wZ8HTRKG3I+rZa2DFKqqPfSfnfmU2ORVBOINFxbaBGoZ9VHWhvEtQ:67Jn6qe/wN9AaMKqqPEGOddF4KqZOt
Score

1^/10
behavioral15 behavioral16
- Target
  
  Install_FSUIPC7/changes.txt
- Size
  
  40KB
- MD5
  
  7f1e8f4f2724e64c526d117f93d95996
- SHA1
  
  adacb1a36eb06ea918cb9f622921c0b291ee0a87
- SHA256
  
  a15f1e82d2b7fbabd79915f6ad454f3d4ff433ec8514a0cbff4a3ecd7dae784c
- SHA512
  
  685915ccc503f63cefdc1d3d40eb0238788c7da506ccd77475258514c481ad1b0c8184d8edc76ff41481659de326e1f82e261c287017209366ed6c653d4202d8
- SSDEEP
  
  768:uE2IluG9Iyob2kKAWiSWkWgPWfW0UQPvZItUS2cNiax0l8P2y8biHUB2VfNdx/c:xZgGKHe4/aObiHx1dxE
Score

1^/10
behavioral17 behavioral18

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Checks computer location settings

Blocklisted process makes network request

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18