75f2450c9475b0adef291c84d08dd8ba99c011d2ee34caef0f34340ef4c6b4e6

Sharing

Copy URL Twitter E-mail

General

Target

FREAKIN.rar
Size

98.7MB
Sample

240406-ftxgtacb92
MD5

62844fd18f3714d44b85a78245011cf8
SHA1

e2739de0cdea1049f6ab49d02d5ad04d8a563a2c
SHA256

75f2450c9475b0adef291c84d08dd8ba99c011d2ee34caef0f34340ef4c6b4e6
SHA512

5cdea12276ba92bdfabb10cb227ba9bcf67b23d6748ca738192b5940756de26c344e6febf8230a0edd4fd0a7e1478bf41e2b05a4ddc586613bb61163d6f8587c
SSDEEP

3145728:A6Kcho1+eJ1HC7qtu2hVMzRgCq8u0zuWM3VVtYN:A8oUeXUqVeItJWM/tk

Score

7^/10

Malware Config

Targets

- Target
  
  FREAKIN.rar
- Size
  
  98.7MB
- MD5
  
  62844fd18f3714d44b85a78245011cf8
- SHA1
  
  e2739de0cdea1049f6ab49d02d5ad04d8a563a2c
- SHA256
  
  75f2450c9475b0adef291c84d08dd8ba99c011d2ee34caef0f34340ef4c6b4e6
- SHA512
  
  5cdea12276ba92bdfabb10cb227ba9bcf67b23d6748ca738192b5940756de26c344e6febf8230a0edd4fd0a7e1478bf41e2b05a4ddc586613bb61163d6f8587c
- SSDEEP
  
  3145728:A6Kcho1+eJ1HC7qtu2hVMzRgCq8u0zuWM3VVtYN:A8oUeXUqVeItJWM/tk
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2
- Target
  
  FREAKIN/jre/bin/java_crw_demo.dll
- Size
  
  23KB
- MD5
  
  1c47dd47ebd106c9e2279c7fcb576833
- SHA1
  
  3ba9b89d9b265d8cec6b5d6f80f7a28d2030a2d1
- SHA256
  
  58914ad5737f2dd3d50418a89abbb7b30a0bd8c340a1975197eea02b9e4f25b2
- SHA512
  
  091f50b2e621ed80bafe2541421906de1bcc35a0e912055b93e40cd903be8b474103c0d8fecdf46e7f2f3c44bdade64a857ab2b9cb5404306055150ee4ed002a
- SSDEEP
  
  384:Qp2dG5pC/ujTc8ZrEnrZm8WXLFnPV52WZQAnYPLr7lOGa:uvCGjJ0Q9ndRZdC71a
Score

3^/10
behavioral3 behavioral4
- Target
  
  FREAKIN/jre/bin/javacpl.cpl
- Size
  
  156KB
- MD5
  
  4e3c37a4de0b5572d69ad79b7a388687
- SHA1
  
  6b274e166641f9ce0170e99fe2d1f4319b75a9e8
- SHA256
  
  893a86e7b1de81dedab4794732fccd02790756a2dbe4815c102f039088dfcbd2
- SHA512
  
  8352a1cd859d17a27560448c6ffb0e8200096cac744c8bb56330397fde0b7f702e2295999d89fbad74df72df200c391113a23a9b4342abac738167967533f9cd
- SSDEEP
  
  3072:a2lpElIhbyyH3c1CX766zKELxKvFaPSnjZqMNJlGle:a2rE+xdW+76DEVKv8wv
Score

1^/10
behavioral5 behavioral6
- Target
  
  FREAKIN/jre/bin/javacpl.exe
- Size
  
  68KB
- MD5
  
  c2a59c7343d370bc57765896490331e5
- SHA1
  
  a50af979e08a65eb370763a7f70cdb0e179d705d
- SHA256
  
  40614fe8b91e01ad3562102e440bdbf5fac5d9f7292c6b16a58f723bfffe6066
- SHA512
  
  ca266f1b2e51f66d119e2d71e3377c229a3d583853ffb606c101afeb41689ace7d1f1594781091da67f9be9d09f3019bf048c0f819777e8f1827a56beec252c4
- SSDEEP
  
  768:jFVfr2k521ZnrawwMmqPXt+rP3b/9/YMCxx0OpPOrEE14EVHLAuDeGJiqrmehiV9:PxioMmqF+2x0MORLVq7qjh3rmKPNpwGg
Score

1^/10
behavioral7 behavioral8
- Target
  
  FREAKIN/jre/bin/javafx_font.dll
- Size
  
  56KB
- MD5
  
  aeada06201bb8f5416d5f934aaa29c87
- SHA1
  
  35bb59febe946fb869e5da6500ab3c32985d3930
- SHA256
  
  f8f0b1e283fd94bd87abca162e41afb36da219386b87b0f6a7e880e99073bda3
- SHA512
  
  89bad9d1115d030b98e49469275872fff52d8e394fe3f240282696cf31bccf0b87ff5a0e9a697a05befcfe9b24772d65ed73c5dbd168eed111700caad5808a78
- SSDEEP
  
  1536:f6arRmcnq2lxm+Na6C7HIT6T8E2pLSSm3:fzm+q7HITS8E2pLSSA
Score

1^/10
behavioral10 behavioral9
- Target
  
  FREAKIN/jre/bin/javafx_font_t2k.dll
- Size
  
  436KB
- MD5
  
  8ae40822b18b10494527ca3842f821d9
- SHA1
  
  202dffa7541ad0fad4f0d30cee8c13591dca5271
- SHA256
  
  c9742396b80a2241ce5309c388b80000d0786a3cab06a37990b7690fd0703634
- SHA512
  
  aa324a265639c67843b4bf6828029b413044cbe4d7f06a253b78b060ea554fecc6e803d59d03742c485b2eb3d52e5c0a44928dcc927501f413ee4664bb8a11f5
- SSDEEP
  
  12288:RreTVhY4gXwLR4YS+OX3kQg4O5kM2LY58gwDTxXvwGSelo:Rr4VhyK7eTxXvwelo
Score

3^/10
behavioral11 behavioral12
- Target
  
  FREAKIN/jre/bin/javafx_iio.dll
- Size
  
  123KB
- MD5
  
  01706b7997730eaa9e2c3989a1847ca6
- SHA1
  
  7cead73cbe94e824fa5e44429b27069384bfdb41
- SHA256
  
  20533c66c63da6c2d4b66b315ffcf5c93ae5416e3dae68cdd2047efe7958ab3a
- SHA512
  
  3272c8de6c32d53372d481441da81ae2b6ea02e8360b23d7f793b24827bd683a6604f43be18ce2bee40038fbe7d5f7af78b2c465a51f82478d881dbeb5744dc2
- SSDEEP
  
  3072:oOxjjADzd+aeaPB9JhjxkM2wzGdXJbD/jn8Y6:ocKzeaPB9JhjxknwzG5JbDb8F
Score

3^/10
behavioral13 behavioral14
- Target
  
  FREAKIN/jre/bin/javaw.exe
- Size
  
  187KB
- MD5
  
  48c96771106dbdd5d42bba3772e4b414
- SHA1
  
  e84749b99eb491e40a62ed2e92e4d7a790d09273
- SHA256
  
  a96d26428942065411b1b32811afd4c5557c21f1d9430f3696aa2ba4c4ac5f22
- SHA512
  
  9f891c787eb8ceed30a4e16d8e54208fa9b19f72eeec55b9f12d30dc8b63e5a798a16b1ccc8cea3e986191822c4d37aedb556e534d2eb24e4a02259555d56a2c
- SSDEEP
  
  3072:lScg0xvhTZNIs3Ft+STckCBQo3C0Y22vncTBfsO9jZqMN3cH1Tefqk:lSclI6nTc3BQo3C0YHncTBxvs65
Score

1^/10
behavioral15 behavioral16
- Target
  
  FREAKIN/jre/bin/javaws.exe
- Size
  
  263KB
- MD5
  
  f8211db97bf852c3292c3e9c710c19d9
- SHA1
  
  46dad07779e030d8d1214afe11c4526d9f084051
- SHA256
  
  ecf4307739ca93f1569ce49377a28b31fe1eb0f44b6950dbaafa1925b24c9752
- SHA512
  
  b3e20eeca87136cae77f06e4149e65ebfef71a43589f7e2833008fe43811a2bc8b6202b6adb5ce122a1822e83ce226b833def93a2b161476bd5b623794e4f697
- SSDEEP
  
  6144:Fp9B0qT85g5Sq+VBY2qVLC2wH5rM8HoQvlHO:5uqT85sSq+ERVm2wZEQvlHO
Score

1^/10
behavioral17 behavioral18
- Target
  
  FREAKIN/jre/bin/jawt.dll
- Size
  
  13KB
- MD5
  
  0291ba5765ee11f36c0040b1f6e821fb
- SHA1
  
  ffe1dcf575ccd0374df005e9b01d89f6d7095833
- SHA256
  
  f8540be2bbd5bde7962d2fe4e7ec9ef9bf53d95b48781ae549aa792f10032485
- SHA512
  
  72addc631d8cf064e1b047b51eef7f306ca959d24ed705065c33ee8dddf7ea84b95b3de5b0709015a81d36aca01e15ce99a354d4069d4d798ed128a6a76d1010
- SSDEEP
  
  192:ahKnvndLwm3XLPVlD6yTUZnYe+PjPriT0fwdNJLkoRz:a4j7PVl1TAnYPLr7cLka
Score

1^/10
behavioral19 behavioral20
- Target
  
  FREAKIN/jre/bin/jdwp.dll
- Size
  
  160KB
- MD5
  
  6e08d65f5cbb85e51010f36a84fc181d
- SHA1
  
  4eee8be68baaf6320aea29131a1c0b322f09f087
- SHA256
  
  2d8658909d9e357a4b70fcf862d690eec82a2f77161abb021e0839c6a67d4825
- SHA512
  
  df4494d062e9a8ac82d727d2722dcf32c3fc924fa104f384fa099adb08ecbdeea7a19245d779097c0afcf51f84852328ed595c88380f42bd39560678c8ad9621
- SSDEEP
  
  3072:XrQPwE5tlGsXVomHvD+1febSICzqozXtrQwnNZkB+5:XU15tpX9HvsfrTtMwNWBY
Score

3^/10
behavioral21 behavioral22
- Target
  
  FREAKIN/jre/bin/jfr.dll
- Size
  
  22KB
- MD5
  
  700f5789d2e7b14b2f5de9fdb755762e
- SHA1
  
  f35ede3441d6e5461f507b65b78664a6c425e9ac
- SHA256
  
  d115eaf96bd41c7a46400dcff7ef26ac99e3cf7a55a354855c86bae5c69a895a
- SHA512
  
  664a442dd424ca04ac0ce072b9bbd5ef7c657b59a26403c44a856738f7998466bfe3010825a13451281841d39b0a34d8997ee24497d626ec60c19aa1af0ee465
- SSDEEP
  
  384:YL4Z7lZRiY3PB6cGgOp2m1zq2oatSnPV5zYxkpLfsnYPLr7Ybc:E4PZRiY3PB6cVAebaMnd+ypLkC7Cc
Score

3^/10
behavioral23 behavioral24
- Target
  
  FREAKIN/jre/bin/jfxmedia.dll
- Size
  
  112KB
- MD5
  
  8bc8fe64128f6d79863bc059d9cc0e2e
- SHA1
  
  c1f2018f656d5500acf8fa5c970e51a55004da2e
- SHA256
  
  b77cd78ff90361e7f654983856ee9697fdc68a0f9081c06207b691b0c9af1f5d
- SHA512
  
  6771f23ecf1a449eb6b0b394e0f1d3eb17c973fc0544ba25487c92f215acc234fc31c9b7be5528efd06d29a35bb37dd7934318837576862adfc2631b4d610a24
- SSDEEP
  
  3072:2Cgsy+/cydqNiaZr+lOzZPh7/W4MCnc8Ioaa2yFWcC6vsx/8:FZOzZPh7/WSe+S6v+U
Score

1^/10
behavioral25 behavioral26
- Target
  
  FREAKIN/jre/bin/jfxwebkit.dll
- Size
  
  32.4MB
- MD5
  
  4d857a5fc9ca16d2a67872faccf85d9f
- SHA1
  
  eaeb632e526efa946e4db1b8cfa31de6a7b03219
- SHA256
  
  7ffa7423dda07499394b345e5ece2d54c8e19247e6e76c0e23b5bf1470ab0d7f
- SHA512
  
  8dbc8675ce2dace8d629c3fa66cf65704346ab829ae0b0a1d7b25be22783b7e73624ba70f6d67264d6ca1656d7590e3753a8df2227da45112c5bd4a5654089af
- SSDEEP
  
  393216:VJ8d7SMzwH5R2sdDcBwHHdI4DKRlDsqXCagQZhzvilh2Wlq7ODI:VJ8d7zzUesdDtevn
Score

3^/10
behavioral27 behavioral28
- Target
  
  FREAKIN/jre/bin/jjs.exe
- Size
  
  15KB
- MD5
  
  4f11d43aa2215ce771da528878f01c8e
- SHA1
  
  8062681d73489ff200ca0ba426ff1ff3f44494a7
- SHA256
  
  0d554cd4b373d6d9b9c179a468d179388706c0bde4d878ed75ef575651588b3c
- SHA512
  
  34cb271c32fb479cfaeec536a5d35a41730e90001d67dc9db595db240a1f58c3bf12334bb5cde7673c8e56a4c272bfbd66e4eacdee0082f6fd583e4e039ec540
- SSDEEP
  
  384:GpsE5cnm6ObmSHhV8j0eeq4SziahnYPLr79OOu:Gpszn6iS/8jxeqfhC78Ou
Score

1^/10
behavioral29 behavioral30
- Target
  
  FREAKIN/jre/bin/jli.dll
- Size
  
  155KB
- MD5
  
  73a76ec257bd5574d9db43df2a3bb27f
- SHA1
  
  2c9248eae2f9f5f610f6a1dfd799b0598da00368
- SHA256
  
  8f19b1ba9295f87e701c46cb888222bb7e79c6ee74b09237d3313e174ae0154f
- SHA512
  
  59ecd5fcf35745bdadcdb94456cb51bb7ea305647c164fe73d42e87f226528d1a53ce732f5ec64ce5b4581fa8a17cfbfdc8173e103ae862d6e92eb3ad3638518
- SSDEEP
  
  3072:gLkNbBRaz4rQWiG6wMz9/S3en9pHUw06TBfkqI44:rNbB4Mcnv7z6en9pj06TB6
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32