8166e9f4dde03649255b9fea4a9920ed2f55e18f05bb8cb68194bb9636e935a4

Sharing

Copy URL

Twitter E-mail

General

Target

D0puslunar12.33-de.rar
Size

65.7MB
Sample

240410-p2mf9agb83
MD5

0c4bbf23849fa553ce1dd668dc5d0341
SHA1

3d403740b24da559212928ca77e454ace41039fb
SHA256

8166e9f4dde03649255b9fea4a9920ed2f55e18f05bb8cb68194bb9636e935a4
SHA512

9f77b58afe46bb3565b9279090c6cd7848f2bf54d18c4e47f556b8a0f8bc596ab7d22b2ec4f481bd59ad7beb6838a515024a25397564d5a0280c674909fb416d
SSDEEP

1572864:kXm5hMulWZMvRpggqEfakm2P6mwz4R/RdZVXNwEO+:kXmMC8MpmgqKpWzoRD9LO+

Score

7^/10

Malware Config

Targets

- Target
  
  D0puslunar12.33-de.rar
- Size
  
  65.7MB
- MD5
  
  0c4bbf23849fa553ce1dd668dc5d0341
- SHA1
  
  3d403740b24da559212928ca77e454ace41039fb
- SHA256
  
  8166e9f4dde03649255b9fea4a9920ed2f55e18f05bb8cb68194bb9636e935a4
- SHA512
  
  9f77b58afe46bb3565b9279090c6cd7848f2bf54d18c4e47f556b8a0f8bc596ab7d22b2ec4f481bd59ad7beb6838a515024a25397564d5a0280c674909fb416d
- SSDEEP
  
  1572864:kXm5hMulWZMvRpggqEfakm2P6mwz4R/RdZVXNwEO+:kXmMC8MpmgqKpWzoRD9LO+
Score

7^/10

discovery persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  32bit/Language/chs.dll
- Size
  
  476KB
- MD5
  
  f76fe8414493d2f3ba8e2ae99e2520c1
- SHA1
  
  6ce605c1237e4f9dc34d2f4d3ef203740422ea7a
- SHA256
  
  c7efae308af831dcec330f87066a82673ace1043612d772e0cfd663520c0cec6
- SHA512
  
  5d7da29fbdb5bdff1df609189afeadedf7a99ecab853ca03509bdc772115782e4d837ffc1ba8ccb518b8f583d0f8feb8ead3c131053e83de8f1be609c179b1c9
- SSDEEP
  
  6144:ZgZ1EvNVpu781LpDExALxoN6TxYct6MM54ILvUTNUKLf5MoZ5gMo:OZgN2G9o+WaSx6dno
Score

1^/10
behavioral3 behavioral4
- Target
  
  32bit/Language/cht.dll
- Size
  
  485KB
- MD5
  
  45aff02f2608dc39e0cec2d74644cf21
- SHA1
  
  9d45cda4d7d3149121ff1d734f297ac02e295fb1
- SHA256
  
  10720f7321560ca34f14681246c656d9ee54bcc2ebf0da0c12556e65bfe1e64d
- SHA512
  
  c6a31a906f1ee072736ceb666e4a18c7f0fd7bbd485e02dfd7785dbc12af11231de37c9cdb85edc99b660dbc0ced29bf16302f8bd87564e640a7691bfa90d0c1
- SSDEEP
  
  6144:Dtw/02BmfqYzYheQL90Urm1Xx1PzPQKRJA2Mwroz:m/02mSlU4GPfy1z
Score

1^/10
behavioral5 behavioral6
- Target
  
  32bit/Language/czech.dll
- Size
  
  760KB
- MD5
  
  fda86d78ab9812a21229838d866c7ef7
- SHA1
  
  563705bb620f50067b5619ffcdccc3d28cfcf8ac
- SHA256
  
  396e0736baf57754888b3a1dfe8f96ad93eaeb1cf0d27bc13c168d2b61b8942f
- SHA512
  
  1af98e252e5a210fa7d6a496f6553ad80968a1700e969838995f584da7d9f2324526cae233d6e287b8b4794e9fcee05415f682e18e55dc5e69c45221cc77937d
- SSDEEP
  
  6144:my/5EpDsLD23jlkZCPCXggqbIGpBO/k3pTGad:hsDsajhbIG3Oyxd
Score

1^/10
behavioral7 behavioral8
- Target
  
  32bit/Language/dansk.dll
- Size
  
  753KB
- MD5
  
  f514caae25f50869275578b6206c384a
- SHA1
  
  a8f093a1eb3804b111f0784b109797d58a93b94c
- SHA256
  
  abb96b3e490a86088e10ea15f31c6fd0330adc4c9caf8826bcb1feca3f341e7f
- SHA512
  
  9d257be5cb532908f0f696684d8c58fbac25f16a48dc463b9a40c243d1d82a6c7a0b24548a8a395adcafd18edb8dc5d425995d619839496def8ba7cc1e2401bf
- SSDEEP
  
  3072:TomZZmMDgQC74TmtdOW+iYShMKaMzgtmXA8yU1e41mfDsg1DVhuegrsWFuF7G4nd:hBFmth1r6sg1jKiHfWGe4DJ
Score

1^/10
behavioral10 behavioral9
- Target
  
  32bit/Language/deutsch.dll
- Size
  
  796KB
- MD5
  
  99de124fc7dc3c45de27da2781760365
- SHA1
  
  53cae25fddb112f08088836fc43ede5eb3a8bb58
- SHA256
  
  e8e93e9312af49d82fa98ea6d7c699fdbda3fd952ae6fb94e1d6bb46b1c988de
- SHA512
  
  7f2421117810b9fdf5b962423f8fed73497a30cc493e21a3f572645cb60d43889fe8c641b63e6cfec73764e60bb19c27d52401d838f07278f71caf4852ca908b
- SSDEEP
  
  3072:EoBRIMGu90JtuBGxT6OaY6E2nfkb9TSjp/XMP7F8MXhhEDl3Iqcb6KwkYNvg/ELf:H6A4O4oZROrZYmPfFKbgVi4NX0
Score

1^/10
behavioral11 behavioral12
- Target
  
  32bit/Language/dutch.dll
- Size
  
  806KB
- MD5
  
  5f8870d98eca56ca89892b69603bf8ff
- SHA1
  
  296032dc0cd55252ae0b0e883f4c1e52f9cbcacd
- SHA256
  
  186b2fc39fbc123880dc22fc0661696d7e021699ca88dcf364174cbb225c1092
- SHA512
  
  058074399bc44f08817253cd8279ef1cf34506545b28e30aac2ca06b00d4365d11d79364b6bab3c4d4e0dd43efbb90901c913b0688ed91fd88bd24f88c40bfa1
- SSDEEP
  
  3072:goWedxTshqTgoWImDq8oOuykIxTTlk8QqdFVwQPH4+ECLE35PzzBmetiPmkfKO5C:wZ6aUDi8UWO/sufmjS6UnZqayzcQv
Score

1^/10
behavioral13 behavioral14
- Target
  
  32bit/Language/ell.dll
- Size
  
  753KB
- MD5
  
  212f7e4408e72734e22b0d48f76464db
- SHA1
  
  d9e2f66c38ad81e4eee00ec5372633643d439bb7
- SHA256
  
  2e247d3c198b192c4e9fd786506b984875911824ee4f4f1fd43a55196c102647
- SHA512
  
  0abca88be1076218625ca3b82969d27b2243a4da7bcdde8bea09560a86d8bb04809fb1bc3deda2574e8ab90e5f53f869e0d3aeae24ba7d26d6ab15f5bcfbfeff
- SSDEEP
  
  12288:xEeyCEJZ2yutBqhufgfj/dJHhAHX0ZAW2H8QcW8xkWH5uqG+:xEPCslutBqhufgfDdJHhAHX0ZAW2H8Qy
Score

1^/10
behavioral15 behavioral16
- Target
  
  32bit/Language/english.dll
- Size
  
  736KB
- MD5
  
  75da520b240ac485884fb6418e9971b7
- SHA1
  
  3d2e43a1057564247b26586004076af48a8789ae
- SHA256
  
  949b9a05d4ea0c7802e234e52fe82688c92e5a8564ca216392719bb29562c9a0
- SHA512
  
  d007834dbb9cd221feba425fb359040293a4f3d7eb470b622d7b5e18070645f878b69eae9f9a5990d7eeac2c826e9a927fe413ace130302eec568367d9f82beb
- SSDEEP
  
  6144:EGsCk14MDCc1Ro903LNFYrX49olZQKecOsEIBJC:Bo490buC
Score

1^/10
behavioral17 behavioral18
- Target
  
  32bit/Language/esm.dll
- Size
  
  823KB
- MD5
  
  773c23fab339b1d6a5f97cd93015d7cd
- SHA1
  
  f56a47f3a1381e5af6a55798e6ae9837dd961101
- SHA256
  
  dd18db94101e7650d592c47b02ea4d948e95d51e7ad8fcba68da737c5950c6d2
- SHA512
  
  48954c9c41e4d8ca521ab91456bb751e917c0c2ea905c98b44e9284a471c6fb783abf37032b4d52ff16ae48b002c4a6f48b0751b65858e683a4328efe95f24d3
- SSDEEP
  
  6144:d5NEEAVsN/iSwt8zuge5MnXr6Az4cE8hx79iXrLm:761swjquUXrlL9S/m
Score

1^/10
behavioral19 behavioral20
- Target
  
  32bit/Language/espanol.dll
- Size
  
  827KB
- MD5
  
  43ed6cbacf585d658e3b4ec2a7d1992a
- SHA1
  
  0dfb7cd7201ec8b333500ad1dae35223bd2ef9aa
- SHA256
  
  86fef00ef6fd5c320ea73c753432086d90782e54b2b7fe7e773be4ab21d47de6
- SHA512
  
  26780fd90934394e9c7302b29cc518c027c7ea2433f71c41cb69f96dad931d53fed97e8250d3836407622127bb2b5089e9679e19e4ef6ec8c698c296c2f1eb89
- SSDEEP
  
  6144:db47oq0Xp3HAzNK7wUbb96/EtSzC7mauIAQU5pAltZc:d87oft4UwUntSCG5q1c
Score

1^/10
behavioral21 behavioral22
- Target
  
  32bit/Language/francais.dll
- Size
  
  824KB
- MD5
  
  a6152694d28cbf1a3bed7d4d2ddfc25a
- SHA1
  
  a80998866852998dc4cecd578391a4237011817d
- SHA256
  
  32861e193f7319d319b1f4488debf2d598fbc3844bc9d2ce2376e3e056bc46a7
- SHA512
  
  3cf7016ab18c094da7afba9dde45fef49ba59a47d2b23b19b0a0e1170005220ec9583cea3d2b0990ea3fc09aecd2274f38e6f9cbca5e3934342a13ffc6fae3e3
- SSDEEP
  
  3072:doSrm3H0TyE+fR+TpUqk8P+pgub1wf1A4QLpUC9Eh0eOfFiAZCZnxVBs9uQBq8+P:S1kGT6fQLpU+EKxcLEq59gq4F4Jh
Score

1^/10
behavioral23 behavioral24
- Target
  
  32bit/Language/italiano.dll
- Size
  
  815KB
- MD5
  
  b9a2021a03750b8a356d6f6361d86b1c
- SHA1
  
  f2e747978489ef5d25e7b205d2af7824a45b8093
- SHA256
  
  58803c6ac079ec8376def0f47294ff0ab2e1f76aed2eecba221d93855c60155c
- SHA512
  
  2ebfc548f5784b3a804e22f90f4c3b58ddec9c9056686ba61f2ec43db7a65b74eedfb39710f93423059a55883cf793b6298a70ebb16ca2e73136698ce0ef819d
- SSDEEP
  
  3072:coAw+3bAtSs+EM395v08NJI/ftmXAGEXNjLdpn4/RV9/Xu3b/u/jof16Atl4UKMI:1+3bn5v0A+ywnnhtl4UKDvfOQcomo98c
Score

1^/10
behavioral25 behavioral26
- Target
  
  32bit/Language/jpn.dll
- Size
  
  551KB
- MD5
  
  7514af1f242c7880571c574770be0064
- SHA1
  
  d15e8f230375e3891cdf3c0cbf3556e468f9855f
- SHA256
  
  1f10fc9b44cc628ff51aae74a6c7c1f4fa7cb2c7b4fbcdd371cb28696b0a8da2
- SHA512
  
  444d6273ca024c5a75e82fd7772d56ea1970c2e2ffc5760017f40a114b7a56626f27ece9bdaba9f0cb5fc51741e11d638d70cb774ad7a8e06186394a9f0456af
- SSDEEP
  
  6144:pNen+nAufYWh5oPIiv+x+MYntv3zlRRmTrJbDkeV7a6T:Te+AufYf8snBxKJzT
Score

1^/10
behavioral27 behavioral28
- Target
  
  32bit/Language/kor.dll
- Size
  
  540KB
- MD5
  
  5a2cdbee5487cc63c4d59752d0547bf9
- SHA1
  
  23e68a9e95ea97158bff7d3ac31a31c69ca850bc
- SHA256
  
  b3c4dfe4afa2307b0036524eb4dc539e7de298c19b0a13e04622b6ceec93ebb7
- SHA512
  
  e93c4abd2f6ea8d879d338019471fef9b31006e832f68afe69d67585ea99dc38dca345bd6ac1ae248521686872c93c9b5186d4cc53253d780342444d2a5ba469
- SSDEEP
  
  6144:YBoYROEUUZk/0fugGwklEyH9/UXLEgCnSU:WZROEtGwkqKkU
Score

1^/10
behavioral29 behavioral30
- Target
  
  32bit/Language/magyar.dll
- Size
  
  783KB
- MD5
  
  1bf230cccdf85bad604079eb60c951c2
- SHA1
  
  639b70a12e96c96753b7e2894d4d923e21a47555
- SHA256
  
  1f207d79950b41a25b1ae991857c1519d52b64c569395c4a11108b6bebe727e6
- SHA512
  
  0dc0bec596aa6aa91bf1811c5cf3f0554879c33b4b7dce7a021b013379f59698028c510e7cd6d63d7f02a380f1d6f41803a321ac7dd4501f12ee6421bfff09e2
- SSDEEP
  
  6144:3/psczoJtDR9GnPzvN5M6HlfIHO7V4xlu8S/1AHAdWIL5ctxcwkd:3SJl/GvaAQOd
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

Registers COM server for autorun

Checks installed software on the system

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32