25ace20639977320f2e7432af2532d0607e29087d4496ef1bda97ca8d165cb3f

Sharing

Copy URL Twitter E-mail

General

Target

processlassosetup64.exe
Size

2.5MB
Sample

240410-tzl5xsdh57
MD5

aa985430974a30295d9986be93421f3f
SHA1

fca01ccba6c98e9ae76f289806bead7c206d8a17
SHA256

25ace20639977320f2e7432af2532d0607e29087d4496ef1bda97ca8d165cb3f
SHA512

b14aa94fde3379d98d082c8b3421fd32ef50ac36bf3dec63c42bfcb8684bf245fcafd9621908e870550e811ddf1e51fcf2981f2d3f51b7e9c0e5f7378a5b4690
SSDEEP

49152:U62h6jaQtHpo4NGsB2Uc2bZ6/oFyRWIEdkj+0CTZ8IoPI2lMhrYerkiWRqORd:UTh7QtH+jcDwBpu8lI2KxYQuRqO

Score

6^/10

Malware Config

Targets

- Target
  
  processlassosetup64.exe
- Size
  
  2.5MB
- MD5
  
  aa985430974a30295d9986be93421f3f
- SHA1
  
  fca01ccba6c98e9ae76f289806bead7c206d8a17
- SHA256
  
  25ace20639977320f2e7432af2532d0607e29087d4496ef1bda97ca8d165cb3f
- SHA512
  
  b14aa94fde3379d98d082c8b3421fd32ef50ac36bf3dec63c42bfcb8684bf245fcafd9621908e870550e811ddf1e51fcf2981f2d3f51b7e9c0e5f7378a5b4690
- SSDEEP
  
  49152:U62h6jaQtHpo4NGsB2Uc2bZ6/oFyRWIEdkj+0CTZ8IoPI2lMhrYerkiWRqORd:UTh7QtH+jcDwBpu8lI2KxYQuRqO
Score

4^/10
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/INetC.dll
- Size
  
  24KB
- MD5
  
  640bff73a5f8e37b202d911e4749b2e9
- SHA1
  
  9588dd7561ab7de3bca392b084bec91f3521c879
- SHA256
  
  c1e568e25ec111184deb1b87cfda4bfec529b1abeab39b66539d998012f33502
- SHA512
  
  39c6c358e2b480c8cbebcc1da683924c8092fb2947f2da4a8df1b0dc1fdda61003d91d12232a436ec88ff4e0995b7f6ee8c6efbdca935eaa984001f7a72fea0a
- SSDEEP
  
  384:wv1j9e9dEs+rN+qFLAjNXT37vYnOrvFhSL+ZwcSyekzANZBJ:w1AvEs3HBLzYn29vYh
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  68b287f4067ba013e34a1339afdb1ea8
- SHA1
  
  45ad585b3cc8e5a6af7b68f5d8269c97992130b3
- SHA256
  
  18e8b40ba22c7a1687bd16e8d585380bc2773fff5002d7d67e9485fcc0c51026
- SHA512
  
  06c38bbb07fb55256f3cdc24e77b3c8f3214f25bfd140b521a39d167113bf307a7e8d24e445d510bc5e4e41d33c9173bb14e3f2a38bc29a0e3d08c1f0dca4bdb
- SSDEEP
  
  48:S46+/nTKYKxbWsptIpBtWZ0iV8jAWiAJCvxft2O2B8mFofjLl:zFuPbOBtWZBV8jAWiAJCdv2Cm0L
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  cff85c549d536f651d4fb8387f1976f2
- SHA1
  
  d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
- SHA256
  
  8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
- SHA512
  
  531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88
- SSDEEP
  
  192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
Score

3^/10
behavioral7 behavioral8
- Target
  
  CPUEater.exe
- Size
  
  490KB
- MD5
  
  27bbb22da491eedb0c0b87de0516218e
- SHA1
  
  33dc0706ce7b9525ec3fb9f3275b414d6169455f
- SHA256
  
  0f1fddf131e9e75e787393588846e4bca08120b41f3e69c3a514b9fe5ea7db8a
- SHA512
  
  a5aba70f8daf8c9640e481f46c2d76e36aa3061a8c64e715e4e27ef73ce9b2d03ed9963696b91233b0722a450338fff1fb06ef0d7d3df4d89665acf4c089ba28
- SSDEEP
  
  6144:7+O9eBwatRqIx8xUbjqc44pWWXwAdfNNGvsXIw/0WKprM5B7VPShrkY:7UBwSLsw+c44p/XwAVNYrw/0ZM5p2YY
Score

1^/10
behavioral10 behavioral9
- Target
  
  Insights.exe
- Size
  
  758KB
- MD5
  
  7068a6c343dcf4e4fcf2a87ba708c013
- SHA1
  
  a3e61f5ba11be4106c10f71aff750d33e2cb9d1e
- SHA256
  
  dac6ad573d07be600411cf8d4303de795c1e678380e0991418dc0a3481efa8c5
- SHA512
  
  b625caa1c1ee8b02b005c289c42514bc09655ff2188f4018eec884a11e24a0a0137fdaefeb007f08081b472c82ff66ecb8faab601bb49709ee264bcc4a51d11f
- SSDEEP
  
  12288:k4Q9kOhEQRDd0IpMUNGc3InQcTo03P4Z22++ZrH3f4h5KGG3:oJhRRDdNpMUNVYnQ2+ZrXfoG3
Score

1^/10
behavioral11 behavioral12
- Target
  
  InstallHelper.exe
- Size
  
  767KB
- MD5
  
  5ef45ac3a0ab6cad5cfb839bf2270a37
- SHA1
  
  5842cc2ae470c53992bc632864b940ae944d6997
- SHA256
  
  4f1dfa91c9e5b522b313a1147498e160be4fbc9ca41866c5b74bbd5ba7a2aa16
- SHA512
  
  5c405657e76c73faa8def9bb26910d2e2c858927550d7dd7bf3ed2a148b39b64177371449b60311f9a032bf8a43cbe1697b7fd3e04421ad6587090d899ba2c87
- SSDEEP
  
  12288:ok5WqeSqy1LwF2GEVMVhm2Gc/GBdkuUi7/v8mGg69LHKGN8:F5Ld51LwF4VMRuUiLa5LdN8
Score

1^/10
behavioral13 behavioral14
- Target
  
  LogViewer.exe
- Size
  
  862KB
- MD5
  
  df4201829162b19ecb7658d287b74387
- SHA1
  
  92d98b523acdbcf145a990807f4585c8594445a3
- SHA256
  
  fca396a39dfaf7a12e80b3f64aa651ec8f89b388a301cca1b9e965a1f6742084
- SHA512
  
  5ac78855dd28deb81a2d00c2d93e82ff0e33484716f07d8e3f5a171dd8dc0b7a034864994378de4d2a62fcc2011c5427951caf91a6c8be4b09e30c51c3183df8
- SSDEEP
  
  12288:jUgTC0XQLyOD7Ejw0t7pIHIFnAex1UxD7xao+NWg2SOOk:tES6D7xa3oSjk
Score

1^/10
behavioral15 behavioral16
- Target
  
  ProcessGovernor.exe
- Size
  
  1.2MB
- MD5
  
  cfb907e3fe9cadf8238edd2445e5f87b
- SHA1
  
  d4441f86a569dfaeb7ca104cc91b5bfcc912eaaf
- SHA256
  
  d661e8dd5fc5d1910d43580014369a4ae86ee7ff43b61eea47867044e1461728
- SHA512
  
  f5414b4ca6ee65cdda1568d386384e0a47aa8780bc22b90aad9b80121b675f2fa387290a05159f8879523725c9019eca4f1034fe190615565cd913b22255130d
- SSDEEP
  
  24576:A1NL4PEXWEWpwvLPi/+LDZkqhyOSgj6S:A1NL4PqWEWaLPi/+hkqhDj
Score

1^/10
behavioral17 behavioral18
- Target
  
  ProcessLasso.exe
- Size
  
  1.8MB
- MD5
  
  9661fb6149241173ea6809e1b605d683
- SHA1
  
  b7817f9ed0eed9b8da02d9d14673e134422b1d92
- SHA256
  
  774557893da35092845440cb9a79f9f2a813913a6d8353fd03c215d5f0de5a88
- SHA512
  
  47700890db3f3b8ff172fbb99b11b82499f6cf2656b99dc7c63b828aab913669f59331518863a487b52a076e65a98b98475091c7efcf1eba3f99fe6b35b99cf7
- SSDEEP
  
  24576:DKvgXSSXEprJmODhC6h/OWqgsklTg8Pb54UJbN+p65B3Xrc9dcMH:e4iSBODhX/OPRCTDCUJp+p4Pm
Score

1^/10
behavioral19 behavioral20
- Target
  
  ProcessLassoLauncher.exe
- Size
  
  400KB
- MD5
  
  f973441b81d5b645db790713ef82c2d9
- SHA1
  
  287d2785e17728b145ee16b1518498bb1479df71
- SHA256
  
  5fb894a3522b7ffc90bdb08e87bcd332b0bbf14bdf4590484001478b18ca56e4
- SHA512
  
  3a7746b4ed9cb4a9edc41aee9d4829b4789b368999a510f60c27fd3e33c0d47f512214673e69de758e028c4701a3c4508938d1c05ceae027e87cd214b8a67a1f
- SSDEEP
  
  3072:UVPAgBPrsmf3c4sSxGtHrxHb81dVEI7LRbc7Vu1LIk7HoZ7WK7TVrb:WHhrsmf3c2x8Ht8fVwk1k7WG9
Score

5^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral21 behavioral22
- Target
  
  QuickUpgrade.exe
- Size
  
  473KB
- MD5
  
  729e8143ca0dabda69f5d043c52c5eb3
- SHA1
  
  40ac606cdfaa0925f913e188804606eb7f217cc7
- SHA256
  
  ca42142193983be4ea809ce82af10f8a2794fe955b9425d4063e2d6f21a1e17d
- SHA512
  
  3b81d5e884bebeaadc0e7081c99a8bd11a9f715ac568164dfd267c37504dac54763f9f5a3068949f424e59408c06c7bd4501b6fcd614c1bdc889b748c2a5d84c
- SSDEEP
  
  6144:LvDoEduafjNzm6uhfY38ZcWX7A9G4Gena7WG4/:4bafjNzm6uSQTh4LaKG4/
Score

6^/10
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral23 behavioral24
- Target
  
  ThreadRacer.exe
- Size
  
  541KB
- MD5
  
  bb99cd47911c5e2fda93e282cee7fdd0
- SHA1
  
  1cee86924ed4d575a57ff5a3e1a3f00efbeda784
- SHA256
  
  02218a71c051907717124a4a803d30c5881c31c4020e2466cd0947120a1ce7c4
- SHA512
  
  49ce7ffc6da500091130cc0cca7d650627f5c7867d77bcc135c4e8cfd2c40948e1671a4aedd79a857b0bfcfc50aed3897d128ff5ea7af7eb07aa9f28103e8dea
- SSDEEP
  
  6144:nDFE4hwQCOGx8hM+RanP8Pm59Yh/DQLMjhIqtmCBNJ7WGm:nDFNCfxX+RanP8Pm59c2MjqAJKGm
Score

1^/10
behavioral25 behavioral26
- Target
  
  TweakScheduler.exe
- Size
  
  620KB
- MD5
  
  a67bbb2c21d28f10b8384e6f7119c90f
- SHA1
  
  7faa3bed6be8058091ccd1daf3a50ad683617448
- SHA256
  
  3f6f2a2755bd9585feef152bb4f8112e1b2d65dbd29aaa9863503dd4e66dcf5a
- SHA512
  
  a664421f45a10e814aa779fd2768076a6002d07cc5224d634660cba0541186cbab1a19a290708f1dd9291ed352d2e1511fa22d89901173ea0d54ab0e7afbbf83
- SSDEEP
  
  12288:SFN2+Ys3jypTnZGEVcmWY2lLEfsmpHF3U+gFY7xmsTSOkOmMqgL+mx4Hu+g:SFNBTiZG7Ox+mx4i
Score

1^/10
behavioral27 behavioral28
- Target
  
  bitsumsessionagent.exe
- Size
  
  181KB
- MD5
  
  6f86caae0d9a5981d44bcb1cde7dadca
- SHA1
  
  b92d479b7ed042296bfebfb18f2823befeefcee3
- SHA256
  
  fe7aa00ec480f6fa1ec75aba47bbd6e1686c11382eff49dd0e12a82b4cc76496
- SHA512
  
  b89f90c4392cd3a3b85a93b6fbfd6b71b1fe7585a168d16b8a523adb1d6041a19ea2e99fb754a1123ed76940d1f1a66d91f66cd3e8d9e631467cc6286dc50d32
- SSDEEP
  
  3072:aSpF5lflRmgykL2cEE52WsVdLze6g0hHjWJ7zFaFa3OSJUJeBSehkK:tX/fDmgykL2cEERsVdn64jY7qQMep
Score

1^/10
behavioral29 behavioral30
- Target
  
  pl-update.cmd
- Size
  
  40B
- MD5
  
  cd60ccd708d428df44ca1d454ad0d68e
- SHA1
  
  83e3fb9ef19c7d3faabc0b391f96803652fda425
- SHA256
  
  ab965ed0402b4c474fe6c988afee9957c5494c687745114fc80d1fb70fb071bb
- SHA512
  
  b400530473683de0f7cba3f206b38ba1a0a4d3156a06168c3db0391eb33be1cb6fa65e736c746067aac394d538fc35de8764c30978734bcf4e84392b3294c10c
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

Downloads MZ/PE file

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32