aa3c568c88329c4dd471492c0db25a6c299b4346562d63e850e3064902d86d69

Sharing

Copy URL

Twitter E-mail

General

Target

PrismLauncher-Windows-MSVC-Setup-8.2.exe
Size

18.1MB
Sample

240415-r8qtcshb34
MD5

242927c23fc9b6ff5efaa51aaf5eda58
SHA1

53e851f8a136ae29aeb0159d9fa221b5e37a8b4c
SHA256

aa3c568c88329c4dd471492c0db25a6c299b4346562d63e850e3064902d86d69
SHA512

cda01dc9762a02d47829cadb0678fcf0b361d6ce4a9b3ddffa5bb7636487bd16446076274ac5a4ad015cb4d52fff4cccbb49b472ed031616fccc1826b748ce17
SSDEEP

393216:CMU77hg6HfhIjEYqNPPoDlXsLAmCrQ7cAIYE9rpyTXuEz18Tcso:CMUhHfhIgTkX3mwQ7cAo9+Pyo

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  PrismLauncher-Windows-MSVC-Setup-8.2.exe
- Size
  
  18.1MB
- MD5
  
  242927c23fc9b6ff5efaa51aaf5eda58
- SHA1
  
  53e851f8a136ae29aeb0159d9fa221b5e37a8b4c
- SHA256
  
  aa3c568c88329c4dd471492c0db25a6c299b4346562d63e850e3064902d86d69
- SHA512
  
  cda01dc9762a02d47829cadb0678fcf0b361d6ce4a9b3ddffa5bb7636487bd16446076274ac5a4ad015cb4d52fff4cccbb49b472ed031616fccc1826b748ce17
- SSDEEP
  
  393216:CMU77hg6HfhIjEYqNPPoDlXsLAmCrQ7cAIYE9rpyTXuEz18Tcso:CMUhHfhIgTkX3mwQ7cAo9+Pyo
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  4add245d4ba34b04f213409bfe504c07
- SHA1
  
  ef756d6581d70e87d58cc4982e3f4d18e0ea5b09
- SHA256
  
  9111099efe9d5c9b391dc132b2faf0a3851a760d4106d5368e30ac744eb42706
- SHA512
  
  1bd260cabe5ea3cefbbc675162f30092ab157893510f45a1b571489e03ebb2903c55f64f89812754d3fe03c8f10012b8078d1261a7e73ac1f87c82f714bce03d
- SSDEEP
  
  192:VjHcQ0qWTlt7wi5Aj/lM0sEWD/wtYbBjpNQybC7y+XZv0QPi:B/Qlt7wiij/lMRv/9V4bvr
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/modern-wizard.bmp
- Size
  
  25KB
- MD5
  
  cbe40fd2b1ec96daedc65da172d90022
- SHA1
  
  366c216220aa4329dff6c485fd0e9b0f4f0a7944
- SHA256
  
  3ad2dc318056d0a2024af1804ea741146cfc18cc404649a44610cbf8b2056cf2
- SHA512
  
  62990cb16e37b6b4eff6ab03571c3a82dcaa21a1d393c3cb01d81f62287777fb0b4b27f8852b5fa71bc975feab5baa486d33f2c58660210e115de7e2bd34ea63
- SSDEEP
  
  24:Qwika6aSaaDaVYoG6abuJsnZs5GhI11BayNXPcDrSsUWcSphsWwlEWqCl6aHAX2x:Qoi47a5G8SddzKFIcsOz3Xz
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  1d8f01a83ddd259bc339902c1d33c8f1
- SHA1
  
  9f7806af462c94c39e2ec6cc9c7ad05c44eba04e
- SHA256
  
  4b7d17da290f41ebe244827cc295ce7e580da2f7e9f7cc3efc1abc6898e3c9ed
- SHA512
  
  28bf647374b4b500a0f3dbced70c2b256f93940e2b39160512e6e486ac31d1d90945acecef578f61b0a501f27c7106b6ffc3deab2ec3bfb3d9af24c9449a1567
- SSDEEP
  
  96:o4Ev02zUu56FcS817eTaXx85qHFcUcxSgB5PKtAtoniJninnt3DVEB3YsNqkzfFc:o4EvCu5e81785qHFcU0PuAw0uyGIFc
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  7KB
- MD5
  
  b4579bc396ace8cafd9e825ff63fe244
- SHA1
  
  32a87ed28a510e3b3c06a451d1f3d0ba9faf8d9c
- SHA256
  
  01e72332362345c415a7edcb366d6a1b52be9ac6e946fb9da49785c140ba1a4b
- SHA512
  
  3a76e0e259a0ca12275fed922ce6e01bdfd9e33ba85973e80101b8025ef9243f5e32461a113bbcc6aa75e40894bb5d3a42d6b21045517b6b3cf12d76b4cfa36a
- SSDEEP
  
  96:JwzdzBzMDhOZZDbXf5GsWvSv1ckne94SDbYkvML1HT1fUNQaSGYuH0DQ:JTQHDb2vSuOc41ZfUNQZGdHM
Score

3^/10
behavioral10 behavioral9
- Target
  
  Qt6Core.dll
- Size
  
  6.0MB
- MD5
  
  4b109b08ab6ae8b532ba254722b83a67
- SHA1
  
  59b7477ef8084b6858d44d7a8ebd78f9dd09cba7
- SHA256
  
  b3fe8c06f5ff686eab4a5784a9c36213d341809d982bf81570909fec262907cd
- SHA512
  
  482a7399f541806fc64bbc5924e3e55f24c86713daf959c421a40aa2aa76f256ac790e105eff4f60cd6b4299465a039505406091988de9265279103a296bd47f
- SSDEEP
  
  49152:ry2Gz+89rCG9TDJiPUQbRrEDLVo/9agt5F7r42jfMjYj0Q3b21ckw8eMSDz0QupE:FGzvvE+BCwI2zKFdu9CwJsv6toa/3tV+
Score

1^/10
behavioral11 behavioral12
- Target
  
  Qt6Core5Compat.dll
- Size
  
  851KB
- MD5
  
  b3fe7fde16dea4e4a4b2f5b9d9d04490
- SHA1
  
  010c2c0f4fcf7d01bf0403692d66bbec86a8f3f0
- SHA256
  
  91c5d1788a31e2ae195754b76b00e05bc1ed28042570f78f4de2c34de3d1f9a7
- SHA512
  
  5bd0bd5aeb4428d52d0e1307e125bf047ab90731689b24579972e1d6fef3dc55efd4089c351b4bfd63b12cfe3c9140dbbfa05b3020b9c8381c2bf3b54ae7e6d0
- SSDEEP
  
  12288:CbqiBp2WMX7t4i8ZOOSD5RC940wGBPGE/4717VKIyBDPzHkSDGGJf6bfKgQyR0DO:+eWe7t43veC9UGZG7VeDPTMTfJRi6uc
Score

1^/10
behavioral13 behavioral14
- Target
  
  Qt6Gui.dll
- Size
  
  8.5MB
- MD5
  
  4d427578ce80d21926239bde77859cbc
- SHA1
  
  ac7c9d7b8f2991a34f6368ebc098e369360e30ab
- SHA256
  
  1158536c723cfbcbf24f6f3443b16e42fc5473d8b1309040aa300a03408b5979
- SHA512
  
  4364dd317ebe3f54c33bb9af8e56ba45762882c74b18e336134f2904cb494cd15bbb94dd603e00b3ffb18c67f928dccf87b05feaa208bbd0ccade71d4ca29965
- SSDEEP
  
  98304:fEhGeAcxKT/pR9mRhGHyxy3V+/SVFkTN+DSsv5UkL:fDMapRghGHyWV+/cFkVsl
Score

1^/10
behavioral15 behavioral16
- Target
  
  Qt6Network.dll
- Size
  
  1.4MB
- MD5
  
  4812b1ba9956b935d541628ff79c83b9
- SHA1
  
  d4c98dfbede38472ad486ee5a050c8d0633636bb
- SHA256
  
  f2400ff51c603d8f518f069d90d9b88823192e6cad1695d64083fe26377682ed
- SHA512
  
  02a5ac6c4f78efc06333123395103d3dc282fb9d175ffe3184252f48bf69f5bce382efa9f633ed6a37efd8963faec5e74069273fe632d9cf2ab2338189a0a845
- SSDEEP
  
  12288:pw8ph+nReire/Zf5W/A8dtjFrLr4vXEMc+8yQUU3xNaFz8TjqX:pLj+nRe9/Zf5W/Jtj1kNcYdMaGXC
Score

1^/10
behavioral17 behavioral18
- Target
  
  Qt6Svg.dll
- Size
  
  376KB
- MD5
  
  95d3ccbe447f7bfdb78fe4bf483d7f44
- SHA1
  
  1d840c89a1000ba6fb522b7ff549fb251ee8abf1
- SHA256
  
  4a88dbb02144e4ffe399a5e25ff37454590cc58804f731bf65672c4371ba12d9
- SHA512
  
  e586e9ad0fad20faf2c9e946adcc32559931ac6834039aab3a5b5eb48141ccf52615847ccdd268dea8c08e5000ad5a08e342495eb9b28ee47f0bab5cec2d0881
- SSDEEP
  
  6144:xfmQ9jfqGt5Q5jL7sqSsf5gK817EzxJF210+nkpiFIWffG:xf3ijgQ5gK81qJF0G
Score

1^/10
behavioral19 behavioral20
- Target
  
  Qt6Widgets.dll
- Size
  
  6.2MB
- MD5
  
  c22c19fae4dfb264296ffa339795c37b
- SHA1
  
  38f6d382208081904e8c6c2d0fb09f52b39c388f
- SHA256
  
  9761e3b306d52403f1f190abcb2ccacd01630cfae053457028d9b6e8d91d3adf
- SHA512
  
  1b7ae36117b7c266cdb833e232b9bf90e3fbae0b316f4ed5c5b45de7c81407778cf4df906df34d4339ebb232d0e569125b6f9788f68e78a17f5887d50f51c1fc
- SSDEEP
  
  98304:/PfkAUbOJrZlGDeiUnsG5P1kS39rHaIwei:/PfkAUbGllGDeiUn556S3p6x
Score

1^/10
behavioral21 behavioral22
- Target
  
  Qt6Xml.dll
- Size
  
  151KB
- MD5
  
  2dac5315f7c6850c5de1c033f7b685a7
- SHA1
  
  d79133b56bdaff0677dedf150aee234aa5d800a9
- SHA256
  
  ef1f550bed5d78b417b560a99518d2ca30b6b9b8a1af621fb5421b7d1c01837d
- SHA512
  
  ada63250ba623a2960345406c31adf797b5c29e7715fd789c20948bc0cffa289b3be4d190572608376ce163d5ee2a4dd33ccdf74dfba765fbd0a1ef0067dc09c
- SSDEEP
  
  1536:nw3h1GaAltlF4wgXdYKQfKOxQYifGBWqmF9ys8QzTNE6AgqDixbabYTOj9FE6AgK:O1VAlbEtY7KtYgcmFT8QXCiofvd2KM
Score

1^/10
behavioral23 behavioral24
- Target
  
  iconengines/qsvgicon.dll
- Size
  
  69KB
- MD5
  
  f1a683ba6f78a0c6e2390666d52b35ee
- SHA1
  
  e311e92df3a63b8ccd2fab9e7965f6c66059000e
- SHA256
  
  9469059fecff193e4628847a14b4b6c7e7c4a4d4489f8ea4e1e98b19b9b7229e
- SHA512
  
  0633147d113bab073f83dffb13718f9c9a800ce41dc5a1207ce51c6843e682e603f0c55c25f675ae1fb12e5ac2764a5ea1da8de869cc35ed02f7e93aad001740
- SSDEEP
  
  1536:ezibTbDQn6wcma+mHKT6IQubV5awFpBnxxtyq8IyojRT9WkhgKxngeJ:eObTzq6IQubV5awFpBnxxtyqeojRv+Kl
Score

1^/10
behavioral25 behavioral26
- Target
  
  imageformats/qgif.dll
- Size
  
  47KB
- MD5
  
  dbeb208ebaf03014faa17c161b93502e
- SHA1
  
  475f678440724e2c1dee3d78dfd1b553814b33f7
- SHA256
  
  c98626b5fcbb3d25d058548fcf49526ddfafb4e917fa1567d9fb369a7eecafaf
- SHA512
  
  2e07f54169790bf98fc769f41f08027dcf54806bb1c86ab637a796c5a168b76917ca2aeefb739bb9ad40a7bd7a94285d7b3be6b2e9f0c6f07fc58ecd144c846f
- SSDEEP
  
  768:1ONXrIbWKNNy/Qq0rvEx2eVGlbZUVzO8XiS/ZFBgKxnVbGYJlO2Nw8:0JrIb9KQOVG3UzO8XiSBFBgKxnge9
Score

1^/10
behavioral27 behavioral28
- Target
  
  imageformats/qicns.dll
- Size
  
  55KB
- MD5
  
  ef36332f71eed4d07ca354b09ec8fc97
- SHA1
  
  00986214de00624534ae3fedd710e2eb2158593b
- SHA256
  
  871c9ac76374c6510cca93f58ebe4ec6d8f8d4f9420c00d3ab23f7756d7984a2
- SHA512
  
  55a0931df979b175fb34ace60738ae53ed7bbd2a304870b3035786fc60ff2ea8cb1b092ed9f9c61143ee599171dd1fe8831b3b84957c96133ade517701c10242
- SSDEEP
  
  1536:EjQEXCukdHgnHhuS+JhXGolhQm24jMKgKxngeB:EsEqgP+JXQm24jMnKl
Score

1^/10
behavioral29 behavioral30
- Target
  
  imageformats/qico.dll
- Size
  
  46KB
- MD5
  
  9e3a5b84ac8917de7fcfb0e346611ac5
- SHA1
  
  5f2d6528d7f40559418f02663a5eb02bf37e2975
- SHA256
  
  a23e5d3ce334a706eb86bb06fe1dcd01a52954611cdc792eaaa4e0afc3a49a91
- SHA512
  
  27095ab7a561151a93f5a2690e202e2594160a21c0e8ae8156ab7a8b4d0b4c73c42bdcb468878867a6f24c00b3d8a2617d4507c6c2447feffe6d0c0fd2887b57
- SSDEEP
  
  768:f0QehXuIBpyp7dJ/+n9zQTR8VyJuFbgKxnVbGYJljnyN7:cZDBp87dJ29zQTR8VyJuFbgKxngeja
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Checks installed software on the system

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32