d847b98ee4ccdadf0a406fa42cac1de6132ed595bc3986c54e22a1b46e178aaa

Sharing

Copy URL

Twitter E-mail

General

Target

GDLauncher__2.0.6__win__x64.exe
Size

111.3MB
Sample

240423-mtc7hafe68
MD5

3b3684cd4409978a89e1b40da1f2e279
SHA1

a2f18e924cc43ef71b67d1a7efffcdfe77562299
SHA256

d847b98ee4ccdadf0a406fa42cac1de6132ed595bc3986c54e22a1b46e178aaa
SHA512

b7a33061917af47b55096e890e78fc1ccd720915e3fdfd102789d6e93563ce2315ee1faa6271119a61910e019f2ed2f42fc4cf4e7952952484772bff04eba10e
SSDEEP

3145728:Wwe4/oxfh/ib2HCDYxImzShIsS3sLlme6xQg7gXQ:K4/Yh/iHW/6IsS8LMxyQ

Score

7^/10

Malware Config

Targets

- Target
  
  GDLauncher__2.0.6__win__x64.exe
- Size
  
  111.3MB
- MD5
  
  3b3684cd4409978a89e1b40da1f2e279
- SHA1
  
  a2f18e924cc43ef71b67d1a7efffcdfe77562299
- SHA256
  
  d847b98ee4ccdadf0a406fa42cac1de6132ed595bc3986c54e22a1b46e178aaa
- SHA512
  
  b7a33061917af47b55096e890e78fc1ccd720915e3fdfd102789d6e93563ce2315ee1faa6271119a61910e019f2ed2f42fc4cf4e7952952484772bff04eba10e
- SSDEEP
  
  3145728:Wwe4/oxfh/ib2HCDYxImzShIsS3sLlme6xQg7gXQ:K4/Yh/iHW/6IsS8LMxyQ
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/SpiderBanner.dll
- Size
  
  9KB
- MD5
  
  17309e33b596ba3a5693b4d3e85cf8d7
- SHA1
  
  7d361836cf53df42021c7f2b148aec9458818c01
- SHA256
  
  996a259e53ca18b89ec36d038c40148957c978c0fd600a268497d4c92f882a93
- SHA512
  
  1abac3ce4f2d5e4a635162e16cf9125e059ba1539f70086c2d71cd00d41a6e2a54d468e6f37792e55a822d7082fb388b8dfecc79b59226bbb047b7d28d44d298
- SSDEEP
  
  192:5lkE3uqRI1y7/xcfK4PRef6gQzJyY1rpKlVrw:5lkMBI1y7UKcef6XzJrpKY
Score

1^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/StdUtils.dll
- Size
  
  100KB
- MD5
  
  c6a6e03f77c313b267498515488c5740
- SHA1
  
  3d49fc2784b9450962ed6b82b46e9c3c957d7c15
- SHA256
  
  b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e
- SHA512
  
  9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803
- SSDEEP
  
  3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  0d7ad4f45dc6f5aa87f606d0331c6901
- SHA1
  
  48df0911f0484cbe2a8cdd5362140b63c41ee457
- SHA256
  
  3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca
- SHA512
  
  c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9
- SSDEEP
  
  192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/WinShell.dll
- Size
  
  3KB
- MD5
  
  1cc7c37b7e0c8cd8bf04b6cc283e1e56
- SHA1
  
  0b9519763be6625bd5abce175dcc59c96d100d4c
- SHA256
  
  9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6
- SHA512
  
  7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/app-64.7z
- Size
  
  110.7MB
- MD5
  
  fef022a4d2784792c68978672b12007b
- SHA1
  
  907dadcc811c7c11ba8c459fb4c859a57548fc97
- SHA256
  
  db5c6e26d02dc24fc77145033426c3796a6c82ecf0ed203b510db1f4a1d72ae7
- SHA512
  
  d5d4cbce4e17eb5b394f72038b86b55146279631cc649858be892eb77d6bbf779075ed648c4caa032ebccfcb10cf77a5486997bd47b7c845a734d5ef9f734878
- SSDEEP
  
  3145728:Je4/oxfh/ib2HCDYxImzShIsS3sLlme6xQg7gXV:M4/Yh/iHW/6IsS8LMxyV
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral11 behavioral12
- Target
  
  GDLauncher.exe
- Size
  
  169.9MB
- MD5
  
  1e78a22ba51219a321c0ffe245871915
- SHA1
  
  d27ab1645110f5c9b29bf0d93775f414af9d8e90
- SHA256
  
  a9c23f5fd00df04dd51c57aa0fe46cc2af8c9e523dc3183018dad093f03ab1d1
- SHA512
  
  c4175a0f48042f285525c4f674003febaf385fd4ab63546502a467173a2f9bd3f66b0a233d84b685ae7dff5ccd0d986ffce5743519fb9f30db2b9a579ec6292d
- SSDEEP
  
  1572864:js+fxQiW1vVzbHpUcEtmLd7cF3PPHNzLuTe7ulsxM/Gyr/w7VoB4X+x2CFRXQQS5:2e8BWNg3DFxfq
Score

7^/10

discovery spyware stealer
- Modifies file permissions
  discovery
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral13 behavioral14
- Target
  
  LICENSE.electron.txt
- Size
  
  1KB
- MD5
  
  4d42118d35941e0f664dddbd83f633c5
- SHA1
  
  2b21ec5f20fe961d15f2b58efb1368e66d202e5c
- SHA256
  
  5154e165bd6c2cc0cfbcd8916498c7abab0497923bafcd5cb07673fe8480087d
- SHA512
  
  3ffbba2e4cd689f362378f6b0f6060571f57e228d3755bdd308283be6cbbef8c2e84beb5fcf73e0c3c81cd944d01ee3fcf141733c4d8b3b0162e543e0b9f3e63
Score

1^/10
behavioral15 behavioral16
- Target
  
  chrome_100_percent.pak
- Size
  
  163KB
- MD5
  
  4fc6564b727baa5fecf6bf3f6116cc64
- SHA1
  
  6ced7b16dc1abe862820dfe25f4fe7ead1d3f518
- SHA256
  
  b7805392bfce11118165e3a4e747ac0ca515e4e0ceadab356d685575f6aa45fb
- SHA512
  
  fa7eab7c9b67208bd076b2cbda575b5cc16a81f59cc9bba9512a0e85af97e2f3adebc543d0d847d348d513b9c7e8bef375ab2fef662387d87c82b296d76dffa2
- SSDEEP
  
  3072:IOzwJCGIekwdLpsXYFAXg6IL2o418Gb0+VRLf0ld0GY3cQ3ERVm2I:IOzw1Iekam5QpK18Gb0OV8ld0GecQ3Ey
Score

3^/10
behavioral17 behavioral18
- Target
  
  chrome_200_percent.pak
- Size
  
  222KB
- MD5
  
  47668ac5038e68a565e0a9243df3c9e5
- SHA1
  
  38408f73501162d96757a72c63e41e78541c8e8e
- SHA256
  
  fac820a98b746a04ce14ec40c7268d6a58819133972b538f9720a5363c862e32
- SHA512
  
  5412041c923057ff320aba09674b309b7fd71ede7e467f47df54f92b7c124e3040914d6b8083272ef9f985eef1626eaf4606b17a3cae97cfe507fb74bc6f0f89
- SSDEEP
  
  6144:QsDQYaSN6svydHLhQegx5GMRejnbdZnVE6YoppO4:QBfSN6svydrx6edhVELoXO4
Score

3^/10
behavioral19 behavioral20
- Target
  
  d3dcompiler_47.dll
- Size
  
  4.7MB
- MD5
  
  66b5abcddb20803baf35f94a64f00a55
- SHA1
  
  ebf9c371416031dae0a7df00c2d2fdf5804a5411
- SHA256
  
  43a59623714b85c09fc9df78e24cd33fcaf1b160daa338eb95069f45ef3822f0
- SHA512
  
  0f5c0ea3cb4e8a11b1ac98e6723c4ef22b399c90df4a3b9ee782f974092121e8b5bd4af3d75ee479e3b9528e2e274f7fde794ea49690fcbcdd2645e26cfbfb29
- SSDEEP
  
  49152:qCZnRO4XyM53Rkq4ypQqdoRpmruVNYvkaRwvhiD0N+YEzI4og/RfzHLeHTRhFRNe:RG2QCwmHPnog/pzHAo/A6P
Score

1^/10
behavioral21
- Target
  
  ffmpeg.dll
- Size
  
  2.8MB
- MD5
  
  59108b1cd0f923babc1e237e84834111
- SHA1
  
  b77bbd053d05f9eb7acf6a84c57be05846fe00e1
- SHA256
  
  8b8d4beeb676935ab0b619b1ad3a84d9d37bfccb2ae812e42669b8d069f8de63
- SHA512
  
  f8596567038d632497c77bfc6aab8ef0c01023fd2ae0abab7e33260ff9afd6bb882da62675e88703e53dc731a47bb74c235d56c97802b3d351d1e12e055228ee
- SSDEEP
  
  49152:qPDtyvMYqXiOamQ7NyjmnMDbG7OUx7n6mfu/oB7pweIcgsxqeUsn/ud:QSOqNIoQG7OUrd/xKsn/ud
Score

1^/10
behavioral22 behavioral23
- Target
  
  icudtl.dat
- Size
  
  10.2MB
- MD5
  
  e0f1ad85c0933ecce2e003a2c59ae726
- SHA1
  
  a8539fc5a233558edfa264a34f7af6187c3f0d4f
- SHA256
  
  f5170aa2b388d23bebf98784dd488a9bcb741470384a6a9a8d7a2638d768defb
- SHA512
  
  714ed5ae44dfa4812081b8de42401197c235a4fa05206597f4c7b4170dd37e8360cc75d176399b735c9aec200f5b7d5c81c07b9ab58cbca8dc08861c6814fb28
- SSDEEP
  
  196608:hpgPBhORiuQwCliXUxbblHa93Whli6Z86WOH:n8wkDliXUxbblHa93Whli6Z8I
Score

3^/10
behavioral24 behavioral25
- Target
  
  libEGL.dll
- Size
  
  477KB
- MD5
  
  914e207a064cd85fe565b4e8adbd44f2
- SHA1
  
  72c6770172b0645418f40c8595d4a2b7689c0743
- SHA256
  
  5993b7f7291793b1af2ee7c45c985564cd1331a30d9ed378a2982e14fbad750b
- SHA512
  
  8ffd73c89e8bdbcf8166df16334284b0d32fab894ca708dac8889d89bc59f640dee58a0434cb7b1fa93dce126c541815f976bc25eda0c8c7236a78195c237749
- SSDEEP
  
  6144:TuF2DwTNCKxOUxcfDVTyKH/VbPGtWQAOWIBtuKYbu7DBi:qDCKsAcfDVjktWQAOWIubgs
Score

1^/10
behavioral26 behavioral27
- Target
  
  libGLESv2.dll
- Size
  
  7.5MB
- MD5
  
  46cb552ac7fef22fa1f610b7fa3d3feb
- SHA1
  
  d40559b1d09ecd7da5c1fff459dc06bf64bad3c5
- SHA256
  
  90b9f900cdceb04a9a5d1fd124e7b4f424c15cdc12e8d340f26b7eefc8238ce9
- SHA512
  
  e6a61b657c5033bacf464f2b585bbf6247b7efa7cee3fe343b6ec3adfa8644b4a6d2c0125824c935d7944d5b445a9d2f1a6c7ba6d72be7cf626b6b75e663ca9d
- SSDEEP
  
  98304:2YM1bKnyhXV3X4Nf/eW74heor1up6sDCpaXm3TV4:2L1jlX4F7ivuyUCTV4
Score

1^/10
behavioral28 behavioral29
- Target
  
  owutility.dll
- Size
  
  1.5MB
- MD5
  
  9b23fbe15c5ebb0d09b901e1e139f97d
- SHA1
  
  730807444686f38dc92b1c47ccf1f524f3277f60
- SHA256
  
  99f69191760484ee8aacc5c453f1b14b8c977da312e91dd34cdc6b254872ed43
- SHA512
  
  30dde82199d53c7cace90faa4f6e2e4725a21f881b99d27f347ddaae75b5e1af5a351c0ac2adca535489dfc59de7cfd379cf71270dfc6f975e167996e840262e
- SSDEEP
  
  24576:cCRhljMyiAfrZF++n6iJLDMj3M8s2MmSVbnMAugm1UplhBwPTPxyvew:cCHlj5ZrZFnn6iJ8j88sUSVbHuLShq/w
Score

1^/10
behavioral30 behavioral31
- Target
  
  resources/app.asar.unpacked/node_modules/@sentry/cli-win32-x64/bin/sentry-cli.exe
- Size
  
  7.9MB
- MD5
  
  052dcdab86876805e0d53e1e4a778b86
- SHA1
  
  aa3b3a73c8d66e0a97b865b05ce0dfc04cef19d6
- SHA256
  
  da981ef4de12d2ea9611ede14429274668fa1568632f9992871026f10adc3d9a
- SHA512
  
  2e81f5a85f68129f4697133eabbdfadff83a836abb2735a475fc90a6c59813cf38caa7cc786fcaf6a71a8ce26d560f7f38d58d3672fd36cff8c95b9bbe35616a
- SSDEEP
  
  98304:c8i6OjApjzwbwVJ/v6M5cU4vJYN39PzCTxrYjWTQ/pA7/tSQEr2yBGsvGovsW4E:tiAHvWAbFWTQxANEr2xYGovt4E
Score

1^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

T1222

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Peripheral Device Discovery

T1120

Process Discovery

T1057

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Modifies file permissions

Checks computer location settings

Modifies file permissions

Reads user/profile data of web browsers

Enumerates connected drives

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32