Overview

overview

7

Static

static

3

Funktionso...es.exe

windows7-x64

7

Funktionso...es.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Funktionsomraadernes.exe

  • Size

    576KB

  • Sample

    240428-lkxzwacg33

  • MD5

    002bbca6cac9709cf27a05e35bdd7251

  • SHA1

    d235813fc14f72d223884be78ae6e1f0b08e7fc9

  • SHA256

    585a233ae88cd32506e0634d4d82a06a0a669fe9d45c664d4fa811f8e962c19d

  • SHA512

    9a4b97bc9e6e56098803f9e4e7cb15c9656765b24a0d67b64f77bcc75fd2ca02f488e8ec21ccadc7685526156ce62f68661f89ec72eb4a0259ea0bea59600ad4

  • SSDEEP

    12288:RsloFF7bzP+fjrPi5b65Tn400Y20hnsuxlphgj:vHvzUG5bYF0j0hn3phgj

Score
7/10

Malware Config

Targets

    • Target

      Funktionsomraadernes.exe

    • Size

      576KB

    • MD5

      002bbca6cac9709cf27a05e35bdd7251

    • SHA1

      d235813fc14f72d223884be78ae6e1f0b08e7fc9

    • SHA256

      585a233ae88cd32506e0634d4d82a06a0a669fe9d45c664d4fa811f8e962c19d

    • SHA512

      9a4b97bc9e6e56098803f9e4e7cb15c9656765b24a0d67b64f77bcc75fd2ca02f488e8ec21ccadc7685526156ce62f68661f89ec72eb4a0259ea0bea59600ad4

    • SSDEEP

      12288:RsloFF7bzP+fjrPi5b65Tn400Y20hnsuxlphgj:vHvzUG5bYF0j0hn3phgj

    Score
    7/10

    • Loads dropped DLL

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/LangDLL.dll

    • Size

      5KB

    • MD5

      ebd0da54db9f12ffd15206cc24355793

    • SHA1

      910be3bebdde55eb1ce05915a79f01ebdc622786

    • SHA256

      4066a0cbd9f6bb13c0f6fb064d4647ef7bc68a1be3d0caa4460b5ffd9ed1e0e6

    • SHA512

      cee09db96267b1a30477ff074988606bdf35f9a5aa798a9a10029b11c0c347ab42a124320d777acde458828954cc8cf1a489b1673b31d589cdc4f50d4b86659d

    • SSDEEP

      48:im1wsjq8W2MPUptuMMFvx/om/ycNSCwVGfOY0vB6/JvR0J9of5d2D:F18Bl91Z7/ycNSCwV8TLZR0ed2

    Score
    3/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      6f5257c0b8c0ef4d440f4f4fce85fb1b

    • SHA1

      b6ac111dfb0d1fc75ad09c56bde7830232395785

    • SHA256

      b7ccb923387cc346731471b20fc3df1ead13ec8c2e3147353c71bb0bd59bc8b1

    • SHA512

      a3cc27f1efb52fb8ecda54a7c36ada39cefeabb7b16f2112303ea463b0e1a4d745198d413eebb3551e012c84a20dcdf4359e511e51bc3f1a60b13f1e3bad1aa8

    • SSDEEP

      96:zPDYcJ+nx4vVp76JX7zBlkCg21Fxz4THxtrqw1at0JgwLEjo+OB3yUVCdl/wNj+y:zPtkuWJX7zB3kGwfy0nyUVsxCjOM61u

    Score
    3/10
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks