f215a5aef06933198016846ca848e7726bce413397ab952bea339e3f7890ce63

Sharing

Copy URL

Twitter E-mail

General

Target

MeshLab2023.12-windows.exe
Size

74.3MB
Sample

240503-lfhz6abf41
MD5

eb977945534fa36f3d219be3596a017e
SHA1

2a471afe37e8334194bdf23ad8d457f1a72f68bc
SHA256

f215a5aef06933198016846ca848e7726bce413397ab952bea339e3f7890ce63
SHA512

7d95874d802a4ba414ec841822dfb983c6d2898fa4544d77768791047ae4059713c9291acfdec160bdcbdc6dc23a135d657bedb4475d288873ab35d26ffe06d0
SSDEEP

1572864:Y+UObZPDNeCqh7HxHQLqzl4p0eMrEGghCD+5W4C+39xzXOS5Vag0TpCNDouUUkf/:YE7ZKx8qeMrEGE1WvI9x55Ag0TpcDUv/

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  MeshLab2023.12-windows.exe
- Size
  
  74.3MB
- MD5
  
  eb977945534fa36f3d219be3596a017e
- SHA1
  
  2a471afe37e8334194bdf23ad8d457f1a72f68bc
- SHA256
  
  f215a5aef06933198016846ca848e7726bce413397ab952bea339e3f7890ce63
- SHA512
  
  7d95874d802a4ba414ec841822dfb983c6d2898fa4544d77768791047ae4059713c9291acfdec160bdcbdc6dc23a135d657bedb4475d288873ab35d26ffe06d0
- SSDEEP
  
  1572864:Y+UObZPDNeCqh7HxHQLqzl4p0eMrEGghCD+5W4C+39xzXOS5Vag0TpCNDouUUkf/:YE7ZKx8qeMrEGE1WvI9x55Ag0TpcDUv/
Score

6^/10

discovery persistence
- Adds Run key to start application
  persistence
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  15KB
- MD5
  
  d095b082b7c5ba4665d40d9c5042af6d
- SHA1
  
  2220277304af105ca6c56219f56f04e894b28d27
- SHA256
  
  b2091205e225fc07daf1101218c64ce62a4690cacac9c3d0644d12e93e4c213c
- SHA512
  
  61fb5cf84028437d8a63d0fda53d9fe0f521d8fe04e96853a5b7a22050c4c4fb5528ff0cdbb3ae6bc74a5033563fc417fc7537e4778227c9fd6633ae844c47d9
- SSDEEP
  
  192:EyGQtZkTktEQUrJaZfuyCnSmUsv3sY7L7cW8Y6Q86QvoTr11929WtshLAzgSrX8:EyNt+4t7uJalUnGesY7Lt8nCr/Yosa
Score

3^/10
behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  4add245d4ba34b04f213409bfe504c07
- SHA1
  
  ef756d6581d70e87d58cc4982e3f4d18e0ea5b09
- SHA256
  
  9111099efe9d5c9b391dc132b2faf0a3851a760d4106d5368e30ac744eb42706
- SHA512
  
  1bd260cabe5ea3cefbbc675162f30092ab157893510f45a1b571489e03ebb2903c55f64f89812754d3fe03c8f10012b8078d1261a7e73ac1f87c82f714bce03d
- SSDEEP
  
  192:VjHcQ0qWTlt7wi5Aj/lM0sEWD/wtYbBjpNQybC7y+XZv0QPi:B/Qlt7wiij/lMRv/9V4bvr
Score

3^/10
behavioral3
- Target
  
  E57Format.dll
- Size
  
  1.0MB
- MD5
  
  b3b663c029cffa70ae55052f7c411b2f
- SHA1
  
  47e715ee3424d15e918fcc269c1419f2946ce0d1
- SHA256
  
  9b28575035097d8d65501d5fbc312cc750ebf9fc5886e66c5d2eef3307b96ea3
- SHA512
  
  88f78f92fa283ddeb5085d0d71ed772c86b30c87fbd72ab126a04933fc0a5d6404d99d4f20828f980e1510dc5844c59cee5ee9855efb69e6def9e6fe03a71ae9
- SSDEEP
  
  24576:0AePJOIsmxRAv+fnZU55+nzG3K99aL1RZ1w05:QAIsmxRAvqZQ5ESaY1RZ1w05
Score

1^/10
behavioral4
- Target
  
  IDTF.dll
- Size
  
  665KB
- MD5
  
  b22b3b8cec2a977916a0bf1ee8b942dc
- SHA1
  
  680fe56143504c6173d60476976d110536522377
- SHA256
  
  d020ec99d343f7633dc8c06e0d12f759ecf3019b410772f0115dfe550bd97de4
- SHA512
  
  694961994bd5e254d8449eb4077173303401d67e66b57d65f569270c740a2c112be095f387d9d8e59afad29290f0b55f961ed246f1dc0988aeb2e431e2b0692f
- SSDEEP
  
  6144:IR3qkllET9axEGMjhjjXzm3JewGXLMvKG/wyXK+uJYRJBzZY9fm9Y+Q2q6uetE:IR3Zk9+8jjjwTwYuJCBd+Mq6uea
Score

1^/10
behavioral5
- Target
  
  IFXCore.dll
- Size
  
  2.4MB
- MD5
  
  bcb019c836a0f362e2a80edef3402f09
- SHA1
  
  85174e576b52e22be5c930b542f0bc988c02d65f
- SHA256
  
  35793ee075ef4e704c8007164c8e0a8cf6c3c3447445bb7d28ce73896719c78d
- SHA512
  
  36b4f29044cc676f012e711bdfbc6a598bf4b4a3debd328b8cd2dc09c112f1ac993274759dd3a7275b00c0fe890c2bb8abce58ddc3ffa79cc3ea00059cc8a406
- SSDEEP
  
  49152:yy9EAyp/5n7GmVWPipzf8htXcDjb2u2HeC7T+lC7IrIj:QnD32UxrIj
Score

1^/10
behavioral6
- Target
  
  IFXExporting.dll
- Size
  
  330KB
- MD5
  
  1882ca8eab0e605747c39c6ad71d352e
- SHA1
  
  65849ae62d939da5ff2fe5f3a7ed00e14a361031
- SHA256
  
  eeb954d58d68f5ae462da6bdf556f67093395f82334b7f059d9d882556b91fca
- SHA512
  
  1677233ec187f12498ca191f1313378443365a743d6af137b8f2824fefeecec3fda77c4e524c39998687dcf29ec822a42ba3c2e2316f7de220f213e78a04d407
- SSDEEP
  
  6144:PZZk8hsCTEtM0vwFpRSCBxhWytAAwUrH+qiwolReTyOyn3QPMEdtidyUp:BS8sCN0bCBxhWytAAwUrH+qiwo6TyOyF
Score

1^/10
behavioral7
- Target
  
  IFXScheduling.dll
- Size
  
  194KB
- MD5
  
  f260b50e3bc686a0f6e054c7e91e8fb1
- SHA1
  
  22bffc38a1f0836712f7f14c3770faad7cd195fb
- SHA256
  
  37341931edd01b5bb5c85c5f0b9c1ba49ae27e472e91146ca0f9c67bfd3c5ec0
- SHA512
  
  4859ab3c12e871c3799724087865b56563fe09a8b33b3c5de973744086aaa820cefdcfe337ad09d26803a9e344d34593a0b55627a93421c634c7de88cdcbbc9b
- SSDEEP
  
  3072:Nw0Gnf4AAE2E6kl4JNFoW5VVbw0iXPRblY8mdvwa59OvTIoxF:/GnfPA1ExlMPoiiXPRJTIk
Score

1^/10
behavioral8
- Target
  
  Qt5Core.dll
- Size
  
  5.7MB
- MD5
  
  70574698da8bf4ef806cbcdeba2af3c9
- SHA1
  
  8d45ff472a5df443b76b566c2681647c124b389f
- SHA256
  
  26cf6a5120498870345344d39bf498deb305bbfaadb20c9c986d8b322df85014
- SHA512
  
  ede8c09356493c721e7c90d50e25b53d17a4c94ef0b0aca2061c2db53d5f6b087ee74258cd0ba85988b9abf95d602c02289380519577f57d251ec807ca302465
- SSDEEP
  
  98304:GcirJylHYab/6bMJsv6tWKFdu9CLiZxqfg8gw/:xirJylHFb/QMJsv6tWKFdu9CL4xqfg81
Score

1^/10
behavioral9
- Target
  
  Qt5Gui.dll
- Size
  
  6.7MB
- MD5
  
  85390c12f32ed124a53820faba905db1
- SHA1
  
  2ed013d7de15607cf792fdfdf4c4be78033279b0
- SHA256
  
  145116c2517edf4346a73798c570e0ebccd9aa4b274f1d1b39c4da9d6a36341d
- SHA512
  
  c78e672eb6345e34460763fc9dd1d93d4055cc638dc8c9a283b63b5f619cede4005204371cf985b679bc874177aa0b48ddc49f79f9ae3afabd62970f29c56bf3
- SSDEEP
  
  49152:uVPhJZWVvpg+za3cFlc61j2VjBW77I4iNlmLPycNRncuUx24LLsXZFC6FOCfDt2e:0JZzI1ZR3U9Cxc22aDACInVc4k
Score

1^/10
behavioral10
- Target
  
  Qt5Network.dll
- Size
  
  1.3MB
- MD5
  
  af00d063fff428bd64c41b984b297e23
- SHA1
  
  4c6b407df7705fc71453d3819a87518275e3157a
- SHA256
  
  919b3bae67723e1f4be5b1d959944a693b040c79becc6e8387f57375fca92365
- SHA512
  
  c0d58b4eed3247f0c5591ec577c53740d93c28acf63a2dd891fb79529541869fd6225a63efc60b21291f65541dfa7cff8cdd900e6feda87cda2c966afa8200c1
- SSDEEP
  
  24576:BXPn73RXox1U9M0m+1ffSDY565RzHUY1iaRy95hdGehEW:l7hXU1U95m4ff9A5RviaRy9NGa
Score

1^/10
behavioral11
- Target
  
  Qt5OpenGL.dll
- Size
  
  314KB
- MD5
  
  8b8c369d1fc2fe653bf4cbdc705dce83
- SHA1
  
  6b5e21e3b9b501faa45b4cf7eaa60a0392a3d65e
- SHA256
  
  93211aa7c4b098a15ffa19016a31f0bdb9b880f84ebf06e07cbb3a2d26ae6771
- SHA512
  
  adea5f327f24317b4d57188cbe42cf6aad258d15d25ee62422a826ceddf09f93868fa2d4a9087d1f10e7af2233150d5f46a6cde7e47dea1abd16790bcc347af2
- SSDEEP
  
  6144:etqkKC7BjQV5eR1b+yRWsJQnNfckNI+STEDC4nkml+T/6qhdDqvJbb9K:YRFe5en+gWUCNTF9K
Score

1^/10
behavioral12
- Target
  
  Qt5Svg.dll
- Size
  
  324KB
- MD5
  
  64f7a3f0c994a720f3ec4d1e7dd10b94
- SHA1
  
  fe8a71eb4c39af24eea0afca44a1e1f770dd3a6a
- SHA256
  
  2ee059264ff577c74288849f3e111a63e72fae91b1a7e229b2eedb2c6929714c
- SHA512
  
  42a5c4cb0da3262ae27e83b39d1aa282ea8c12ea0c146757f88bd15fdd5c91f4aae3c293cd8a57fb1c80b8b5a6ac1765666f12d9fee48ae47cd7bf9eb331647c
- SSDEEP
  
  6144:qqLZcTC3wR/0JNZ+csBkBv0L0hq+SvcO8MsvwbIeblsjV:qqNcCwqHE2fYlsR
Score

1^/10
behavioral13
- Target
  
  Qt5Widgets.dll
- Size
  
  5.2MB
- MD5
  
  4eed3fad426472da7b6fa2b6243cee82
- SHA1
  
  354752db1ced78bff2b688e8c3ddc291c1a3d4a3
- SHA256
  
  21d857687777bbb0e8c85e270bc1272cb845c320ef2982b39601484c61e2cb06
- SHA512
  
  6aacb9660bb870f523416d286487ae90ac6516afa09ffe0f3562046269d56ec45920ab1adbeaf98dab372d086e453397e7f80d9cf637cafb89d7e5f6dcdb3fb1
- SSDEEP
  
  49152:7O+LIFYAPZtMym9RRQ7/KKIXSewIa/2Xqq1sfeOoKGOh6EwNmiHYYwBrK8KMlH0V:hGoKZdRqJD10rK8KMlH0gi5GX0oKl
Score

1^/10
behavioral14
- Target
  
  Qt5Xml.dll
- Size
  
  209KB
- MD5
  
  17e0b69b758c3d99be89fc55cf4c46ef
- SHA1
  
  d12593aeb932274b050e82db2dcce94ce5e58c28
- SHA256
  
  dd642014afdbebc5bf2a41c837059df94720f8a5d54fad25ca5507bd2ecab585
- SHA512
  
  9ef4c728f020695c2608472ae8ccf7540803ac5e2f3b36cd5c224e9c1807eca335baeb6cd0dcc55d3379d9ff6a2ceb38b8c789e453ce801033204552c8667551
- SSDEEP
  
  3072:4BLpK7i4eNHSb35XAE8vnIjmbjYDKGOUO2S/51YpdEH4pkg7/kFBJXT9t0rLqbr:kLpWi4eNyVAbvnIibjIGLepkpXTXSQr
Score

1^/10
behavioral15
- Target
  
  UseCPUOpenGL.exe
- Size
  
  4.7MB
- MD5
  
  52577da8c3b9ee97ec2e69bbe9331e7c
- SHA1
  
  3ef16d007db947b1dfd6ac9d777b8e0c63c6ea3b
- SHA256
  
  59e1c61abb75c1e7de4dbe0411a36401716ba9dea495f13ba62a7abbc4ad86eb
- SHA512
  
  4a58e774f9fd543cc020f86f52cd543dd1c970a47791a5a715e38f859d9c907f1314103bdd15df1037a82d22e22ad932517f8f4dec14dc5295fd1cefdd264994
- SSDEEP
  
  49152:sdxqizoG7fhBbK/GBKx165ra6cgipS5UpY6NtItAuSmebEejPkldd5fARXWcpoTm:TizR7fhBbKBx16Ba66tItE8UtWCW2
Score

1^/10
behavioral16
- Target
  
  bearer/qgenericbearer.dll
- Size
  
  53KB
- MD5
  
  154a4d60f7caf82365d1724a05fc9921
- SHA1
  
  ef3aa2dfd5655d192135824c7f02ed8d12d28f98
- SHA256
  
  ea49d701c93f21b79ae234fc732a381ff7c3dbfe6f89689f6a865d2a1bdbcb39
- SHA512
  
  91e319f1b16c900052c778003547adb5b7858762378d6665a290d94eaf18b861d2915345456ec8ff96298afc1ab5ac766d491d968dcddcbec5ec64af94442a2d
- SSDEEP
  
  768:PtgBFsai018AC7lelntxqh2L58IwggqXnuWjim1o7tFu9eibNDF44HHlGiRBEejH:FuFsai5le9uh2LmwgqQ76tbNDUiDmLO
Score

1^/10
behavioral17
- Target
  
  d3dcompiler_47.dll
- Size
  
  4.7MB
- MD5
  
  779d5eedb9bdced2193164abfe71147e
- SHA1
  
  9ea57d3bfd52a28e7314b5129761c2d21617ae1d
- SHA256
  
  f98a198ab455eec744eb3ee90e4609c7eeddaf4db7761eb94addf0093b169864
- SHA512
  
  91d20068eb93884f3cf882c3543c1d987c063afa2d23be08a941cd9948d3b9173fc5ce782c3d51d926a8383726a77ef976a52bba5cea095d26d9913e733f0a9c
- SSDEEP
  
  49152:kCZnRO4XyM53Rkq4ypQqdoRpmruVNYvkaRwvdiD0N+YEzI4og/RfzHLeHTRhFRNT:jG2QCwmHjnog/pzHAo/Aye
Score

1^/10
behavioral18
- Target
  
  embree4.dll
- Size
  
  34.6MB
- MD5
  
  0ed1c82e23aa9b9e807deab2a684e06d
- SHA1
  
  993c93592d483aad477f9710a1083b8cf79f4981
- SHA256
  
  e64d266a97842d37a50e3a10bb5c8a657b02a88f5aa741f0f8652ac40ba0c4dc
- SHA512
  
  b7e46ab59e3364b08c9fb0ecb0be56a686867c7187eb6fe6b3c787c029d26d57097a07caf13f70157bac5c5bed6d34b4f909ef9d889936ca7ce9379663ec9fed
- SSDEEP
  
  196608:ojgZPpkuFKUxRA63NC4AwUAxR/AZDmNp5pBA4BalHFgR0rW6ZSpuo:nxRA63NCKUAxRIZKTBaEB
Score

1^/10
behavioral19
- Target
  
  external-glew.dll
- Size
  
  496KB
- MD5
  
  1bedc25c28039bde74c5f79a53222878
- SHA1
  
  5aa60566e6920c9dcdf3278180989a43289e0261
- SHA256
  
  d857d8db4e7436856c3428bc617f17d7a33ad05ed7e98f32965b2db047d98e7c
- SHA512
  
  5e27324c8ffa3af5426cdd0eeaa4c7973ad9e2a578be8a0903e110e2ffeb589acb4e19785a7431c0d621b4ed2f273113c049f3610aa1f579fde3818ae1966669
- SSDEEP
  
  6144:xY2otOMCEzvKngs4FEtGTpz0km2AdSu0GW05TiZ3VyfJt4QqU4qoWoYKuV3BhQoc:xetNXKngWta20PZ0oAFJxl8
Score

1^/10
behavioral20
- Target
  
  external-lib3ds.dll
- Size
  
  118KB
- MD5
  
  da2ffa1f46e25d1687b5a3f66f516dcd
- SHA1
  
  c24497ba367ad07704a7f2e82d1f4302d1fd3911
- SHA256
  
  083b91dd0580af6685c93b7e5f75172f44eebeba27cf08de53681cdbe50fcc50
- SHA512
  
  2ed880f3f878b730e934d1f02dbfd2e3fbdb79f7ef744e74a488eb382c707be4ec79482ff5f2b8a4be8a5e638bf425777d50e008711a1e13915df3ffa66d31c7
- SSDEEP
  
  3072:VLfQTE0/lHazspXa0m8yYiJL1qEeaORQOCRpai4/a4U/ed788:VTQAupXah8yYiJQzdCKC4ldt
Score

1^/10
behavioral21
- Target
  
  iconengines/qsvgicon.dll
- Size
  
  42KB
- MD5
  
  70a7945cab2a9840f9248e9496d3d599
- SHA1
  
  cedf14a1fc63f216947eee8fa673e4285232f28a
- SHA256
  
  a5fa1a83711884b8cbcde6a6220209bb62c92f8bbec864cd75d6b8eee82b3a60
- SHA512
  
  464f2117f95169688900a610a287f5e1057746e63845eb2c2660833a78fc4db3603f3eb7f2eefbf0e037445d4b95a73394957d23cd8113887947a72bc8bcadb5
- SSDEEP
  
  768:MPs5g31JfDgej5JZmA0ZsEEC6lmn+48F44HHlGiRBEe/sG35G:MkC31ee7ZmA+sEEC6lmn+4cUiDX8
Score

1^/10
behavioral22
- Target
  
  imageformats/qgif.dll
- Size
  
  39KB
- MD5
  
  c6a1547645d11ad37821326bfc06e64c
- SHA1
  
  05704491bc812d3ad6c45c6c5e51ffbabd8c4fcc
- SHA256
  
  fb456bfc36017dce666319de66e7ef59e922e89b03dc20590ac7e868fd71d247
- SHA512
  
  62872a42506251e61f01da9d3ff6b2c4497a0138f7c070692c79a79e6f695f17ff1e277e9cd196e05df1fc8daeb240b6d3b7e033785bcbd0f9f6fbd867d957c6
- SSDEEP
  
  768:rgk2hM0GskFtvPCjEIxh8eDzFyPddeeGvnhHXF44HHlGiRBEe054:rN2a05kfPOEMaeDzFkddeFnhHHUiDC54
Score

1^/10
behavioral23
- Target
  
  imageformats/qicns.dll
- Size
  
  45KB
- MD5
  
  4aec8b531aaea9b3c51007a35f9c6497
- SHA1
  
  759d7e2fcfc3a0272f467c8e15f0aa34ac06e7c0
- SHA256
  
  2cdaed96de97e57124c0ba42af93442a6a9a283a2cf9d03d81f0afbc767adc2c
- SHA512
  
  28d93a666067a69c06c8b8b737731e9fa31d7897a2600c41f2c5ab1c7509fecaf399c3d2031156937d31478a0abfb908bd823698bc047a6a4eccacfe974314d1
- SSDEEP
  
  768:1Eip0IlhxTDxut3dnm8IyAmQQ3ydJouEAkNypTAO0tfC3apmxF44HHlGiRBEeB:1xvXxgVIyA23ydJlEATpTAO0tfCKpmND
Score

1^/10
behavioral24
- Target
  
  imageformats/qico.dll
- Size
  
  38KB
- MD5
  
  836304b6c01501b772d78737b4002b1a
- SHA1
  
  6f4d944e9867c2761fe9732fdf057ee1805b27d9
- SHA256
  
  ab2f5398ac149864d9199e9825e75d72d7cd3c5c2520e3475210028225d7f4c4
- SHA512
  
  7aa23899821b09c89dff7dfd33b405b7a02416097608bd8ed5222d4d8db8ff55ac1bb89b0f6756aa72d765ed71cb9f2417c0555075e3444ada2e85acf1362e7c
- SSDEEP
  
  768:UBXBEfQiAzC9Oh5AS7a3Z5OGrTDeV9mp7nnsLF44HHlGiRBEeNa:nJAzuOhy3zOGrTDeV9mp7nnsbUiDe
Score

1^/10
behavioral25
- Target
  
  imageformats/qjpeg.dll
- Size
  
  412KB
- MD5
  
  618e43492f748ac7622983b5cbf10d4c
- SHA1
  
  b4f8e4b261e7a044ccc105f56f973fcd95c7d161
- SHA256
  
  44f3da8bcd7dd520ec457fd1ca7d792432d121c7a328d92137e36e2875139f76
- SHA512
  
  a9c5590d0ff95e99f20bc9b77944063a754d2d0c0ce5bff85e42709e660903c53cdb95e3a813912a141435fa7ed55bc6705d7499943d4af1a537fb298a208128
- SSDEEP
  
  6144:5SgOWz1eW38u9tyh6fpGUasBKTrsXWwMmH1l3JM5hn0uEfk:5SPQTnastBRk
Score

1^/10
behavioral26
- Target
  
  imageformats/qsvg.dll
- Size
  
  32KB
- MD5
  
  c1d4409be1c9872bf9229a141678c79a
- SHA1
  
  050b2792876156930e776c929cdc6aa45c604e42
- SHA256
  
  8cb5f4ce48029d3f42b322f8d8968b0757ef5eb6604eb4c2dfb3da0859b39ed1
- SHA512
  
  e6a33c7e1aa71db254028b86ebdf1833478e5a5d258cb73303e749a0bef3ee6f9862efb5dfec9033bf179bf20de2d926e8cb06016ef04d9da8ab2ee11b1f5467
- SSDEEP
  
  768:VOVKDlJJVlTuLiMtsKVG7TfF44HHlGiRBEedruP:wVgJVlTuL/tsKVG7T/UiDPU
Score

1^/10
behavioral27
- Target
  
  imageformats/qtga.dll
- Size
  
  32KB
- MD5
  
  7e17dc25426522e648f65002bf12f73c
- SHA1
  
  cfee13d35eea2e3f23e5e5f0c206b7873a4eed75
- SHA256
  
  1ef2aa49200718d2bd246e776728c0aad837744069bdb773710fbc630eb31cf8
- SHA512
  
  a73a0078d845f774121eadb65d754fe69d471aa486e264c7d7241c9d077f48c71bae885bbed6434747cce3d6cf0ffeceac22b640b3bb6e68da28c3fc037e21b1
- SSDEEP
  
  768:QlGALluUEAQATWQ79Z2Y8ArrF44HHlGiRBEeD+:mZl/EH8WQ794Y8Ar7UiDZ+
Score

1^/10
behavioral28
- Target
  
  styles/qwindowsvistastyle.dll
- Size
  
  142KB
- MD5
  
  010b8656a0c71b44f8822d1568a378f9
- SHA1
  
  7a0e57fa34c36aa76e5cef06d78be7f4f1661d82
- SHA256
  
  74a4f3aef0e3b7bbdd57cd4047123fc9a22cc5599a09cbd3c6aca838babccc38
- SHA512
  
  7345c459619622a7d18a7356a5f27e2eb535897deff5f2a2f97c768b81400ed35a7ff43271236ef1ff31b6ea277a44094c33283b850d066eb1094ca6a4873e2e
- SSDEEP
  
  3072:CrjwZ43rCOtrBk7wcR0l7wBlaL6BtIEt51T0Nhkqg8FoK+:whZu9R0l7wFBtIEt51T0Nuqg8s
Score

1^/10
behavioral29
- Target
  
  tbb12.dll
- Size
  
  1.1MB
- MD5
  
  57adba91255c42b65cb2e9667aadd7ae
- SHA1
  
  f6effc5d9abda33a7890ae4642a00d35e0541af9
- SHA256
  
  c93833238b17ba981977d749081e039cec447dad59b104cafc1850ec639da30b
- SHA512
  
  2a2c3b78ccf7dda234ea0dcdb4e698edc82f8ac98efa8de4ce1b7790c207cc940849f6e7907ecc0b5df82e5d01418069a0cea5ebb544c726210d7947f6ec791e
- SSDEEP
  
  24576:Vg0QoqypaYC8/1T8NWUQfc2ehAb+Z7ECdSf:+dqaD21QNWUlm+Z7Enf
Score

1^/10
behavioral30
- Target
  
  vc_redist.x64.exe
- Size
  
  24.2MB
- MD5
  
  69960c62391177713eadbc012fc72ffb
- SHA1
  
  af776917ece02824932856806d3b936585eea65a
- SHA256
  
  4c2656110e7d8238d8fc645511ca44ff685bc7d5a645e1a8142c80e109c1e665
- SHA512
  
  599b272571b9bde45f58113b5e84f712f711e23ceaf63ca0056ba485b98ceb6fda26969177b6effcb59727dde3e20ae4b508341eeb6e5fb6e1e07bc46601a8e5
- SSDEEP
  
  786432:Trp+Ty2SfUfnbu+zMFy/7zYgWXRLTArzttOaaF3:np+Ty2SfWnPzMFO7zYgWBLbF3
Score

4^/10

discovery
behavioral31
- Target
  
  xerces-c_3_2.dll
- Size
  
  3.0MB
- MD5
  
  e50f65cc268661c85f1d27466340fa2a
- SHA1
  
  c8d26d6af904d6713f5cd4123747d57d296b0166
- SHA256
  
  5b6b0064ec18539ae41ac9f46b5890725fa9672efcf594675b6028adf42eaca8
- SHA512
  
  43e6378e2aba344f88b12c0726bed64b082ab8b85be211b37d64c3d40b566247333ddd87f042f9304ab719d67211c858cdd62cc7d08f2001107b63ddf2a6c2c3
- SSDEEP
  
  24576:o9NEG/ud9WLLBgbrvIJViIP389u8lAbZHiM1JD2Gkt4eFzV68tUs2zxZ:guGI9WLLWnvePIu8liZfz2Gc4eRnUhZ
Score

1^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Adds Run key to start application

Blocklisted process makes network request

Enumerates connected drives

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32