bf9f383bd10ca183ccf932eb42f55b47403164b21cf17df3efd9508db38d3960

Resubmissions

08-05-2024 18:47

240508-xe74fahf4y 7

08-05-2024 18:39

240508-xamlyabh63 7

Sharing

Copy URL

Twitter E-mail

General

Target

WLmouseGM_V0109.exe
Size

32.4MB
Sample

240508-xe74fahf4y
MD5

3830f5ff021af01765d23d4fac6daa98
SHA1

66648cc19bf8e0275b347af7d52aaff270a26fe7
SHA256

bf9f383bd10ca183ccf932eb42f55b47403164b21cf17df3efd9508db38d3960
SHA512

23d8a92ea2b0540bfb2d8d7c61292fce05ef2c6d88099d143032913e18b0d4b5d4054bc4c4c40002bc889429b83fce9ccdfbeef608b73c4a14a3500f762cb6e9
SSDEEP

786432:TZ7RLKhz6x7f2l84Pa2KERgulK2WJDqENHE+tkZn14ZIjxjukzyKbynM:VR5df2l8ua2dRcDqENk2A+k0QuM

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  WLmouseGM_V0109.exe
- Size
  
  32.4MB
- MD5
  
  3830f5ff021af01765d23d4fac6daa98
- SHA1
  
  66648cc19bf8e0275b347af7d52aaff270a26fe7
- SHA256
  
  bf9f383bd10ca183ccf932eb42f55b47403164b21cf17df3efd9508db38d3960
- SHA512
  
  23d8a92ea2b0540bfb2d8d7c61292fce05ef2c6d88099d143032913e18b0d4b5d4054bc4c4c40002bc889429b83fce9ccdfbeef608b73c4a14a3500f762cb6e9
- SSDEEP
  
  786432:TZ7RLKhz6x7f2l84Pa2KERgulK2WJDqENHE+tkZn14ZIjxjukzyKbynM:VR5df2l8ua2dRcDqENk2A+k0QuM
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/BgWorker.dll
- Size
  
  2KB
- MD5
  
  33ec04738007e665059cf40bc0f0c22b
- SHA1
  
  4196759a922e333d9b17bda5369f14c33cd5e3bc
- SHA256
  
  50f735ab8f3473423e6873d628150bbc0777be7b4f6405247cddf22bb00fb6be
- SHA512
  
  2318b01f0c2f2f021a618ca3e6e5c24a94df5d00154766b77160203b8b0a177c8581c7b688ffe69be93a69bc7fd06b8a589844d42447f5060fb4bcf94d8a9aef
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  bf712f32249029466fa86756f5546950
- SHA1
  
  75ac4dc4808ac148ddd78f6b89a51afbd4091c2e
- SHA256
  
  7851cb12fa4131f1fee5de390d650ef65cac561279f1cfe70ad16cc9780210af
- SHA512
  
  13f69959b28416e0b8811c962a49309dca3f048a165457051a28a3eb51377dcaf99a15e86d7eee8f867a9e25ecf8c44da370ac8f530eeae7b5252eaba64b96f4
- SSDEEP
  
  192:0N2gQuUwXzioj4KALV2upWzVd7q1QDXEbBZ8KxHdGzyS/Kx:rJoiO8V2upW7vQjS/
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/nsNiuniuSkin.dll
- Size
  
  896KB
- MD5
  
  1834fd72e6a7387749d014a30b53d6ac
- SHA1
  
  e6c51f9f578e86e376501fc08f6d80cfe11bdb52
- SHA256
  
  148cb136ff5ae9711ddb869b5f22065ee89e13eaf5081ce39c07dbe89ccd97b7
- SHA512
  
  c8247a7916c718311a0f458cbb2133d77e3950609bb2c4b9470a9a7725a1d4d595422fb8c3c42f34629fd045675c72b221fee26a5188b9df4a0f3099857ec204
- SSDEEP
  
  24576:/pIQCUFPxa+iDkpxMJIpgT62mQh8lZIn:oUFPxarJICm25oZE
Score

1^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/nsis7zU.dll
- Size
  
  313KB
- MD5
  
  06a47571ac922f82c098622b2f5f6f63
- SHA1
  
  8a581c33b7f2029c41edaad55d024fc0d2d7c427
- SHA256
  
  e4ab3064f2e094910ae80104ef9d371ccb74ebbeeed592582cf099acd83f5fe9
- SHA512
  
  04b3d18042f1faa536e1393179f412a5644d2cf691fbc14970f79df5c0594eeedb0826b495807a3243f27aaa0380423c1f975fe857f32e057309bb3f2a529a83
- SSDEEP
  
  6144:rA9ssOlBrbYr5UP4m3mC/FvBbhQ1JzI+yQKiJGxdNtsm0:r2S165UP4mL/FvBtC8zQdSDmm0
Score

3^/10
behavioral10 behavioral9
- Target
  
  DuiLib.dll
- Size
  
  1.5MB
- MD5
  
  c5f786f40704dbcf8cc4fac8fa9be367
- SHA1
  
  fe981a98a81cbcee94c28e68997da765214350f4
- SHA256
  
  9a9ccc43a64136d1e4c7bde22725f1b24860892f1491443e890963d7b3c6312a
- SHA512
  
  22b88281de2ad906b80fa8285d14e5784ce18557759fe0be13cc91c4e88d611c2318013b73807867e7bc6a86d76bc0ba5e774d6bbe8c09182bca9d60fe6d7386
- SSDEEP
  
  24576:/fDo3YQNFQzdDiXTZZ5rCthIFjCF5i/qT/+0Kt7r:DoTSaTBrCtKFj4aN0Kt7
Score

3^/10
behavioral11 behavioral12
- Target
  
  HookDLL.dll
- Size
  
  44KB
- MD5
  
  1fd575a0b0ff4e5648f6552eaa6dd10b
- SHA1
  
  38c63be2d74fdf8fbe002ea513e2f4d42a40f908
- SHA256
  
  9ab5e1ccff616db6e9a7d571b1d932953abadf85a489194827aee8326e436b12
- SHA512
  
  c6586e43fa3d0c9be6b7fa7a5c69032af8789f861d4ee6b3de7e019ee54e7f9a392dfcd70c52e7cf30608093c60e8aa6fab46b481b4204323febef6102f5656e
- SSDEEP
  
  768:A0MxliBRt2uw294n0Guc7TVrDh9VGgXZ8n+19Yl5C5pYtd4F5i5klWantEDodvyk:ALu92Z7TVB9Vd2
Score

1^/10
behavioral13 behavioral14
- Target
  
  SDK/x64/vista/osConfLib.dll
- Size
  
  250KB
- MD5
  
  4ab0fcf586cf65c22a273df0d1a30380
- SHA1
  
  375318b2319d97eca36794e888913e54bb9a767a
- SHA256
  
  20c58530e75179529fc7af38141730cd77815251cb94f5dee296790a0d9ea3b6
- SHA512
  
  7e42ab21c4eda0faf1860696bf02ab533f41be2e7c85e4ecf72695fe6acd40ed6257770a1c97e918604a30bee5804ca5393736559d3886a42e4b4226f535503f
- SSDEEP
  
  6144:/SGC2ZCT2VO2Cr3ndhZd2fnjtEe1vtUE6I55Wdi8v:/Sb2ZCT2VO2CzP2fhjtUhI5Gd
Score

1^/10
behavioral15 behavioral16
- Target
  
  SDK/x86/vista/osConfLib.dll
- Size
  
  236KB
- MD5
  
  7949df4e02ba69f8eed0fc7059b1f96c
- SHA1
  
  328b134d3f4f12133d927910a34ce0f123c5f7f7
- SHA256
  
  b3997b03c2f842386af172cb96c2c63af4e5a69dfe07693646e5c23764a52127
- SHA512
  
  2b242905a2e22a699ac4ef39f3a25b19e077a6c1b0962c6436ee3bbdb45dfa0b9bad36f56e63076320737faacf4b9fc1773c02f7263b91f49f993308781081cc
- SSDEEP
  
  6144:bG4uJVVrV1+ZXp+0ob9j1lIu7ZpuAOCpi:bG4udfUpZob9jIu7ZUZ
Score

1^/10
behavioral17 behavioral18
- Target
  
  WLmouse.exe
- Size
  
  3.7MB
- MD5
  
  decb6443484a88f8ef8c75b44b940755
- SHA1
  
  d21d646ce3936aadd917a8c0452cb0e08fae2d70
- SHA256
  
  74bbd98ccb71c95fdeb1c6ba1e9598684269f036c8d55dacfeaef65b12188a50
- SHA512
  
  37af9d04ae3a4f37f27c5d3bc67f0352ce17ea559f8e957483774f24d89345d83ae31ac82518ba371cfc8cb62d473cd3d5ba02662e14360429323bdf81e47335
- SSDEEP
  
  98304:xbPpDssZhNvZbEySeaMlXjdlVRmBxg89D7v:lPpDssZFgySBMXHWg89
Score

1^/10
behavioral19 behavioral20
- Target
  
  opencv_ffmpeg320.dll
- Size
  
  15.7MB
- MD5
  
  f081abd9d6ca7e425d340ce586f9c090
- SHA1
  
  7cf57b7e8ffc6fe9ef183bb2944062814000ed36
- SHA256
  
  c2573fbeb40156436ab64e8bf3df960bb8b237001b7a1402086b9714afb6d72f
- SHA512
  
  ed00878d52ae072fc357cf4b8b25a8e76bcc678df1d6a163ddbe9a0589222ac06965d63b8747d92953d227301ce8f740c436582de281b592b1a00f42510c0b5c
- SSDEEP
  
  196608:QCa2sOybspcrhVA2VooSZp8t8uF7jou83iAq/JMNjMDastAXZpxVy+oPkGZgqf4f:pQAj+Vt61AsEKeuXkpfQ
Score

3^/10
behavioral21 behavioral22
- Target
  
  opencv_world320.dll
- Size
  
  32.8MB
- MD5
  
  07220e8cd7c52c44ed9e7fce22093bce
- SHA1
  
  1af9cb70609744cb74b249d70333690694fee4d5
- SHA256
  
  7426a67e2c486b8eca586ef7b3ee0b11e28031a81771baa55036d3e683db76c1
- SHA512
  
  1ca784c6522766705372c9703dda9e83a4aa3adf8e34dc46023991a3254fbe1d8b4eb7204896b21d34525f3d2811a7aece6a8e3621156bba7c65fb9e0929d75e
- SSDEEP
  
  786432:XFdFbmuECTGUleQB0zRFFin0+/wL4ZsC:1dFbmu1GinB0zRFFin0+/wL4Z
Score

3^/10
behavioral23 behavioral24
- Target
  
  opencv_world320d.dll
- Size
  
  48.7MB
- MD5
  
  cd7b4932b70603a90475dc4c7e0bb389
- SHA1
  
  3d0dc0ee521cce0b7c37e68e9b099fd37694eb59
- SHA256
  
  a81989b1d7d77b8db2cebe26344dd0fe00aa2bb78ddcb6f11fc70dc3d4a26e43
- SHA512
  
  653ff36faabff57f448f1a2935a93ad866e9d8f00f05dd5cef84e39576348b89f5f415b442e94f7ab3e383ecce94b4eda486a36b067ab6d4d6f8e7a94cdbebed
- SSDEEP
  
  786432:sCL7LaFicmY6rekzJ/VMe8mb0ivqTDhbbF:s07LaFiyGekzJ/VMe8mb0ivqTDhbbF
Score

1^/10
behavioral25 behavioral26

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Checks installed software on the system

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26