privateloader

Resubmissions

11/05/2024, 14:52

240511-r85bracd3t 10

11/05/2024, 13:58

240511-q9yd6aaf41 10

11/05/2024, 13:56

240511-q8qb6add92 10

Sharing

Copy URL Twitter E-mail

General

Target

lime3ds-2111-windows-msvc.zip
Size

46.6MB
Sample

240511-q9yd6aaf41
MD5

56a1b73611f1a21d2288bdc449a2d2ed
SHA1

7afba59939e9334831375d07032937331bbabe91
SHA256

ae514f7c969590e9236627551fc09d15c052dbc5f7b72d6d98f81f3c5c6a2fad
SHA512

c070c3492f8260cb82e47d2041e2122bd7efe29ab0463409f63bf38ec911da13ce14f935146583bc2abe1bdda8d5f9246c8e42d8217e7bb9501abe7aa891c29d
SSDEEP

786432:58PmEjjIZ274VujXUKNtCWHecJSX0LF1gp8JopzV8kekD2GCbTWZfJtwZ7zBMniu:52m2j0HobBhecpZY8OxhB4/+h0SniYUS

Score

10^/10

privateloader loader

Malware Config

Targets

- Target
  
  lime3ds-2111-windows-msvc\Qt6Concurrent.dll
- Size
  
  34KB
- MD5
  
  e9072e2282fc48ece4dab6a9590766ee
- SHA1
  
  4ef82900aed709855d6482d6c226b8942cf2abc1
- SHA256
  
  6c7fcc2536fda49612bd38bf84f4cf5ea0faa0ea0aefca291526b7647e43a74e
- SHA512
  
  bdf48b98dd2a106817a459d8a0739e01dce6b6de43a356ac450133d38c5b87ef93dbcc029a6a7991cdddc6d89cdf6545c3e5c1235309d3aa9d397a9da6ce35c8
- SSDEEP
  
  768:tIyfCzslzX7l8IbrRKD+9gKxnVbGYJlPbNX:rf2slXlvbrRKy9gKxngeP5
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2
- Target
  
  lime3ds-2111-windows-msvc\Qt6Core.dll
- Size
  
  6.1MB
- MD5
  
  95f9304e28f9dc888dc4f834d3197054
- SHA1
  
  310f6a10b5ec4e33251ba0f73cf0f94e356c150c
- SHA256
  
  553bd299ad4a7e210b9547b91b0c09f8a9039cde3a606ca825e2a886559d1bfd
- SHA512
  
  511d76667cc42687e6e8ddc40cee175bb4c797229b1f1c610b8cd6e5696eb059a1721905b169542f5279a57407c96a3d7ee323fdf4ed0031da71acd360d9221b
- SSDEEP
  
  98304:mmhw2E8CrwI00fUtC9KFdu9CwJsv6tQR6/3DTj:m98CrrpVKFdu9CwJsv6tQM/3vj
Score

1^/10
behavioral3 behavioral4
- Target
  
  lime3ds-2111-windows-msvc\Qt6Gui.dll
- Size
  
  8.6MB
- MD5
  
  3c3285846ee0d9929e77b01479ec3dd5
- SHA1
  
  00db0e7075191e4faddbb5a3d25dde0f08d595b8
- SHA256
  
  17bef5f5b842e27c8b3cabd686882c5b909a8cf9d5590f0b10ee2fb2fdf8ca80
- SHA512
  
  741280858ee2e7fd891fccc80d05ba18c5e8af2fb3874c85b263416f217c60abec82ac081f4230b4e42248480d9f22bb362d6b91fb3030ec1f282e13ba381240
- SSDEEP
  
  98304:9E924xTDWCqMqHRMPadRA72Dpj/UyDNXnzq69/:9k61lR2aFpj/RDN3zz/
Score

1^/10
behavioral5 behavioral6
- Target
  
  lime3ds-2111-windows-msvc\Qt6Multimedia.dll
- Size
  
  836KB
- MD5
  
  d05bf6023ae224805805e354b662a44b
- SHA1
  
  49813c8467cc117959c312b8fd3c1b84adba9c69
- SHA256
  
  a445297b2fd9f5d771d5642e1b3d8a6a057f6fd6c585fd06699825ee33034a26
- SHA512
  
  6b2a769cd58ab9509f6a26ab918e93f87566590c24e301624e9c6edc7622723d769f7d821e536f579c46e8787ce5bb82724ab5db5ba009a3e889c339174bc6e2
- SSDEEP
  
  12288:PreViWYKevcyQZwoLF0Otsi7Dym0PTMFaWkdCiIYSVnvhhMQbW:PrYYzvHToLFftsifym0P+aWR/YSVnvDW
Score

1^/10
behavioral7 behavioral8
- Target
  
  lime3ds-2111-windows-msvc\Qt6Network.dll
- Size
  
  1.7MB
- MD5
  
  e05d28f921fe1771751db403176b860d
- SHA1
  
  16a5a2d5bd9e330e0887b48627eac3452eec90c8
- SHA256
  
  62e28da33b5eced1bcd4c7faf639228a31777cc3415523bf36a574bc63c64725
- SHA512
  
  7a055f527ccf9ee09b39dd289253bde82a854b9316caef6869df0ee7735edff344ff307843ced6ef59fe7b54a1038c8edd85ed5497d539c43f9cf2d36d784fbe
- SSDEEP
  
  24576:UjCGhBQKHDYyIwYDc6Ej/yq7TUCXeJ9yVMxEUdHQe:UjCSBQKjNIvDcxj/NUCIU6Tdv
Score

1^/10
behavioral10 behavioral9
- Target
  
  lime3ds-2111-windows-msvc\Qt6Svg.dll
- Size
  
  490KB
- MD5
  
  dc691d1cee5d6e8a33669354b1ac97e0
- SHA1
  
  65475293b205c9c3e98adf30933b0f11ed94fc59
- SHA256
  
  553276e9d806553d3a97d883f436a5ebb67948287551e5c52aa312caee0c13f2
- SHA512
  
  a09027e34dc62a351d3f0883f55ea52dc5333126f53cfe22d10902dc94d8f2a35e52b9ec5d119a21bec23edc142ad5a23d218699102ea71ae7eb5df907a4792d
- SSDEEP
  
  6144:00R+iUapzxxx4xFHQc+psCzEn8vD1PP5+NrFd77arF+hXJGLcznkJXRbfCB75rZT:00R1pgHEZzEqVPOx76F+icVfnLZ
Score

1^/10
behavioral11 behavioral12
- Target
  
  lime3ds-2111-windows-msvc\Qt6Widgets.dll
- Size
  
  6.3MB
- MD5
  
  1efb7cea6ff171d064e37ff633d16ad1
- SHA1
  
  1593d3985a81e7bf678dee9f80242145f948f83b
- SHA256
  
  cbc049c66e696523453b23b37c4df6257b71bbbe322f7f51672011a2fb8576b0
- SHA512
  
  da328c449a8cfb0e9f680720e9e4c85ac3415f7477d5147e3ce72745fe18054ecf7da5b2edff99bf26bb88a174ecf19d99669fdd115be9f31b698251a2dc8868
- SSDEEP
  
  98304:SMEwI5FtOOsogX6U9eMkACmB+89ZzA0TBEvZ7eC679:S9wI5FIogXLzkACmB+89aaKxA
Score

1^/10
behavioral13 behavioral14
- Target
  
  lime3ds-2111-windows-msvc\avcodec-60.dll
- Size
  
  12.2MB
- MD5
  
  a597143521566a9deb230779eed762ad
- SHA1
  
  a6bc0a32a42a6dbe9d7d25f4a9c9959ebe079157
- SHA256
  
  aa935491194f228be3d6bf0a471b837b9e17b1437d85c32de14fdd87793b2eb5
- SHA512
  
  a057bda7cd4ff95f0e79b1e487fcb0b94fa4fa6fcd14384b1fb80c618c70b4fe27b5a6bea0b21f28b251e8b8b348639bf3c6743b8825b779e81da6dec3dd1c5a
- SSDEEP
  
  196608:+2OMOKj4vW05k0p0jNIFMPqsucQ32fOhYa6:QMDjF067WfsucQ328i
Score

1^/10
behavioral15 behavioral16
- Target
  
  lime3ds-2111-windows-msvc\avformat-60.dll
- Size
  
  2.4MB
- MD5
  
  c7bdd6cc5f8f17fdd00f8c9d35a4ab3f
- SHA1
  
  6b36313aec9f829d976158a4f181bfbd56b95c3a
- SHA256
  
  dc52fa11d72a768f353384ec923788877e0012c64cca7017c54137dcee245d80
- SHA512
  
  1a9309a0f5ffbb15da30f5b4fbac6e4993fcd12cc11e149f08d9c0df8833c589d14177674a5cff7d30bb3ee4f296703cb9c1067a1ac712061528d16d0486a342
- SSDEEP
  
  49152:RDBYBDE5tkWtgMuciN7BIEb6hVk/aWRl4KtfCQ8JDY9zV:+AKf7YoaWL4KtfK+V
Score

1^/10
behavioral17 behavioral18
- Target
  
  lime3ds-2111-windows-msvc\avutil-58.dll
- Size
  
  1.1MB
- MD5
  
  9127d0bc3303eaac791ef28003e78d9b
- SHA1
  
  409761621a49e81901d32d7baf4bebb99acd0a67
- SHA256
  
  299ce031550cc96fcf65c7062aad4ded6dce881d6fcec89bce1d41c907c79732
- SHA512
  
  138840c67d9be96be0b4ed6c8ce44fdef3284597f7b49a9b126562383bf39103309556700f20ed4236198d5c4d90182b5d283fafa7776f5720b5916406f57f34
- SSDEEP
  
  12288:cPUSmqd8Uo0CHkBi3y9OmMlpftKFqEhspYgptNJqVXldo+RbMTxGLGdkG:cPUSDd8USi8mMlpFKFqEhRg+xz+uGdF
Score

1^/10
behavioral19 behavioral20
- Target
  
  lime3ds-2111-windows-msvc\dxcompiler.dll
- Size
  
  12.0MB
- MD5
  
  11aa1b50ba743526ffb0aa4b8a061c90
- SHA1
  
  3b24ed3d439c455d68b2ccb17be2036bd7e68bb0
- SHA256
  
  fa456caa77884204882e3812cfd4765041feef1572e9ed968fb4caaf37201ab4
- SHA512
  
  878ec04a8d757ecca23213929ceec3943d3fd4d0e7f21902c368230e60f36427816b99554c7b2088c836c08d53b4be0c29a5f5d670899a5e8189eaac77cab1a3
- SSDEEP
  
  393216:wZ60ouiB159/qH4FSu5MRwfUcIxCaSA6twbj:WILnXIIaSALH
Score

1^/10
behavioral21
- Target
  
  lime3ds-2111-windows-msvc\dxil.dll
- Size
  
  1.4MB
- MD5
  
  a3df79fa3f83f2d476b5c2e6f326a26c
- SHA1
  
  15e082ee48e9bf748678b38109e7dfd6881c2656
- SHA256
  
  055b1cdf0de504cd0c8aa828208c0394252c9ca84744819b1410a065b187bf1d
- SHA512
  
  6de1d2f0a0b0d303a53eb519108cae252093ef3f8d990ed9147f1fb9c0e6def5a127c1ac20dcf993b6679a79b513d8cf07aaa3acc8e686b4d8badcb62ac36a91
- SSDEEP
  
  24576:eCfhbh3v3mtZDiAQeWj26k41ob2nrZ1rqpegQDJqoZtp22GkmgA9u808jQPEdkrU:eCfhbh3v3mtEAQrW41obCraeRhy9ou6m
Score

1^/10
behavioral22
- Target
  
  lime3ds-2111-windows-msvc\lime-qt.exe
- Size
  
  28.9MB
- MD5
  
  62efbcc916ce8eaa68d1b0efb6c9c8de
- SHA1
  
  c1c77ff9a79400aafd06bf764479c069c86057d1
- SHA256
  
  3ebdf3ab314743268dce2b87623b65a8c4d3c44c3e4bfb5e9b4c9e6a61d4c799
- SHA512
  
  d8f9a23edbe7c41253e7cba6b921cf8bab1a6c219744a8711562ce2864914cf735f4025473eb75902185a55481f894ef549daa904cfc1a01c63bc475efa20b11
- SSDEEP
  
  393216:xIxj1SgCqvmckTQwOoyWYF8TWO9Ws6myD+iwglU4AduuEcJeP9WMWNCgRkEKHzY:xwL0UUg
Score

10^/10

privateloader loader
- PrivateLoader
  PrivateLoader is a downloader sold as a pay-per-install malware distribution service.
  loader privateloader
behavioral23 behavioral24
- Target
  
  lime3ds-2111-windows-msvc\lime-room.exe
- Size
  
  2.7MB
- MD5
  
  91be0d8d1e6474afb01b943dae824b84
- SHA1
  
  e0ff6465a92c108e16e315870e63343f8c1cbff3
- SHA256
  
  c11a03715e10de172f953dc223a7324a4b06a598cc1623d6a9b3c76ca0569cbf
- SHA512
  
  f43d36fdc7b9b8a538f3e13b7128aa93400cf6ddfd064516537b4594f9ee8ca7d5a4e2a4be6ef1523deb80d41e7e0e70d2f82af89104cedf8f471d6dd7ba6ae3
- SSDEEP
  
  49152:sZFk7AdbtlpEMRlpOZqyo63vQcNSy4hEgnIKb6bRPr/5qePbLSlNxvdgHOlf:s1ryMBErKb6b9/pUdg
Score

1^/10
behavioral25 behavioral26
- Target
  
  lime3ds-2111-windows-msvc\lime.exe
- Size
  
  24.2MB
- MD5
  
  9fad5b7d16614c86416b039f9da8b4a0
- SHA1
  
  6209f3aae5968025d89d6a6ded7700d406929d49
- SHA256
  
  89021a32366df01ab1880e1f21293487fa92bd96e7d7b71288c98806b4a1a0f1
- SHA512
  
  7d70577075e8c97af03f26a892ba0163cc691ccc7e27157e0063bb73b0d3b6521229189c21ac395fde4629611634b2dc8d1c9047a42e5dd4628120b83274ffc7
- SSDEEP
  
  393216:WDn6Zj8TVkUz+qNIDJc1AulL+7X1CO+PrfzUecHPHu6rqHA5joj9N/hOhKS/bV31:Nwhp8buVbg
Score

1^/10
behavioral27 behavioral28
- Target
  
  lime3ds-2111-windows-msvc\plugins\generic\qtuiotouchplugin.dll
- Size
  
  99KB
- MD5
  
  5f95b52c6dc79173e17c4dcd10aed928
- SHA1
  
  e94e87ce48d9bbb580bdb52b8d2c00abbfa7a6b7
- SHA256
  
  97c88d3d4efcaecbcdb5b21560748a3c093cd3db3a1c19eb11907e8480be359f
- SHA512
  
  e7161654823dc541555908b559675127d83b6dd335531b1171c792fd42decc93a1259b749061ab8d078681f415032cb89c315321ed6ca2f797fcf0a4309f3a63
- SSDEEP
  
  1536:VnaQEGagUW+l4aVEJKy2HWN5RBAw9Lg3kUdcDKpyG+ZGr3LCT2DJzL/0gKxnger:RaIUJz+syl5RBPVWk0cDc6ZKW2DtdKn
Score

1^/10
behavioral29 behavioral30
- Target
  
  lime3ds-2111-windows-msvc\plugins\iconengines\qsvgicon.dll
- Size
  
  70KB
- MD5
  
  bb92a6c6d3f5667ce406a3019643325d
- SHA1
  
  ee30455343185564e9912bde8bc66a9a50f495f0
- SHA256
  
  d0c5e03b73d6ccf9a8e8d251090546a5bedc6100756bbb229f4055fae5fc5e78
- SHA512
  
  ca69942a994c667fe9c8758c24436658026df6466e0ebb086c5b9b1ede251c5cccd020ffe6c093f1144805cef1b2ea4d2fd71026495d6ff7c6b7ee2fad9b4b80
- SSDEEP
  
  1536:pxJOboc1q1TLGZWYZ03G4LPGwx3/QiwJxdFG4LpJOidxPurgKxngeZVTk:pxkp8G4LPX8xdFG4LyidxPuEKNK
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32