a6b13cf620a23848beec2c268892edad40693b0a06c414dbca2912898775dc38

Sharing

Copy URL

Twitter E-mail

General

Target

InfiniteFusionSetup.zip
Size

51.4MB
Sample

240515-ssmmfafg54
MD5

6d7a68d7ac8835a1b659fdae5df1a0c9
SHA1

019537f2af0552d36bf6aa9ced5ae602062b490a
SHA256

a6b13cf620a23848beec2c268892edad40693b0a06c414dbca2912898775dc38
SHA512

b50dd4fafd7d17abc56616085b029c528f21111e283eeff48e3a1b9b3524a4ac6ffc297278fa57ce6fd671918a08305bdf45952090c3a6531f4e3b38ce465904
SSDEEP

1572864:Jq9ML060jsiWqxrLANeAL060jsiWqxrLANen:A9ML0GTxL0GTQ

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  InfiniteFusionSetup.bat
- Size
  
  3KB
- MD5
  
  fce0bbd5cf2e90a6ac69511184732b67
- SHA1
  
  7c1e03765c6effd9bd938494a2d9b7d13d6dd288
- SHA256
  
  2ee810c315516729c4038b88049c99bad39810f25c6db2d8576d1588ad89c88b
- SHA512
  
  c6e28c0e5ff8f1bbf7dc8c0f9ad8587214179b74890b106798a5010fdb385f7c2e17444890cccf5cc1709c46f71bf5240437e18149b16c03518bbc43aac8d2e8
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  Lib/Application Files/InfiniteFusionApp_2_9_7_1/BetterFolderBrowser.dll.deploy
- Size
  
  12KB
- MD5
  
  fff67e7d52b58a11d456a1d5cd2ba294
- SHA1
  
  6dea84a0a060c39c93b1e3f404270c039d3dbfdd
- SHA256
  
  5334c9c4eb567a89e4644df868d7fb6e242a3ea422b2ce9283843970ec756372
- SHA512
  
  fc8cc5fbc624559e03e70c48bd4e6e4595b1784fdf2c258b33ddb3410bdd93dcf26f3b5db4e4d0d8f133e8df93fe95ab93a703efa92a0a4133f57f48ebd6ea74
- SSDEEP
  
  192:2ZPVABalnP/VYkWdcHIp3RgzK/RGLHdnKuWGIBC0p++kVX805N9:2ABk1W4Ip3ez4RoF2+bR805N9
Score

1^/10
behavioral3 behavioral4
- Target
  
  Lib/Application Files/InfiniteFusionApp_2_9_7_1/InfiniteFusionApp.exe.deploy
- Size
  
  2.1MB
- MD5
  
  c6bc8d3ed3a58d0b58f8bf5006d797d3
- SHA1
  
  6ee2700a78db53a6abd3c5a28cc6bb20131bccc6
- SHA256
  
  1829ccd76d7313504780ab9e574ac49387d55d13e8f8940ba5f3bbf2f2d781d4
- SHA512
  
  b9486259badb1867e17473e013c4ecc8e05b35687834848cb36cba3850245872d93e5bef2acd5f6f8b3ffccd837d9aeb8a921e97471b2e4dcdc5629402c1e32b
- SSDEEP
  
  49152:qK4CX7CK2GV5Q9CSxVVIbTwUmHSxMRhrgn/4gF:l72Q5+XVVITbmHAGrQ/v
Score

1^/10
behavioral5 behavioral6
- Target
  
  Lib/Application Files/InfiniteFusionApp_2_9_7_1/Microsoft.Bcl.AsyncInterfaces.dll.deploy
- Size
  
  26KB
- MD5
  
  ff34978b62d5e0be84a895d9c30f99ae
- SHA1
  
  74dc07a8cccee0ca3bf5cf64320230ca1a37ad85
- SHA256
  
  80678203bd0203a6594f4e330b22543c0de5059382bb1c9334b7868b8f31b1bc
- SHA512
  
  7f207f2e3f9f371b465bca5402db0e5cec3cb842a1f943d3e3dcedc8e5d134f58c7c4df99303c24501c103494b4f16160f86db80893779ce41b287a23574ee28
- SSDEEP
  
  384:cOJWqnwCBbNAP0VES2j0cX6dAl+NWpVzrdcoquWeP/WxR5kHRN7dDFcYR9zPrf8O:culwCBhdVv2wK5fdcUtFFn9zT8pY
Score

1^/10
behavioral7 behavioral8
- Target
  
  Lib/Application Files/InfiniteFusionApp_2_9_7_1/MinGit/7-zip.dll.deploy
- Size
  
  99KB
- MD5
  
  956d826f03d88c0b5482002bb7a83412
- SHA1
  
  560658185c225d1bd274b6a18372fd7de5f336af
- SHA256
  
  f9b4944d3a5536a6f8b4d5db17d903988a3518b22fbee6e3f6019aaf44189b3d
- SHA512
  
  6503064802101bca6e25b259a2bfe38e2d8b786bf2cf588ab1fb026b755f04a20857ee27e290cf50b2667425c528313b1c02e09b7b50edbcd75a3335439c3647
- SSDEEP
  
  1536:T842/mwxwckhjRE3ng2Ey8thQjGYZ1JrTGvWSy/PEw22mGYTNAkQz:TY/bx7kFe3VZ7rTGvWSo28YbQz
Score

7^/10

persistence
- Registers COM server for autorun
  persistence
behavioral10 behavioral9
- Target
  
  Lib/Application Files/InfiniteFusionApp_2_9_7_1/MinGit/7z.dll.deploy
- Size
  
  1.8MB
- MD5
  
  4e35a902ca8ed1c3d4551b1a470c4655
- SHA1
  
  ad9a9b5dbe810a6d7ea2c8430c32417d87c5930c
- SHA256
  
  77222e81cb7004e8c3e077aada02b555a3d38fb05b50c64afd36ca230a8fd5b9
- SHA512
  
  c7966f892c1f81fbe6a2197bd229904d398a299c53c24586ca77f7f657529323e5a7260ed32da9701fce9989b0b9a2463cd45c5a5d77e56a1ea670e02e575a30
- SSDEEP
  
  24576:E8sHeHKHplfu94i55tbhris2CCEnWaWBvYyozGUIjnRnU:E8Y/Q94iZNrP2t0ZyyIjnRnU
Score

1^/10
behavioral11 behavioral12
- Target
  
  Lib/Application Files/InfiniteFusionApp_2_9_7_1/MinGit/7z.exe.deploy
- Size
  
  544KB
- MD5
  
  9a1dd1d96481d61934dcc2d568971d06
- SHA1
  
  f136ef9bf8bd2fc753292fb5b7cf173a22675fb3
- SHA256
  
  8cebb25e240db3b6986fcaed6bc0b900fa09dad763a56fb71273529266c5c525
- SHA512
  
  7ac1581f8a29e778ba1a1220670796c47fa5b838417f8f635e2cb1998a01515cff3ee57045dacb78a8ec70d43754b970743aba600379fe6d9481958d32d8a5aa
- SSDEEP
  
  6144:mE7cV3iwbAFRWAbd4nf0H05yqE6Hl0ChW0+ksllAXBu0lWGWUJJQ4t0BHQQf+L+G:d7a3iwbihym2g7XO3LWUQfh4Co
Score

1^/10
behavioral13 behavioral14
- Target
  
  Lib/Application Files/InfiniteFusionApp_2_9_7_1/Misc/INSTALL_OR_UPDATE.bat.deploy
- Size
  
  378B
- MD5
  
  16609a952c50e9d11217725eeb661587
- SHA1
  
  cefd5f36a5c6d219a3056ba02e4c968ec507f90f
- SHA256
  
  5c85a74e35b028b246d29fcfce8209608076d655731e6eb9fc08ecae7f211b9d
- SHA512
  
  2b1a7bccd666cad1ddcb72ef685a0979ce8d21a6da6f422861f2a72cb105d33b288f6365d04e8a095be70ea75fc90e3574cc3fd314388084b51f8931d7110e8f
Score

1^/10
behavioral15 behavioral16
- Target
  
  Lib/Application Files/InfiniteFusionApp_2_9_7_1/Misc/Installer.bat.deploy
- Size
  
  1KB
- MD5
  
  d734175af67638ec85d396d713f0dbcf
- SHA1
  
  169a37cbd4e25106fc031cc67ce2da8eae6d6f4e
- SHA256
  
  555961a44f37322d002b63c86806cf7dc6987cd45b6d048bed102fe0b66f339e
- SHA512
  
  dc3beb6f67e098e6f8794ca5d43f91eac24d6199ee1508535b015fc353d6da7e0162c2736c68a805070aebb8ddc45594f36e0243ddef94db921a5fc778854497
Score

1^/10
behavioral17 behavioral18
- Target
  
  Lib/Application Files/InfiniteFusionApp_2_9_7_1/Misc/Updater.bat.deploy
- Size
  
  1KB
- MD5
  
  c89902ea0c43f883eaef0f2fbf23b3d9
- SHA1
  
  e5c0d13621e1b7b08b508c9f09ac72b48d2ac951
- SHA256
  
  a46ceef1272361780efe8cf276c82cb1e6ea739dbb4210711517d2c69c3406bd
- SHA512
  
  fea1d7522b5556fa84421e128b23e8769fd355b85d83a324f741cd3621b4257d3299971191be02b2d0ac74e2dcc2754f80b6f65c8773cf35ef340c3f0e9583ae
Score

1^/10
behavioral19 behavioral20
- Target
  
  Lib/Application Files/InfiniteFusionApp_2_9_7_1/Misc/auto.bat.deploy
- Size
  
  2KB
- MD5
  
  e969ac67a29bfd6d9e16956e558a62f9
- SHA1
  
  bb7754f4632096e2c9a4604c501f24f8225557ae
- SHA256
  
  650b302814393208c8c973693ebaed5d89c4f39f227637af07afa0bb46ebcc2d
- SHA512
  
  b75e1093a012c9a865af3ca8cd1396cdeba9668af7d47be2d4d80374b35fa75fd3501a8e474d36bbd8f23c4663e565d64cb83abfdf91e1fb966694f14e84c891
Score

1^/10
behavioral21 behavioral22
- Target
  
  Lib/Application Files/InfiniteFusionApp_2_9_7_1/Misc/autoOnly.bat.deploy
- Size
  
  2KB
- MD5
  
  a39ff82b6897d137599755743ccd699a
- SHA1
  
  53fcc86abc2aeff1f1adb6412a9ebd594993fece
- SHA256
  
  e7ec87e89722f08fe9a4f8a5c027a3f994ecaaaf889f3a00c08e4dde8435a0aa
- SHA512
  
  cb5620452b52de4e4d89d934a4459749a273d53fe52379acb352cf9a19b79c3d2fa75963b1a870e0da6489a9359c857a624d2da6a02a0e569f99673afd64973e
Score

1^/10
behavioral23 behavioral24
- Target
  
  Lib/Application Files/InfiniteFusionApp_2_9_7_1/Misc/custom.bat.deploy
- Size
  
  1KB
- MD5
  
  7ec4100af4910743f076ddee1343038e
- SHA1
  
  bfb21946e2fc31d3e123b9a8eb616bb90f5d47bd
- SHA256
  
  24688ee14f7a17f8b0f03bdbd89f177d6ba3fa0afd5453c80053ebea520d39dd
- SHA512
  
  d2069903bef55f27d02250f3e9ed73d75f196fac7f159470e59a562eb63e5cfeb8a5e3d0d0cd25b17e6bb667a42d0a80a0e111db4af48ecf035c66138d70764b
Score

1^/10
behavioral25 behavioral26
- Target
  
  Lib/Application Files/InfiniteFusionApp_2_9_7_1/Misc/customOnly.bat.deploy
- Size
  
  2KB
- MD5
  
  6bbb150c8a2a4ae57de3560ddce730d3
- SHA1
  
  f3d05dc9fcce0a1d602ee7805de1b0ba9473a809
- SHA256
  
  fd2307ba55f4e0240997f156336e2f3225d92d5017c33de57ca7c565dcfa6233
- SHA512
  
  7b362290da72030384fc071e689ec43eae710c2485b12be7c6cbe17a80dd0f4859b10804e99e0a37a4bd95df351716932f8592f3386670193bea5b83657386c6
Score

1^/10
behavioral27 behavioral28
- Target
  
  Lib/Application Files/InfiniteFusionApp_2_9_7_1/System.Buffers.dll.deploy
- Size
  
  20KB
- MD5
  
  ecdfe8ede869d2ccc6bf99981ea96400
- SHA1
  
  2f410a0396bc148ed533ad49b6415fb58dd4d641
- SHA256
  
  accccfbe45d9f08ffeed9916e37b33e98c65be012cfff6e7fa7b67210ce1fefb
- SHA512
  
  5fc7fee5c25cb2eee19737068968e00a00961c257271b420f594e5a0da0559502d04ee6ba2d8d2aad77f3769622f6743a5ee8dae23f8f993f33fb09ed8db2741
- SSDEEP
  
  384:/rMdp9yXOfPfAxR5zwWvYW8a2cyHRN7vCvlbLg:/rMcXP6N6e
Score

1^/10
behavioral29 behavioral30
- Target
  
  Lib/Application Files/InfiniteFusionApp_2_9_7_1/System.Memory.dll.deploy
- Size
  
  138KB
- MD5
  
  f09441a1ee47fb3e6571a3a448e05baf
- SHA1
  
  3c5c5df5f8f8db3f0a35c5ed8d357313a54e3cde
- SHA256
  
  bf3fb84664f4097f1a8a9bc71a51dcf8cf1a905d4080a4d290da1730866e856f
- SHA512
  
  0199ae0633bccfeaefbb5aed20832a4379c7ad73461d41a9da3d6dc044093cc319670e67c4efbf830308cbd9a48fb40d4a6c7e472dcc42eb745c6ba813e8e7c6
- SSDEEP
  
  3072:nUGrszKKLB8a9DvrJeeesIf3amN32AW/rcyw/s:OB8l3/aK32qU
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

Deletes itself

Executes dropped EXE

Loads dropped DLL

Registers COM server for autorun

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32