acac2e1bad58381fb4fa36027b7e9e8fb15158ef32f36533953f0e24068fe634

Sharing

Copy URL

Twitter E-mail

General

Target

HAB910_v1.4_230413.exe
Size

32.1MB
Sample

240516-h4ze9shf5x
MD5

bb39a9e910c509b15109bad6f07a0812
SHA1

0fc45d5b4fd6e96ac3a66317d8903892d7c97deb
SHA256

acac2e1bad58381fb4fa36027b7e9e8fb15158ef32f36533953f0e24068fe634
SHA512

3b31bb66201b1aacd763fa574d66ae25a32d9f1c60d77188bfdb852256e0b7689ec9aa0909520f983123af9b1818a4f6892fb842e8d27d581e954df710fed946
SSDEEP

393216:u/gE/XyOav5Gj8CWSNs7Jhppvq3sYXXujTD7+z5R+EtFvTHhCfmdH1t/zRQk3Zbm:u/1fav5GI/SwJvpvq6SzV/hzXRwmPFQl

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  HAB910_v1.4_230413.exe
- Size
  
  32.1MB
- MD5
  
  bb39a9e910c509b15109bad6f07a0812
- SHA1
  
  0fc45d5b4fd6e96ac3a66317d8903892d7c97deb
- SHA256
  
  acac2e1bad58381fb4fa36027b7e9e8fb15158ef32f36533953f0e24068fe634
- SHA512
  
  3b31bb66201b1aacd763fa574d66ae25a32d9f1c60d77188bfdb852256e0b7689ec9aa0909520f983123af9b1818a4f6892fb842e8d27d581e954df710fed946
- SSDEEP
  
  393216:u/gE/XyOav5Gj8CWSNs7Jhppvq3sYXXujTD7+z5R+EtFvTHhCfmdH1t/zRQk3Zbm:u/1fav5GI/SwJvpvq6SzV/hzXRwmPFQl
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/StartMenu.dll
- Size
  
  7KB
- MD5
  
  c275bc6ee70d85aebc2328c06515a2a2
- SHA1
  
  0f12e4736eff8f1a1a4c467e2f52eba2dac4e7e6
- SHA256
  
  30336c7b09582de438d6c3f561f55366dd7094faf24f34e12df44acf19be9242
- SHA512
  
  aeff89ebf093555aeaaa15f86e519523266b08e814578540430b3f2b67c6ad92a8e0072716f8ab80e6afc9a160a7bbaab0800b372107613d78793a9fd0fb9240
- SSDEEP
  
  96:BgiqVPb3X8K8Kdr3gEq6nNdMk6Qiw290+q6LDtJ1t13hhEl7y:BgiqVPgK8K9eIdE9B/tJhg7
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  b0c77267f13b2f87c084fd86ef51ccfc
- SHA1
  
  f7543f9e9b4f04386dfbf33c38cbed1bf205afb3
- SHA256
  
  a0cac4cf4852895619bc7743ebeb89f9e4927ccdb9e66b1bcd92a4136d0f9c77
- SHA512
  
  f2b57a2eea00f52a3c7080f4b5f2bb85a7a9b9f16d12da8f8ff673824556c62a0f742b72be0fd82a2612a4b6dbd7e0fdc27065212da703c2f7e28d199696f66e
- SSDEEP
  
  192:4PtkiQJr7jHYT87RfwXQ6YSYtOuVDi7IsFW14Ll8CO:H78TQIgGCDp14LGC
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  eac1c3707970fe7c71b2d760c34763fa
- SHA1
  
  f275e659ad7798994361f6ccb1481050aba30ff8
- SHA256
  
  062c75ad650548750564ffd7aef8cd553773b5c26cae7f25a5749b13165194e3
- SHA512
  
  3415bd555cf47407c0ae62be0dbcba7173d2b33a371bf083ce908fc901811adb888b7787d11eb9d99a1a739cbd9d1c66e565db6cd678bdadaf753fbda14ffd09
- SSDEEP
  
  96:oXHqZ4zC5RH3cXX1LlYlRowycxM2DjDf3GEst+Nt+jvDYx4AqndYHnxss:oXHq+CP3uKrpyREs06YxcdGn
Score

3^/10
behavioral7 behavioral8
- Target
  
  EProfiler.dll
- Size
  
  13KB
- MD5
  
  42fb6febef8e5bee79fa6f821637a016
- SHA1
  
  0617599a852418fd9f7184e6708c32a8772a7de6
- SHA256
  
  7807bcc5fc38c445c0481563d49c207e80e7a3d1c82d3a9f6d7308e3211194e6
- SHA512
  
  e39b0016e26b72c3957406caa3f8569a5619d5fc93d1d39f0f7f19a0c65e3dd42001b9c771bc43b1b9f8a41ca83b2ef658a118f55da2f356f92ca2fd1aae6448
- SSDEEP
  
  192:4/PLfDpnq0sld79T7PnemAIoZqTuwjqTqATu3Dd+E/rq3X+Eqdm1pISiKYo:4/PLfDpnxsjBnIET/+1TOR+irGuN/
Score

3^/10
behavioral10 behavioral9
- Target
  
  QtCore4.dll
- Size
  
  2.4MB
- MD5
  
  2b04f8d542ec9279899b61054e76126c
- SHA1
  
  27427f09bd84fe544b2ca4c1a30e91f88cffeb0a
- SHA256
  
  f91bc89d085db4e6ece4937077103afdc449d09894f77bb66490a137063abc6a
- SHA512
  
  070252d231eb92a024eccd52a2cabb562f9e8097f4fe7faca9e49df8ca4bacc1e43cf397e9f9c2714d7d49e2e3e775e1ab54d2a9b759a73653a192597709c75a
- SSDEEP
  
  49152:/aealY6Y+ranN809vbzKhI9xxUKp/oQpL1hp2Ko7QrjzJsv6tWKFdu9C98TFPuql:/aeaNYganh0E4KqQpL1hp2nQrnJsv6tr
Score

3^/10
behavioral11 behavioral12
- Target
  
  QtGui4.dll
- Size
  
  9.5MB
- MD5
  
  8bb9f50b08dabf0cf42d4b000620a4f5
- SHA1
  
  b8809f3cb81dfa3bd43abf8f3211a8d2a6eda4e4
- SHA256
  
  8c902026f80e5deb36ae52b985073e6dc0506a20673bc7358cfff6e9809e89f0
- SHA512
  
  3a5f73592faf70652cbfddef3d3d40725c8167960f81fb8fb425e1407282d5aaa6af592b56b2563bdf5a5858ebb65a606e5080382419edcfc42a201134e168b5
- SSDEEP
  
  196608:jtnORXc3lKCIfMMnGzuU6H/gsXRrk5VaNI2Waf+n4wUiPMw9AOIrJn1NCXVQMuxf:NWVGzuU6H/gsXRrk5VaW2WQ+4wUiPMaM
Score

1^/10
behavioral13 behavioral14
- Target
  
  QtNetwork4.dll
- Size
  
  1.2MB
- MD5
  
  a770b65450d4b140abdda1e05333f8b9
- SHA1
  
  6260f8de8ba2ff8718a8b8b9b2644963e125b799
- SHA256
  
  15942c69b9f69eba3fdba8f53b40d9663b6b1792d3a048e9e3b5cefe55578f4c
- SHA512
  
  a3c47968d4a646c07ecb4394f0085819d881337fc85c1bcd202a0dee5c0bf16f9b7fcd2558b586df43b7e3593b9d0443e267f75de1bdb3bc6125a32d21f0ce68
- SSDEEP
  
  24576:6KGwnBNxEK4MLbi9mPHtiyZiVEEtgCF8E+e8GHut4wQq3NkZ9sZeGfTueWieQMPa:6KBNmmbi9OpZiX+e8GHut4wQq3NkZ9sP
Score

3^/10
behavioral15 behavioral16
- Target
  
  QtSql4.dll
- Size
  
  265KB
- MD5
  
  95fa495f87d6a0fa734c4cd945fbf6a9
- SHA1
  
  7b8932d6e83962b866b41aac981b0b0d6d7de3ce
- SHA256
  
  ace9938db08376477f1d657aff051333321663656d36a366ba7fa0141cc2f4b2
- SHA512
  
  773565b8742c1a798225d8f163dce8d5884da33463fcbf8403f4266b17ca1852e138f28d7098e7cd545e2514350ecc7fdbf2e8c4bf10dce3a41b2cbe7bab6619
- SSDEEP
  
  3072:tplDgGVana/SktvP3pXSo2J6Fusz09yOeI0Pn+A7o5sybwW37HO+Op9V08oFwjcN:tpBjft23ov+OL63Cjc7UPk5g1hA3Bj
Score

1^/10
behavioral17 behavioral18
- Target
  
  QtXml4.dll
- Size
  
  390KB
- MD5
  
  381024335f34c288aa9b69b7181f4619
- SHA1
  
  3f312f25eeb165a896ce18ddc8bddcbdd7cc6d5a
- SHA256
  
  b1e761386c02909e208ed1a0713a6c7452fcd67d17b5068715d49f97e03e3ef7
- SHA512
  
  f2e26c8daa4a2fc1133b454cdb33db7c849fce8e309acff4677079ad4aa61d5028f829840164684afc1cc4f764dfb50daebb02f82129f6ee9833d4b39e2c79e5
- SSDEEP
  
  12288:RF07GA6l/4WzI873j3L1hpJV5QZ7k+AwL:30iA6l4WzI873j3L1hp9K7k+Aw
Score

3^/10
behavioral19 behavioral20
- Target
  
  dxf/bat_no_spline.dxf
- Size
  
  180KB
- MD5
  
  4bfc5c45a2c70b468b643fa2c0b18230
- SHA1
  
  40319060400fecf4003792ddc0feb7a3f37741ab
- SHA256
  
  5f950dd03b0d8dc7d6f1c8fe96caaa15e34c36830f116e47807195fbd5eadd25
- SHA512
  
  df64380916fcaf76c1636155eb976cc47cfbef12f1fb90249604e4536bd615a0fc0bf46a363639da20d092351192185654d30915266330278136a886328ddf39
- SSDEEP
  
  1536:v77YEujQJ7YgGjeAyLIyGFNmTcFUX9wFQFgu1:nJBrtn
Score

1^/10
behavioral21 behavioral22
- Target
  
  hab_910.exe
- Size
  
  23.8MB
- MD5
  
  5315cb4a7c918bb55558404a33ab5150
- SHA1
  
  fed51c7af5bdd149402a061a8cf84d1419c5fae5
- SHA256
  
  141103b94a9e568b6e08289b1232c43047b8dd3ab79f830e045589847058ec2a
- SHA512
  
  46b4380aa4ed5aa67f2e6a68c5b9d2d5088c438a5f0c7b9270c3c80730031d95d23a175dd11ee8295ef0e8773d06bfdb2c09b76ab3bca1e2536d8ef6e579cf68
- SSDEEP
  
  393216:fF4KPkKrZ738l0YvUnpPZE65fhKoUdR1p4oORU7KIhursaz4tnbNExl2EdbG8rOX:zrrZXpPKQsyPrshbSx4WbsudK
Score

1^/10
behavioral23 behavioral24
- Target
  
  libgcc_s_dw2-1.dll
- Size
  
  42KB
- MD5
  
  c4b4409f186da70fcf2bcc60d5f05489
- SHA1
  
  056663c9fd2851cd64f39d882f6758e7a987bd42
- SHA256
  
  b35f2a8f4c8f1833f3cdec20739c58e295758ce22021d03d4335043148bd7610
- SHA512
  
  cdcb945a82a0304e4d7cfc9ae9d7e5a5e81d4e3025e982494c87c283f6fac542181e9e1e3028456b9b0b5b6279990cb3e1a50f9df0f6e707c70fa0e23c7a808c
- SSDEEP
  
  768:sZ1l+WCdhTcpKn+CwZoyf/dadEU9mRWtyTN:41l+WGhIKn+CQ7EyW0TN
Score

3^/10
behavioral25 behavioral26
- Target
  
  libopencv_calib3d220.dll
- Size
  
  1.1MB
- MD5
  
  abf06b83916f9363fbab50a0a772a821
- SHA1
  
  074e97910348ba07c4a9f8724a5a2f2afe99ede9
- SHA256
  
  5f3446a50249e588336304b422ff611b3011947df8982996f8c723637b858047
- SHA512
  
  65b21f2957d91da0f86dfdf7e8a73c7319ef1070a35bb29537cfb25fa4cf7d4b2e58f4a744ed5882e6e73a960084aba3f35ff6360d2957f5aace8afec44e5289
- SSDEEP
  
  24576:JlveAjoOL6QiAWZwW7MO7tTeqPJR1oITGgvdih1F/y1ZXgxpkYP+dPcpc:JFH4wW7MO7tTeqPJR1oITGgvdih1Fqrt
Score

3^/10
behavioral27 behavioral28
- Target
  
  libopencv_core220.dll
- Size
  
  5.5MB
- MD5
  
  459febb1ced954af495f8c011d55b85f
- SHA1
  
  5ac8155e325d5df3882c35883ac1d354d9c7a0bb
- SHA256
  
  085584dd6d0a44f2f9a2d9a483aa11e9fc7b88f55f6ff7a306d5186bcaafc5b8
- SHA512
  
  685e6fb6ab17ed0276a579eb6f1a213fd9f9374f5180fdd8a599d12c62fd1637fd9c93fc912f674583cfc4765c3f1eeb343c1508af2853c464688a47a3da815e
- SSDEEP
  
  98304:jN8eHXdBF5TVBkvTwn/41d2v0KqlAMc4/LcQBJmZ9sQQQC:B8eHXd94s/41d2v0KqlAMc4/DJmZ9sQy
Score

3^/10
behavioral29 behavioral30
- Target
  
  libopencv_highgui220.dll
- Size
  
  1.8MB
- MD5
  
  6c7a31d2d08a06fa49f57b3f68c6ae62
- SHA1
  
  c2ed085602bf56f211b3597ae0f5bcaa4d70612e
- SHA256
  
  cff0e07e6d10c9ae28cc09dec796616e7fc5b24524c7bbfbfec2c301fb3689a5
- SHA512
  
  93b4d55729ca0230fff4711f64595eb245147e836ffd90774e344d78e1a3bb83af257c45f2e2038a2718b900200e56f1490786f4f7efdc6dd2e5d88312e5cfd2
- SSDEEP
  
  24576:EE5fPW4x06mDdVYJV57zHj7D8UfG5B1qSnlgrmVq4gRTR5H5KRwtbG8H+r0xAoHS:Ey2AqpB1qSsTFku+r0u
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Checks installed software on the system

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32