Resubmissions

21-05-2024 15:45

240521-s6292sah6y 9

General

  • Target

    Wireshark-4.2.5-x64.exe

  • Size

    82.5MB

  • Sample

    240521-s6292sah6y

  • MD5

    2e23b0e7ef14dac31eb825a284fcbad8

  • SHA1

    0e3c7b4dcd5c247c8f9726195a4d5a70b99f8b1b

  • SHA256

    3d921ee584d0984f694f60a771a6581a6f32a9de995a5cd4bca1931185a4e618

  • SHA512

    6242031538a46b6576885228d74b88705f5c3c3afa7ffae4ee218010f0db6d4e4ac0261a2005c3ca27dcf929de963d4693623d402d7239881b4bbdf792e944d6

  • SSDEEP

    1572864:uvPlDWPYmmW5ttwcR3fp5LR5wsS9ZZdP6kA1YifYd2rJwzR088LYBDJkV:uvsAmmWjtDR3fTXwd9ZDPxA1bf07K88p

Malware Config

Targets

    • Target

      Wireshark-4.2.5-x64.exe

    • Size

      82.5MB

    • MD5

      2e23b0e7ef14dac31eb825a284fcbad8

    • SHA1

      0e3c7b4dcd5c247c8f9726195a4d5a70b99f8b1b

    • SHA256

      3d921ee584d0984f694f60a771a6581a6f32a9de995a5cd4bca1931185a4e618

    • SHA512

      6242031538a46b6576885228d74b88705f5c3c3afa7ffae4ee218010f0db6d4e4ac0261a2005c3ca27dcf929de963d4693623d402d7239881b4bbdf792e944d6

    • SSDEEP

      1572864:uvPlDWPYmmW5ttwcR3fp5LR5wsS9ZZdP6kA1YifYd2rJwzR088LYBDJkV:uvsAmmWjtDR3fTXwd9ZDPxA1bf07K88p

    • Checks for common network interception software

      Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.

    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      1d8f01a83ddd259bc339902c1d33c8f1

    • SHA1

      9f7806af462c94c39e2ec6cc9c7ad05c44eba04e

    • SHA256

      4b7d17da290f41ebe244827cc295ce7e580da2f7e9f7cc3efc1abc6898e3c9ed

    • SHA512

      28bf647374b4b500a0f3dbced70c2b256f93940e2b39160512e6e486ac31d1d90945acecef578f61b0a501f27c7106b6ffc3deab2ec3bfb3d9af24c9449a1567

    • SSDEEP

      96:o4Ev02zUu56FcS817eTaXx85qHFcUcxSgB5PKtAtoniJninnt3DVEB3YsNqkzfFc:o4EvCu5e81785qHFcU0PuAw0uyGIFc

    Score
    3/10
    • Target

      dumpcap.exe

    • Size

      513KB

    • MD5

      025814d22e9f5c211d5a3f152a6116f1

    • SHA1

      e7e18ddc368d3cf4dea5ff0136b71664df6c8feb

    • SHA256

      423601a52a1ec782168b9d114fad1969eef2ed8bc67b2777549d001c9e2911f4

    • SHA512

      dc5884c3bf2179fa9370c3d85e212ffb192921952f57774ec312bbdbf53d76ec55ccb064a7899ad847ca0bbfa79c9d5a91e089ad4a3a69bd96ee05f680b06b5f

    • SSDEEP

      6144:JyKv/o2mmSw+6R7n5C+ibky8PPEMceJAIqHn3AuSFP9P9gh:tv/o2mm2i75BiYy2PExemIqXAjFP9Puh

    Score
    1/10
    • Target

      dumpcap.html

    • Size

      28KB

    • MD5

      44160f5741a7246c342cb45ca714d43b

    • SHA1

      cee079c623e13ea36c31ce2cf6f7124cc1d41960

    • SHA256

      6a6e8715a205e372a8fa7deca8e586d87184ab40af8bdcc79424b05e5df87798

    • SHA512

      d7e5edbb65dfedd9e985c72318880edc87186060ee257237a763850001a1a7a9bc14a4a512192105e66ecf0734bf0f041b0c4d6e04ac6309e786c7aede044474

    • SSDEEP

      384:zcLyTOwDtmYQjDQB0pHgjjeiGrheI2ZMyQIjM+/tIejjSqUT+IN8NbnTB8nU:cySwlQjUQHgjjei4heIemvoesfGnU

    Score
    1/10
    • Target

      extcap.html

    • Size

      8KB

    • MD5

      f738cde79e96769d2b88f294550235e6

    • SHA1

      bf45e4f7efdb779d874ce93c7f22044109186f0a

    • SHA256

      6b01f9040e156292ccc5f1466618b24678f076473e0b7be65450711a266d637b

    • SHA512

      b27fbe3f6659590ba05a43fadbdcf3a5022d1f47de36d5b628b219682487b0c03c43a681df00319f442a28e9ab861405886b4d662433005142ac7c5b9e04c7ef

    • SSDEEP

      192:ZK1pwWZzPlmkFsOndHLk3AHDA2OkghZAp:Zqp5Zjlmmr5kc3p

    Score
    1/10
    • Target

      generic/qtuiotouchplugin.dll

    • Size

      92KB

    • MD5

      a4793051f363446d022be521372a70e9

    • SHA1

      c773f1185d31525dd96b293e65943260487ed1db

    • SHA256

      e9eab8d0e6b2ffdbf3d6d5a28877ee441be1c8b55719492977952fdaaaad84a5

    • SHA512

      95be490815954811183b45be7024e2b9b72f3d1ba75d61bcf1a6b93f45cfdbe1082149ca9f3b73d981cec090a991ac839f3cd3ac294f978bdfd247a1a2b42bdc

    • SSDEEP

      1536:OuIdQo4xs14ruc74oi0KhxwmSIvRkpVHxbAxDUgbk8grxi:loQpru4Ohx3SIvRiHxKD9bk8g8

    Score
    1/10
    • Target

      glib-2.0-0.dll

    • Size

      1.2MB

    • MD5

      7fcf74105aa50ebc1f924fb078a543dd

    • SHA1

      c12690c939eddbbccc530c455882923c94cb4f8a

    • SHA256

      d6445fddc3625d9501ab386cf885fb2b38985e5ef81d239738db5ab72d492378

    • SHA512

      2131680f0e8235a55408963bf49205cc14b3e9ef4f11fec402051d430c41524de023309aa35dfa439f5d2e5657a7e0182c654ae68b1f015e9d7b712dbdbf79bd

    • SSDEEP

      24576:6kBrw3/19gl2oWb0LmdJrASjICaxqLi8krsBViBdJIvA2+fp56MWtvCMHt7q:6krw3/19aXWbNdJrjICaxqLi8krsBViJ

    Score
    1/10
    • Target

      gmodule-2.0-0.dll

    • Size

      30KB

    • MD5

      f36ffd302cab6f9b13d33810159b3c10

    • SHA1

      831fffc249964f32b57f9cda72a8f786e0ee86a5

    • SHA256

      938732c2cbf8591df1b073a697a2ad8fae66a64f7ae96b6d8689ce49c576005e

    • SHA512

      ae89fd782061c9afc0809d07a7023d0986d9c3549ba796f90f5d9c8936e0c42a3b33dd348ba96519ed051abcc203c7b96e69e3db9d47a157fafbd9471005e113

    • SSDEEP

      384:wyejOSqHahJOnbwZi4BYV1U4BZ7bpwKNsgxGwPAM+o/8E9VF0NygT:wtjFqHa7OR4iNL7IgxLAMxkEQ

    Score
    1/10
    • Target

      gthread-2.0-0.dll

    • Size

      21KB

    • MD5

      dbaa44e5ca2c6547aaf9453fe5c2caa8

    • SHA1

      ea50319f2272db29ec8b0ee4c4352c1ba4fe0c93

    • SHA256

      e193be90a77f369bb99fc050c40cf91bf29f0c24bedf01ab3cde2f899e7432a5

    • SHA512

      9ebca3817c3627f8d81cc6d1e754b27784fd2972d0a54c3328016c516b71fcef5edd9012ab5a09f8de72b62436a95522c26999e2d9fde18550a8aa54fc75d6c0

    • SSDEEP

      384:OuJb5G1ojrurpwKNsgxbiV5M3AM+o/8E9VF0NyiED:OupQKq4gxM8AMxkEzD

    Score
    1/10
    • Target

      iconengines/qsvgicon.dll

    • Size

      61KB

    • MD5

      31e06050cb915d4e89f373b9cfcd86a3

    • SHA1

      710d26ef78667fe161d964256d1e97c159a17f62

    • SHA256

      61a006b4952b6d45d9b3b64e7114f46d31200a2b44f3b8fac344bf750b023add

    • SHA512

      77f2c72ace4e3bc5eaf67cc3f0ba387a982b3e35fe595ae2da0687f79d40149be891d52d4b7278acaae2fd953e344ac31d50c5e6832b9b983f8726dd5480d1c3

    • SSDEEP

      1536:+cjQ9xCOoer+KpD3ajbyj6S+IqriFBWKMjP1tjoIbCXMhR5P9guxP:2q4ajbe+Iq245jP1tjoRMhR5P9gE

    Score
    1/10
    • Target

      iconv-2.dll

    • Size

      1.0MB

    • MD5

      b593c7fe341ff1945599537417b97b5f

    • SHA1

      560aaed02dd685835e14f53adac277927477838c

    • SHA256

      cc441303536536672fdf1c7cfec2a0f359dc1e8f4360ab646de217a246332607

    • SHA512

      0018bfdb13a2f95dea9569d8dc5f6b3d434e625094d65833275bb60149935f2e4e9989f6348f78655568d4ae308b02ec730d60599f966709485505f15f0a176f

    • SSDEEP

      24576:3gHftbBAUZLYTfYlaQuwGavkg3NyXHbbTgscK6wV5:ctBAUZLYT2aQuwGaXwEsJn3

    Score
    1/10
    • Target

      imageformats/qgif.dll

    • Size

      46KB

    • MD5

      b72697752159a6011ca674ce5aa2df21

    • SHA1

      4d693b2e59202f1fab060e17b780e7f898e15a78

    • SHA256

      2ff94f5fd04accd13b2591cf084c98eda4d9011a995346404f77bc05898df68a

    • SHA512

      5c476f34ebc8bcda186a44f374c6897f772ad40c94c6e8c03bb1d495a8ce49be5b584390b87fecd3372b0a06dd07950ec1996a3e49c9bc5d78db4afacd0f9041

    • SSDEEP

      768:8b1BgMAbGKdSySwa0r3EDVQPi4bNqZiQzad2pWxCozDc9gxjAMxkEQzw:41tAbSXInPh4zadkWx7vugtxUzw

    Score
    1/10
    • Target

      imageformats/qico.dll

    • Size

      45KB

    • MD5

      5c18471e3e53cccac8727377db59f078

    • SHA1

      c11041d01ed0889592c366916bf79f2105074fef

    • SHA256

      b8193c061d9000e5bb837fc7d7dc7bb5a7130b267d43d4cfd8368b0f540dcf21

    • SHA512

      fac081d884b837609bd4cea34e5e5a0cf4408223bde448ba68cce4ad19ff1058b3c5adc44b0b91bd74275e7b70c095e46e1e12ba3002eecac3e3b0812c712305

    • SSDEEP

      768:ZNh/rHNzM5yECWkF0EuXc19QAo3E3xv2gxOzAMxkEb:zpS5fCVFBuXc19QAoU3xv2g0zxP

    Score
    1/10
    • Target

      imageformats/qjpeg.dll

    • Size

      604KB

    • MD5

      3b2a60da75276e094de2675a8fb65dc3

    • SHA1

      1fb85b68228b98f66239f0323f2b1f24a7d33341

    • SHA256

      d4d75b47df8977e9fb496a6985370bdec28315cb863e6ff6aa17541cfe575285

    • SHA512

      16400cf304c9372069262d759325cfb5fa61c7b0d3540ec2a037125558c9780c3e4c1b7e9222167579440da5f33cdc24ca40cc55e67371144c1997b0b0aaf3b0

    • SSDEEP

      6144:QkY20xwNvMjZM09UGzjdr9N2F6iXSh6eKUm5QSNu3a99XHBHR+29zHn8cCl4RVDI:QINvMtgXMKUvSC2eM8HvTF

    Score
    1/10
    • Target

      imageformats/qsvg.dll

    • Size

      38KB

    • MD5

      bec25670e65e9a26fc9ca219421a6b58

    • SHA1

      49f9ca89b1314c6df43ba3c19f3080681d3d495d

    • SHA256

      b5a5552b73517b0c929e1749eb5fcbbe3949cad2ebfbb2428ce4237a45c2573f

    • SHA512

      5edca28f656e44db45ae0fda1ac2672ba337bef0f5f4721da939c9d5f2c76e7544d25c603484aeba548da792607dc518081d69019f86520ccc2c85a0c5dd46ed

    • SSDEEP

      768:aEz05YLHnGW21B3zSgTkyYwE7Rqgx9J1AMxkEe:wYLHnGW2tSgtYwEdqgtNxa

    Score
    1/10
    • Target

      intl-8.dll

    • Size

      95KB

    • MD5

      eb843a190275a4bb9b6a54af62cacc0d

    • SHA1

      14babbfb806c963a3a90603944b7f3c9b3674c5a

    • SHA256

      3ca3e67168e088bd6ee6a43bea26ec8b07a23759ced66542005ac909e3403e52

    • SHA512

      02227139e0af9d5eaf568068547432e34890449251ec743e21880bf952033a2853e513f66150eaf4bf8a9fed327d012f3bbc7442e24b881b7554c21154599064

    • SSDEEP

      1536:vPMqq7gvpDhtteBo1we7kCcLYVM1KIwSqNUMhEMb4004k+f/QZcFQiPESvhxNy/w:XMeDsh8VMcIwSUEMb4004NfYZ6ESvhxX

    Score
    1/10
    • Target

      ipmap.html

    • Size

      13KB

    • MD5

      0b42ca55f66492db4643cb115e7621d6

    • SHA1

      5c05d5d3917316f8fb8b2f469675b7c53725dc87

    • SHA256

      dc731f8df1b2f9df4a49fade0ec096e575c709aca79a87df3ce10572dc5db784

    • SHA512

      8b6604a407957cedbd9b83d780b3495433d16d2a0c51e17bd1b3d1c91f73d2e4d4c3749889d245a6b507ba51c97ecc4bc6650413fa1da0e1197a2cb03c695b12

    • SSDEEP

      384:Dv3AEPgci3CPKZhkKgF6HSdqqwc01Uw2EpxvDgw:DmPZhjgF6nF0w

    Score
    1/10
    • Target

      k5sprt64.dll

    • Size

      73KB

    • MD5

      0831183e45988e8d21c33bb9830c0540

    • SHA1

      c3862573f7b38c7c81d2ba40caf659fcc831cebd

    • SHA256

      83b1267c99b5b87949ade0eb1a5834791bfac6bded43936f61f0ec8fd84c0a90

    • SHA512

      6bada32edbbc551687b2a9a919e361d78235d25f66ffaac9dc01684bdd9639984dba7b6864aa8f3216a6ea5ac8cc85a8f540b22f8a57ce6ac604d87d21cad41b

    • SSDEEP

      1536:0ZpvaQbYrTYDsKiKFn/CNBHBFb4B+J6zVgHGxdqE:2pGrTYQBBbjJ6zVgH2N

    Score
    1/10
    • Target

      krb5_64.dll

    • Size

      1.2MB

    • MD5

      aa6e212e1391d1abbeffa1e9faefb4d5

    • SHA1

      e3ff656387c5194c593f7c682bbeb88200298867

    • SHA256

      a9ae1ed66c645ea514c19490fe5e9cfd11d7b79eb1ab6d12abb7307e3d16e153

    • SHA512

      7c49de7b16aba82a737910d211ca28465ca246ff15f6a533bdbf8058e68d5b96d4fb7db6c2c288c79d2a628183e3241576282ed6a2a5d4440cb2621465ec680c

    • SSDEEP

      12288:SqUC2f+2Z99Dc5MBj4nCJaQhlRxW1rhNESUqSoak3TtoPArLE34:xUtf+2D9vBcnCJaQhlorhN9UBo0YLy4

    Score
    1/10
    • Target

      libbcg729.dll

    • Size

      100KB

    • MD5

      d6466cdbf543031a6dd2dee4dd0cf796

    • SHA1

      281f6f58c06ebdc0b266fa1ac35f1366494012db

    • SHA256

      2ed3dfbb95695c354850417089fdb30f957dc17169fee47afe75b8d71db72931

    • SHA512

      ffeafd93c122d399721792ef8adf24d5c65eb1892ed0eb312d07b8cb5894379d54305bb096078361d3d8b55084bd6cf42454719e0936758305f09b40c2ecbc6b

    • SSDEEP

      3072:prhCjTYJWlSNE+WHNYfnnkpETJXkGbWVe5Ehnvvvvvvvvvvvvvvvvvvvvvvvvvv1:pdC/YsKEAXkGbcL0gL

    Score
    1/10
    • Target

      libffi-8.dll

    • Size

      51KB

    • MD5

      f339e567c4e1be13a00fc100c7bab5fe

    • SHA1

      81513496af82ca10436e67bda6c74d260c25d8af

    • SHA256

      8408550a5669cb7d101325f86a85fc601166a484047d7b38c146d165be81ebe3

    • SHA512

      0308195d8ae96329d3e54ed6efca8409c4bf862c3cff51044c30f1f6314cc4ebd2f6e151729d247abab71a61b82a6fe42c710b8b3e79ff0db2476bdff95b3b8c

    • SSDEEP

      768:saZFoOZVoc+zg7A1ro1CIoxQG1wH9AFHtqBUoITjhz2KpgxJQ+AMxkE8:xZFokicKgE101aQpZCoITjN2KpgbpxQ

    Score
    1/10
    • Target

      libgcrypt-20.dll

    • Size

      1.3MB

    • MD5

      d7e5e8e50f35efcb5f4e2d99eb6aa903

    • SHA1

      847b3da72e27ebe6717071e03dd9f15ab1e712b1

    • SHA256

      67a0f4ffa826763e4e80a345ae40543ec24ab043b1edac31d177f5ad633ef020

    • SHA512

      871de93bb81e51019abafb508c97bf821d9fe3bfe89305b039abdc7841830b6d1f2f2efa02042ae524a0309f31de6524a88d7dce4e2441d5d718c983d807eb3f

    • SSDEEP

      24576:wSr7GiADcjimMy1N0LgQS41PkXoD2ZKtPSdN85/QnjG:wm7GAumMeN0LgkPkXoDpP5/QnS

    Score
    1/10
    • Target

      libgmp-10.dll

    • Size

      718KB

    • MD5

      94feae5d9ea9605391340d122bb2e4a2

    • SHA1

      9c2112699197a251747b5ed4b1e391a06f3beac6

    • SHA256

      0902bd1b61e93b9f45c257c56ccf2169d5d4421c2c2b7c832275e68d28ab5187

    • SHA512

      0433dbcbefd6a5b0f1f866366869d303ed772df1deeb47fd6d7cd418f2fa33491dfa02c4820b645af9a836ba2f0e6d8c609d02a043a20584914966357b3de695

    • SSDEEP

      12288:1YgTb0BRt+WDLEQzKEoTRH22VvC83tE7Oj5wJ++8hrZHG7Op9:SAwBfEQNoc2Bl3tE7OtwJ++8hrZHG7OX

    Score
    1/10
    • Target

      libgnutls-30.dll

    • Size

      3.4MB

    • MD5

      e4161050b505dcdeec71fd73b70638d9

    • SHA1

      32e3b513e6d8a6ff05aa1d1ee83f03294394a0f7

    • SHA256

      ad8b1489d4fe1fef0db4b6d348252d71b08a8b1c652c2a8ae82ab1856c44f6e9

    • SHA512

      53176d781d77d4fcc55d48a8961f75925922c94062afeb81eac8716f8086801217197cb9606fed9d94dd19c12e08b8c1ad4b252c70b770847976431e274ca0ff

    • SSDEEP

      49152:aAMW5L1N+3YXy1etkKTmb4f7Ifj9oNtmX47GtlqSYXeK0pAc2XAxONXtVKPRajwU:tmZiXeLOnV1jwJCCKm+

    Score
    1/10
    • Target

      libgnutls-openssl-27.dll

    • Size

      323KB

    • MD5

      133280fe6cccaf182332686cbe8da167

    • SHA1

      a41131dd38ae4060478bfee5d025485bd87ba077

    • SHA256

      ef8a0c607e3e892050cb720d4e6b0de9bf0a3524757aecc3dfb2125d40fe3750

    • SHA512

      b5f6ea7edd26a86871811e2afeb15afde9b1cbfccd4ce5a6a6de7382c50db42af18ba4fdcf0929ce994630497720589715a60d5605501c6ff383aaeeff355b74

    • SSDEEP

      6144:uPNCai7cC0SsxaBDDHV17rsgu/Ptcd1DmMzWfg3B:uPJiDdAGH19Nu/WdRmMzVx

    Score
    1/10
    • Target

      snmp/mibs/DISMAN-EVENT-MIB

    • Size

      66KB

    • MD5

      6c7bf2eb8aef70b616ed89424e908e6f

    • SHA1

      a50ed173ee70103641a804b160a3f8da2d50e0e4

    • SHA256

      095bf95ad1000b3e97f2eb605f980c58ef1c9881e8be01047ade616b09073365

    • SHA512

      efc75599aca2a12473c2a948627cc51b48eb8e55c5595528b1fd4b19e02042f6c6a82ae5c3b8adfc881d268291b9991890d8cf1007e15ed935a019612573e6d4

    • SSDEEP

      768:U+nF3As7M/xAoiZovDouCwcmTtojoBUuo4TUy:UEVA/nD3o4TUy

    Score
    1/10
    • Target

      snmp/mibs/DISMAN-EXPRESSION-MIB

    • Size

      41KB

    • MD5

      362689166c52ae7fcea208ab537dc442

    • SHA1

      84f0489a6ce458e87c7477ce1ed56b74405a0d76

    • SHA256

      4c379e2b6acec5f523aa70c1c7b5a8d6cc5688daff06d7385f34357bcc96d751

    • SHA512

      1ff08451b45e0cd5943bae4fae5b6601fbc0cb346c0c6f11411096a5d511b5af317605cdd0baee9816af23f1ed7b5c4fbdc06c98c096ade4ba4b8405ab2297e2

    • SSDEEP

      768:IUji4lYvGXAprQOgBZD9hH4GuPqeKReUZFWHpRK+FMba12j6Pr:IL4wGXAiOgBZDz5heKhZopRK+eba12j4

    Score
    1/10
    • Target

      snmp/mibs/FRAME-RELAY-DTE-MIB

    • Size

      32KB

    • MD5

      7aa196b72b4161c6ff37dfa752e089aa

    • SHA1

      b0a1125d499c5070a4980e527adfce76da6dc169

    • SHA256

      7df9f822131b2bce72072e62b47d99a69fd7f844be295e49882e7247012fb9e4

    • SHA512

      c91799625e42eec9cf86814ce5901ce33b6ffc7e5c2f6671c81b4446484d4170f076706901fe9bef23d0dcd70c4261312f19a52d2c1f314b94ff7cb4d815b902

    • SSDEEP

      384:T8zrqLq3HFK+JCgvZw1xttp/ZwfF9fiU9qjlluf:TEkIKOCAw1xbKvlcjKf

    Score
    1/10
    • Target

      styles/qwindowsvistastyle.dll

    • Size

      138KB

    • MD5

      c963a92958bae755dfff9e5626b7a2b4

    • SHA1

      2a1ce9c4380050a76b37fe4137754e6c7df5a700

    • SHA256

      24d193a1770faf3ec5616c517c2fb00dfffb344792fb25c8e4b371c1a1385c83

    • SHA512

      3de2584b971ce4a3d542df881c1c2d6306fdfd441740355df189e6559d06376e6d98670032a035c08346cd7c4166d803f3264ca97e2ebc1633e8b9670fd9670b

    • SSDEEP

      3072:EcKd1HYMSZAcTrvt4www2OmPBxshbge20NMyKsbyrUmVst7sVXg0SU:EcKdGCcTJpXhf20NVKsOrUmVstkgG

    Score
    1/10
    • Target

      tls/qcertonlybackend.dll

    • Size

      95KB

    • MD5

      d734ce348860377c97fff304ff4e138b

    • SHA1

      5984adbba6a33d28cd80965bd3fedc61e8558b26

    • SHA256

      fdceb1feb4e7b1f84649b051afe9a4d2d6c1f56b1968cf540e70aa3fe582ec9b

    • SHA512

      69a2951ea565bb3ac685e7de943ea07574e7db0024027983a148b2cd94f606e50fcda27629b1c9c388f16952c0ce295b6682dc6bb255ca238447e1c279fa1708

    • SSDEEP

      1536:YlXjWRvE58Cy2DoYLaCu1V266s+MwWXFnvXx08rT9hI/TUjgMQLx6c:YtC25v6bKM5FnvSIhI/TUjgzYc

    Score
    1/10
    • Target

      tls/qopensslbackend.dll

    • Size

      297KB

    • MD5

      80cfb22935ae0cd53caf84aaede6a84e

    • SHA1

      ea7fd138fafa57f9948d3058126158e07f3fd1ad

    • SHA256

      ab82ccde75c88fa52744dabf9f96f23571eabb7bb6bb64fe7b073ea9393e47a7

    • SHA512

      94681c47ca2f106a619df385a9bd317e476aeabc8b55e76cf42f70a4271de72120ab176a43c260f53dc5a523340e70e8364e2fa8f61c831d12c4afa0504e90be

    • SSDEEP

      3072:6uhWIJop9PbsCpoBfdWvtYt/DbxqMRMLqDZMVT8PX5bu5hJrze6N8UU28Ik+cDEA:NObsdcvk/fxqSgqOo5KZr66xT8Iu4Gg+

    Score
    1/10
    • Target

      tls/qschannelbackend.dll

    • Size

      212KB

    • MD5

      ae4c9bd2429e8b40632361aafe63ba64

    • SHA1

      c665b1d2e4bbf1b8f862819565f9640055775a8f

    • SHA256

      4648571fa6174e3d6ec7f2003b69055b728cbd0288597e37abbae8c81e10c549

    • SHA512

      5eb0d34e456ad108f3f79087e0ef1b1d723d1bd7617db3025ecca8e370b26daf3359db1878cb58e415790a5f21cb2cb1a26091e63f33fb0ce555a09389de55fd

    • SSDEEP

      3072:MzULkZWS3lsIY4TuAYS8npM3TnHSdSmtebGPc39rpri0hZ1NL8sZDJxfKTga:MYapIZM3TnHAmHrdNZDJxmga

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

discoveryevasionexecutionpersistence
Score
9/10

behavioral2

Score
3/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10