c090a73283cf8d755f4fffe75a1c9bc2a6d2877c40236df15ab6e1ef49830d73

Resubmissions

22-05-2024 01:50

240522-b9gn3sgg21 7

Sharing

Copy URL

Twitter E-mail

General

Target

PollyMC-Windows-MSVC-Setup-8.0.exe
Size

18.0MB
Sample

240522-b9gn3sgg21
MD5

a5f63422cb32f26aff23ddd356d3b1de
SHA1

60a2bcae97d16bbbb37a0a74aaebc5e70f42caca
SHA256

c090a73283cf8d755f4fffe75a1c9bc2a6d2877c40236df15ab6e1ef49830d73
SHA512

556013d92e420a96e5ef7616df77393ebb13cb58db3ed573c5837df172a99e3172582e94d94ecce8d3679d0e105be47166fa8711ad34d3e2371f165c1911b2e8
SSDEEP

393216:2JrHi3T+cqh24voiDZjun5rmoUw6gC9iCnh3Ujqa6pJe4/x:2ZC3icoN9K5J6gC9JnhkEW4

Score

7^/10

Malware Config

Targets

- Target
  
  PollyMC-Windows-MSVC-Setup-8.0.exe
- Size
  
  18.0MB
- MD5
  
  a5f63422cb32f26aff23ddd356d3b1de
- SHA1
  
  60a2bcae97d16bbbb37a0a74aaebc5e70f42caca
- SHA256
  
  c090a73283cf8d755f4fffe75a1c9bc2a6d2877c40236df15ab6e1ef49830d73
- SHA512
  
  556013d92e420a96e5ef7616df77393ebb13cb58db3ed573c5837df172a99e3172582e94d94ecce8d3679d0e105be47166fa8711ad34d3e2371f165c1911b2e8
- SSDEEP
  
  393216:2JrHi3T+cqh24voiDZjun5rmoUw6gC9iCnh3Ujqa6pJe4/x:2ZC3icoN9K5J6gC9JnhkEW4
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  cff85c549d536f651d4fb8387f1976f2
- SHA1
  
  d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
- SHA256
  
  8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
- SHA512
  
  531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88
- SSDEEP
  
  192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/modern-wizard.bmp
- Size
  
  25KB
- MD5
  
  cbe40fd2b1ec96daedc65da172d90022
- SHA1
  
  366c216220aa4329dff6c485fd0e9b0f4f0a7944
- SHA256
  
  3ad2dc318056d0a2024af1804ea741146cfc18cc404649a44610cbf8b2056cf2
- SHA512
  
  62990cb16e37b6b4eff6ab03571c3a82dcaa21a1d393c3cb01d81f62287777fb0b4b27f8852b5fa71bc975feab5baa486d33f2c58660210e115de7e2bd34ea63
- SSDEEP
  
  24:Qwika6aSaaDaVYoG6abuJsnZs5GhI11BayNXPcDrSsUWcSphsWwlEWqCl6aHAX2x:Qoi47a5G8SddzKFIcsOz3Xz
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  6c3f8c94d0727894d706940a8a980543
- SHA1
  
  0d1bcad901be377f38d579aafc0c41c0ef8dcefd
- SHA256
  
  56b96add1978b1abba286f7f8982b0efbe007d4a48b3ded6a4d408e01d753fe2
- SHA512
  
  2094f0e4bb7c806a5ff27f83a1d572a5512d979eefda3345baff27d2c89e828f68466d08c3ca250da11b01fc0407a21743037c25e94fbe688566dd7deaebd355
- SSDEEP
  
  96:o0svUu3Uy+sytcS8176b+XR8pCHFcMcxSgB5PKtAtgt+Nt+rnt3DVEB3YcNqkzfS:o0svWyNO81b8pCHFcM0PuAgkOyuIFc
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  7KB
- MD5
  
  675c4948e1efc929edcabfe67148eddd
- SHA1
  
  f5bdd2c4329ed2732ecfe3423c3cc482606eb28e
- SHA256
  
  1076ca39c449ed1a968021b76ef31f22a5692dfafeea29460e8d970a63c59906
- SHA512
  
  61737021f86f54279d0a4e35db0d0808e9a55d89784a31d597f2e4b65b7bbeec99aa6c79d65258259130eeda2e5b2820f4f1247777a3010f2dc53e30c612a683
- SSDEEP
  
  96:J9zdzBzMDByZtr/HDQIUIq9m6v6vBckzu9wSBpLEgvElHlernNQaSGYuH2DQ:JykDr/HA5v6G2IElFernNQZGdHW
Score

3^/10
behavioral10 behavioral9
- Target
  
  Qt6Core.dll
- Size
  
  6.0MB
- MD5
  
  46c0a1684b64081f45070d7c41b501c4
- SHA1
  
  7fe0ddde9b30c01641515126a16b6d06988aa144
- SHA256
  
  a230faeeb2bcff6e80b7a8fcfb19350a076cc2ed0fa190e16865bfa0c7e9214f
- SHA512
  
  8d29f0b15955c73e9bbb026b5b96d196a219bdd33f9579fc3d5ebc50f6757621477000b0908fe3a191ac830d7c76750db55e2d871284c5060b7e626addd340bb
- SSDEEP
  
  98304:3t7KQI1hPYyEeKFdu9CwJsv6t+1j/3WVF:3sQIkoKFdu9CwJsv6t+5/3Wb
Score

1^/10
behavioral11 behavioral12
- Target
  
  Qt6Core5Compat.dll
- Size
  
  851KB
- MD5
  
  8437fabf510fb31e319500774f55ce10
- SHA1
  
  677d2926708f3cf691aa523ccdac0ee6f0900d9f
- SHA256
  
  bf920ef0eaa78e7f7cb4b9d1499ada88a4180ee0df2477a39ebfde2cd14f2b56
- SHA512
  
  824e737785a6ef5e5a66be4f55f8e304e0ad41330117bb4d22d89732ba6b8e038ee993a6a6dd1aa160f02a056b83b528c47a9f4fe37b79f437c9101972eafaf9
- SSDEEP
  
  12288:PBwoIi67UbEUKxnNdTqQ7qFlICNPGE/4717VKITBDPzHkSUGGIffbfJIp1bEL:or7UbEUKxHpqQCNG7VbDPTRnfJIHbM
Score

1^/10
behavioral13 behavioral14
- Target
  
  Qt6Gui.dll
- Size
  
  8.5MB
- MD5
  
  3b76150f68eee497f84f3cec0c1fbd82
- SHA1
  
  73488761aad3104f1f2ff7d67318f3d70c783c5a
- SHA256
  
  42dfcd4c5fea70cd7cac2442529ab57ae09d5ad6da38cdd2cefd932f6eb5c66d
- SHA512
  
  2b4915ad7edd83360d1071794e9cd503d59da810fcc6cab0652e799c989f8965aa4bd1bf96ac12307582eacb83b3c1641e8d9ce97ed1b8f3da741b2453f1ae1e
- SSDEEP
  
  98304:6aX/98BvOx0NRo91updLKZJ/nZcYBUfQCiOR5Q0:6aulNRM1upduZJ/ZcYsQCbR5p
Score

1^/10
behavioral15 behavioral16
- Target
  
  Qt6Network.dll
- Size
  
  1.4MB
- MD5
  
  7859ab5090780d2d8a3bd67d9594d9d6
- SHA1
  
  908dcb1c397d6172866d040d14e28bdcda99df30
- SHA256
  
  b7839d313a86d413c67c3f57d3adc0d277345d6c9d04b3364e3771a7bd1c8c55
- SHA512
  
  4456c2f780f8d080963855f8775e81fd3de12c17e6d8cc928381be75e8e7b32f152484f5893cbaeaaf2995b671c99fddcb03af2f09a68e5ec4eb0fcf9b5509c1
- SSDEEP
  
  24576:ByPs85QwVlgkdHWhxHLwpHdgc53a50SKGcCVYY1:BaR5tVLMhkHHS7cWl
Score

1^/10
behavioral17 behavioral18
- Target
  
  Qt6Svg.dll
- Size
  
  374KB
- MD5
  
  365ae83f71887535ab064674277e04e3
- SHA1
  
  9d50aba7d490425d7e5507d47175de3ce354af85
- SHA256
  
  4de1a81c070c33a3e48772d7003e3a9454d69951fc4f5da8132ed7a03c84597d
- SHA512
  
  d544bb66a9426e7a6577a8041c844d19ee6aeb9bce11a073e7bd693d68a3e12fc8e24978cfc6cd5f3ffdf30265b62397f42265f71853a2f23d593cfb5829bf7c
- SSDEEP
  
  6144:C0tc98PpG5czgcVjDA4dqBbS0uJuKTZJiXI10+fTnmwk4s/Eo:C0Xn9VHbA+0SuK7vs/Eo
Score

1^/10
behavioral19 behavioral20
- Target
  
  Qt6Widgets.dll
- Size
  
  6.2MB
- MD5
  
  373e8fc6044b19fe2857b71ebf83a3a4
- SHA1
  
  af15b5da48d07c0883170a6089976a29b1d427a9
- SHA256
  
  0f040d7f14e1a6cec10b80d9e90065c2e3b5f8f4aab7a45244dd7327a1bf1c20
- SHA512
  
  9f4a93b946d26118c313719e753a0bdc78bf075a072b74d221dcdf31163f60b92521a8bcd4f5287deea885f7cbfbfb06ae52c60fcf1e7a61ab0f2e00c2a793d3
- SSDEEP
  
  98304:kMh8shJ/KQWlIfwiaptySLjwY4qTxSEuGnEcE:nh8shJ/KQCIoXptySLjwqTcBGA
Score

1^/10
behavioral21 behavioral22
- Target
  
  Qt6Xml.dll
- Size
  
  152KB
- MD5
  
  6a20c7e176d042d849f8a8420e56dd1e
- SHA1
  
  569be8e19bd54c10846ade6f1a3e1c00bc033aad
- SHA256
  
  805c5c0bbcd384428c77719b756c90f901832c45769ee1cd6f39964baace86ad
- SHA512
  
  b0c0b73069ea4b14e4d43548b0ce4d0fff6092a96fa405f83b09ea3f0eecca372f57a4b523dc39b01e12e1815cb35f1d1216ecba7c6d441da76d3460e341bc0c
- SSDEEP
  
  3072:aJNQflr/dqTiGoFTMI3SUkazKvt8AtK4E/:6uDGsFTMlaOvE4E/
Score

1^/10
behavioral23 behavioral24
- Target
  
  iconengines/qsvgicon.dll
- Size
  
  69KB
- MD5
  
  88b03988ca27c2e3cea7d33d699eb17a
- SHA1
  
  f4c71b9e6543ef9a7b183fdec888d7b8a11fc7e7
- SHA256
  
  35e9c2f0e54aed7493e85c8a10e0a620585d04821c6dbe82b9fe48be19ff28a1
- SHA512
  
  2fd59ff2161e68351e59ce80b53c54b525981738c8d80e4af047ad3c5acd9ecf1e281ae812abcf9999ffb2c750c7f09dd98c0b5dd343905ec3af615337e1fb41
- SSDEEP
  
  1536:UzibTbDQn6wcma+mHKT6IQubV5awBeBx3IPIT2k/6JRT9WvsgKxngeLEHo:UObTzq6IQubV5awBeBx3IPITF6JRklKH
Score

1^/10
behavioral25 behavioral26
- Target
  
  imageformats/qgif.dll
- Size
  
  47KB
- MD5
  
  57e51ea5072660adb8874e8cafc62a37
- SHA1
  
  97cc9eaac24ff74c9bf2cd83ef9bec75184578f6
- SHA256
  
  b0d133e6ff9b8c14fd5857189d63abc8b75d291c56d56becc50b43591e4867a8
- SHA512
  
  74c3fbe094da578830a524c669edc7edab0bc15cf7e352f819bd35b0a47cf873d714daeaf505c0b1b45e926d85837a0129da131535140f6f8cff9f6faa4e3b13
- SSDEEP
  
  768:BONXrIbWKNNy/Qq0rvEx2eVGabeUYisZXiRS/8QgKxnVbGYJlBN0EHdFH:gJrIb9KQOVGnFisZyRS0QgKxnge8EHdB
Score

1^/10
behavioral27 behavioral28
- Target
  
  imageformats/qicns.dll
- Size
  
  55KB
- MD5
  
  44dd92a8f16ad189bb44ce8c392e04a2
- SHA1
  
  4846fb107d58c62294891d45ecaa1630aa587545
- SHA256
  
  b8b59ed0443548a45925375699e5d1726bed0c49b5a007d902be7d0f10b20e15
- SHA512
  
  5991487d2d566456ef1316df3f74653406fef7a8f9fa740f3cee11f5612ea59c2313b56c12da21d891088a8cb702af1bda62f0bf055e5b42ba722949d4513649
- SSDEEP
  
  1536:gjQEXCukdHgnHhuSOJCXGXH8snEvTHFgKxnge7EH3SpK:gsEqgPOJAsnEvTHSKXEcK
Score

1^/10
behavioral29 behavioral30
- Target
  
  imageformats/qico.dll
- Size
  
  46KB
- MD5
  
  5c455c348e79fce7d4f1100a5c9e180b
- SHA1
  
  f76fa09b8b6d3c0847181f8a89a89164c2c79ad4
- SHA256
  
  b656af82f086310502673cff15a67400f806acdb820248d19e08d3e4919d90f9
- SHA512
  
  15833c5a119ff84dd0a5447bc29c8a5a9973464ba456d50392a4c79ffe420e857c6ec65aa1b15df07c412aeb47967653adb54fdb3341de076cc9dd31811c8be4
- SSDEEP
  
  768:0qehXuIBpyp7dJ/P891tUtAeuNwJDPgKxnVbGYJlkN0EHV:0LDBp87dJHw1tUt7uNwJDPgKxngeNEHV
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Query Registry

T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Loads dropped DLL

Checks computer location settings

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32