Overview
overview
7Static
static
3Frost Laun...s.json
windows7-x64
3Frost Laun...s.json
windows10-2004-x64
3Frost Laun...st.exe
windows7-x64
1Frost Laun...st.exe
windows10-2004-x64
1Frost Laun...st.exe
windows7-x64
1Frost Laun...st.exe
windows10-2004-x64
7Frost Laun...g.json
windows7-x64
3Frost Laun...g.json
windows10-2004-x64
3Frost Laun...ypt.so
ubuntu-18.04-amd64
1Frost Laun....dylib
macos-10.15-amd64
1Frost Laun...er.dll
windows7-x64
1Frost Laun...er.dll
windows10-2004-x64
1General
-
Target
Frost_Launcher.zip
-
Size
29.2MB
-
Sample
240522-dmra4sac82
-
MD5
8101c955d05231a44cfdaeceb6fe8b3e
-
SHA1
9167c3b0511c20e2e4a814330fde41ba9c8fd294
-
SHA256
51f1c56cf6078e15d05e0ccd8a373db6cd114a574f0e3d1f8f55e5d50022244d
-
SHA512
4200bf7141760d472d404a93207d60f2151b1508916cea14c80888d077714e04c7a848853da07227c4006d7a0afd1eb73f1de4a7f8a89b786e9c82a50ddc98e5
-
SSDEEP
393216:aGs3C2bvihplLtWeJBX5EDc4h+p9KUh2QOXHlKSWpUAFUL7gIfjiQy:aGsS2bvqJG3aAq2QO3MvLWHgCjiQy
Static task
static1
Behavioral task
behavioral1
Sample
Frost Launcher/Frost.deps.json
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Frost Launcher/Frost.deps.json
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
Frost Launcher/Frost.exe
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
Frost Launcher/Frost.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral5
Sample
Frost Launcher/Frost.exe
Resource
win7-20240220-en
Behavioral task
behavioral6
Sample
Frost Launcher/Frost.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral7
Sample
Frost Launcher/Frost.runtimeconfig.json
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
Frost Launcher/Frost.runtimeconfig.json
Resource
win10v2004-20240226-en
Behavioral task
behavioral9
Sample
Frost Launcher/runtimes/linux/native/libmongocrypt.so
Resource
ubuntu1804-amd64-20240508-en
Behavioral task
behavioral10
Sample
Frost Launcher/runtimes/osx/native/libmongocrypt.dylib
Resource
macos-20240410-en
Behavioral task
behavioral11
Sample
Frost Launcher/runtimes/win-x64/native/WebView2Loader.dll
Resource
win7-20231129-en
Behavioral task
behavioral12
Sample
Frost Launcher/runtimes/win-x64/native/WebView2Loader.dll
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
Frost Launcher/Frost.deps.json
-
Size
110KB
-
MD5
9699d34e46914de2d30b395067993ac8
-
SHA1
5e91128624473ca2b33119145c55934d23bb1f7d
-
SHA256
4f86617970999a75562521ccd1452f7c61ae1366c77850fb5a60d758830d7336
-
SHA512
f2832795a642a5ef2cc5abc71ab7ffda0cf872b8a86218821220c428b3acad44e4734759a5bbf768954c35e8028fbb211751d5e558048261e6b87a6995679fe8
-
SSDEEP
3072:qX+CROPbt9lcu72usgveq9eRyhzOqQ04CZJSopI2Pw:rIP
Score3/10 -
-
-
Target
Frost Launcher/Frost.dll
-
Size
48.1MB
-
MD5
8d3fd8d5efa68cca127acb900e87e1a0
-
SHA1
af3379143326ab8bcbb1698bd6a1d2d7ad5883ca
-
SHA256
9a421c21ec3d8d4cf31764f773d21ff79ee1fd97bcb3e09f0e359b99cedca62a
-
SHA512
0f7666a2fc82cc843b205c3edc7fc82db57d8a4ebae1d6b93bb6d6cf8b4e8a68ace8bf78eba138d548f424f5c5fff007c061b7d4c3349d47126565e5e9c4b0a1
-
SSDEEP
393216:tbE7xuFpFU54idtMPD9scPj1pO8M/mxy4Ms5ZBINOGAer:tbEQFpFm4WaPZe/mx7+NvAg
Score1/10 -
-
-
Target
Frost Launcher/Frost.exe
-
Size
164KB
-
MD5
a2cc9208e378127a28374ea4a9d11768
-
SHA1
a1a78cac58651b33cc2cc1df11e8fcf677dcc505
-
SHA256
ccef6ac06941ca93eb7fbf653b95bec478fbe6cf2513482644b2fddb01f79b3c
-
SHA512
c424040141e4ce9264417526fd21a1eee40264a831c37e47311035f559fb617ad429d811c0d71cd5f0189ee9a163e84673c53a567bbaab0c38a04652c780c9aa
-
SSDEEP
3072:xczkitvo4BpYN/6mBPry8TXROLdW5m4mUR59OOGs0kGXpDE2kb:xA4NCmBPry/N2lOO1iE
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Registers COM server for autorun
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-
-
-
Target
Frost Launcher/Frost.runtimeconfig.json
-
Size
372B
-
MD5
d94cf983fba9ab1bb8a6cb3ad4a48f50
-
SHA1
04855d8b7a76b7ec74633043ef9986d4500ca63c
-
SHA256
1eca0f0c70070aa83bb609e4b749b26dcb4409784326032726394722224a098a
-
SHA512
09a9667d4f4622817116c8bc27d3d481d5d160380a2e19b8944bdd1271a83f718415ce5e6d66e82e36819e575ec1b55f19c45213e0013b877b8d61e6feb9d998
Score3/10 -
-
-
Target
Frost Launcher/runtimes/linux/native/libmongocrypt.so
-
Size
11.8MB
-
MD5
45b91603d0d8a443716a5be02da0b0a1
-
SHA1
89fde1402b4b67b6ebf672024b31d053d7733030
-
SHA256
43a6d8205796c8f8f64a0299171485a0b26561a3d2d934fc5247f6ae45eb087c
-
SHA512
b72038250bc497c820cb9b0dc17a0972095978cbf75bc8860b927213d63b730514d89242c1a33ed6d3f3cd6075a7021d469496a582c64d4c1b1ced0e118d967c
-
SSDEEP
98304:osgYUM3VO7Krb8nGzOKrb8gGJIZutt2+ySirY8S2JWLl3a326zD/jrf:P4JmOJ+UsTS2JK
Score1/10 -
-
-
Target
Frost Launcher/runtimes/osx/native/libmongocrypt.dylib
-
Size
9.2MB
-
MD5
39d1ebfca75fb6bd3b98f6539b36c648
-
SHA1
8bf47119cab62375071e9849e6e2f53db387453b
-
SHA256
208f78bc7c109080c3aac9cd268f2af1f82e9b53035d22b8b5a49f70ef0603d9
-
SHA512
63d8d606159f7c67c414fc7155202c26cebefaf71506e4a0a9d7ebf7ad0c02485e20e79708bf583f7e3f0000f09d916e1d0df1346a9253ab4022d9b020e9d21c
-
SSDEEP
98304:yr1WotAfoOG5/GBKrb8mlGGKrb8O28wvcdjYzube4+nYXJTKZO/GBKrb8mlGGKrs:IGJmFJjzUdjYzube4+nYiJmFJjDqm
Score1/10 -
-
-
Target
Frost Launcher/runtimes/win-x64/native/WebView2Loader.dll
-
Size
157KB
-
MD5
0057ef6dd4730d1cfc12ccc138800c6c
-
SHA1
f3a9acab220ffc681c22a17bdf4c1b17e6f70617
-
SHA256
0e0245c64d871097a92b1c70f38370c567460d19cd2fe3d877dfe30af9e8a5b1
-
SHA512
2ef2546eeea276c58e352c77f7ce18d9f38adab73f705f6e6899ba3371c2187c71264a59769c9e29484449e7242f3df7626d01596a812f13fe56c633a588e5fa
-
SSDEEP
3072:k0DBw62qj7ncwBxNnTkXmQmm8ylt9cD+8SjLThCEtcuVuxSpUb+fTCwJQ:DDdj7ncwB/GU4t92Etc+bUi2mQ
Score1/10 -
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Event Triggered Execution
1Change Default File Association
1