c2fc663f23d734380807de7b7f5897376cdc1e3cd547d51ab515a3a4e72ab073

Sharing

Copy URL

Twitter E-mail

General

Target

PrismLauncher-Windows-MSVC-Setup-8.3.exe
Size

18.1MB
Sample

240522-xyyzwadd56
MD5

d03e25e914d36f2375c28ed0ee277432
SHA1

fc9b209ac8272e91c81df60cc97c4cbcada6f149
SHA256

c2fc663f23d734380807de7b7f5897376cdc1e3cd547d51ab515a3a4e72ab073
SHA512

f94b595188b2b1a8f6bf5f30a0d1d8fb1dd57e7e66519a77e9dd6c79ad606a585b134fb6b9a8efb301afe91e117b4d8b7551133a6d658e0eb399ea18e191d6c3
SSDEEP

393216:CNnQQvlCZznocxWjGHuoeoKn/ZwtI4Np+uH5Xw7nxQPY1DrnQDtZqw2MQjgXjc:CNnQQvMBocxyGOo/Ixb4v+uZjqPQDtZa

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  PrismLauncher-Windows-MSVC-Setup-8.3.exe
- Size
  
  18.1MB
- MD5
  
  d03e25e914d36f2375c28ed0ee277432
- SHA1
  
  fc9b209ac8272e91c81df60cc97c4cbcada6f149
- SHA256
  
  c2fc663f23d734380807de7b7f5897376cdc1e3cd547d51ab515a3a4e72ab073
- SHA512
  
  f94b595188b2b1a8f6bf5f30a0d1d8fb1dd57e7e66519a77e9dd6c79ad606a585b134fb6b9a8efb301afe91e117b4d8b7551133a6d658e0eb399ea18e191d6c3
- SSDEEP
  
  393216:CNnQQvlCZznocxWjGHuoeoKn/ZwtI4Np+uH5Xw7nxQPY1DrnQDtZqw2MQjgXjc:CNnQQvMBocxyGOo/Ixb4v+uZjqPQDtZa
Score

7^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Modifies file permissions
  discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  4add245d4ba34b04f213409bfe504c07
- SHA1
  
  ef756d6581d70e87d58cc4982e3f4d18e0ea5b09
- SHA256
  
  9111099efe9d5c9b391dc132b2faf0a3851a760d4106d5368e30ac744eb42706
- SHA512
  
  1bd260cabe5ea3cefbbc675162f30092ab157893510f45a1b571489e03ebb2903c55f64f89812754d3fe03c8f10012b8078d1261a7e73ac1f87c82f714bce03d
- SSDEEP
  
  192:VjHcQ0qWTlt7wi5Aj/lM0sEWD/wtYbBjpNQybC7y+XZv0QPi:B/Qlt7wiij/lMRv/9V4bvr
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  1d8f01a83ddd259bc339902c1d33c8f1
- SHA1
  
  9f7806af462c94c39e2ec6cc9c7ad05c44eba04e
- SHA256
  
  4b7d17da290f41ebe244827cc295ce7e580da2f7e9f7cc3efc1abc6898e3c9ed
- SHA512
  
  28bf647374b4b500a0f3dbced70c2b256f93940e2b39160512e6e486ac31d1d90945acecef578f61b0a501f27c7106b6ffc3deab2ec3bfb3d9af24c9449a1567
- SSDEEP
  
  96:o4Ev02zUu56FcS817eTaXx85qHFcUcxSgB5PKtAtoniJninnt3DVEB3YsNqkzfFc:o4EvCu5e81785qHFcU0PuAw0uyGIFc
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  7KB
- MD5
  
  b4579bc396ace8cafd9e825ff63fe244
- SHA1
  
  32a87ed28a510e3b3c06a451d1f3d0ba9faf8d9c
- SHA256
  
  01e72332362345c415a7edcb366d6a1b52be9ac6e946fb9da49785c140ba1a4b
- SHA512
  
  3a76e0e259a0ca12275fed922ce6e01bdfd9e33ba85973e80101b8025ef9243f5e32461a113bbcc6aa75e40894bb5d3a42d6b21045517b6b3cf12d76b4cfa36a
- SSDEEP
  
  96:JwzdzBzMDhOZZDbXf5GsWvSv1ckne94SDbYkvML1HT1fUNQaSGYuH0DQ:JTQHDb2vSuOc41ZfUNQZGdHM
Score

3^/10
behavioral7 behavioral8
- Target
  
  Qt6Core.dll
- Size
  
  6.0MB
- MD5
  
  46a0dbd38cb28d8e79c80c9a033f6ae9
- SHA1
  
  1be5f3e78485f9b08e32346f13155a94001de50e
- SHA256
  
  225bd38093416c825f2e3220213f64e1079e9ab20f4738decc0fc6eb992e8a9e
- SHA512
  
  3fb62bce7b1d5129237914269aa3dd9a24f9e797927f2f4f937a0a291d357a40ec51b9c829094dc0bae1edcd6c580f1c9a03ca2c84d5526599c3608246f00bd0
- SSDEEP
  
  49152:u2CQUPAGYdJn+5Im58kP6zNqVJLACl5D4CmV684bbTx5Hdr6Ek11RzVSGlgO2v8C:JJGA1rStYqo49KFdu9CwJsv6tjf/33VX
Score

1^/10
behavioral10 behavioral9
- Target
  
  Qt6Core5Compat.dll
- Size
  
  851KB
- MD5
  
  e50b9b3fa16362c86a40e6255c6b45e7
- SHA1
  
  fa8ce8fd6d4415abdb67597735575dc83a8fc634
- SHA256
  
  c95ab3df8dc0bfd92925b7b8b51bce859ae09008691874a5c6f5630969557564
- SHA512
  
  03a8ac0ae14e8420dd9fd91bc1619d072882d152127b3f2f1c6f7e670b7c54c524490e7c84a7cd0b76e2db413439a1ca55c4e03416fd6beb47b1067c3e960cba
- SSDEEP
  
  12288:xbqiBp2WMX7t4i8ZOOSD5RC940wGsPGE/4717VKIyBDPzHkSDGGJf6bfOGQyMjDu:JeWe7t43veC9UG8G7VeDPTMTfnMXh4
Score

1^/10
behavioral11 behavioral12
- Target
  
  Qt6Gui.dll
- Size
  
  8.5MB
- MD5
  
  7875aad0d0d426e9d1b132a35266de32
- SHA1
  
  8b7656e3412ae546153d2d3df91a6ff506d64749
- SHA256
  
  fc2464f62d7915ddeaebb5490bee6d60e7b42ad5a223d5812f0993c27c35be19
- SHA512
  
  9fa16c5c628f2e9b242323aed4c1aa70f093cee9f341ac61640287ff9be8663658f502769e037a8409943d3c9ab826bb1c6f88532f0fbacdaea28b2353cdfba9
- SSDEEP
  
  98304:xNydcIXNBZBRhOWJDzxMv6n/aSu0shezBE4:xRIhBRxJDzY6n/nu0WeB
Score

1^/10
behavioral13 behavioral14
- Target
  
  Qt6Network.dll
- Size
  
  1.4MB
- MD5
  
  960f50470059381c65833145036fef29
- SHA1
  
  270e230bfc9248e5ecff9ea8dfbc5f1066df02ee
- SHA256
  
  1071f4f88c65317401bf93a2ffb55e661adcbb84f05911879ab21a6656521a68
- SHA512
  
  cb0a0d63aaae1b9646dad722759b1c53b36ed13a4231a30b054f6124bcc69e7285c5777ab6bbbb8296756d6c31fc94e735db42c5155db35274e0ec25c1406582
- SSDEEP
  
  12288:DVf2kuxdwo86ZrLlGZHLcCzIOLDjl4LgtMEmASO3xMBgt2qAa:DRDuxdwUZnlGOCzQkMp/Bgt27a
Score

1^/10
behavioral15 behavioral16
- Target
  
  Qt6Svg.dll
- Size
  
  377KB
- MD5
  
  67a888c61e6f1dceefbde7287e80e59d
- SHA1
  
  4cbd1ea71ca25a6b87c64c163d1fb3e61cdacc2f
- SHA256
  
  22c48c35d9915bc89b13d2dca91c74b8531989a887faf642c795bf593e00306a
- SHA512
  
  aab6f980e0b397fd7e8823370ac398d108f20a2f5c3ca052391a7c753ef77c82d94e0a37d64bc708aeb5c95d31e534faa1a6a7582d80fc285325acaec226f1e9
- SSDEEP
  
  6144:NrCsrknzH2m/rXsu5ea8r/c55qah10+9F+Yw5UibIyj:Nr7r+TTD8r/oqaJoIy
Score

1^/10
behavioral17 behavioral18
- Target
  
  Qt6Widgets.dll
- Size
  
  6.2MB
- MD5
  
  34abb42b63e71b09b72b48cf5b1dba53
- SHA1
  
  9f3111aab57a5f28a4ce9bf82ea208fa3eadb9a6
- SHA256
  
  c71e65b882a84f47114590784a256f14ba19202ec30b218ce4841b2c7256060b
- SHA512
  
  06acab5a04a5d3e6834ddc95229758d4adc7a7f0ef003c80e8d59a8241e295b196aceacce20c88879e1676405a2538d032ec6ac543258538e686878fb29f77f1
- SSDEEP
  
  98304:RCOQZE8fxqbA2SwuevAGcYYaCsGf1e5A64N9m3JL:RCOQa8fxqsKuevAGcXacIW4
Score

1^/10
behavioral19 behavioral20
- Target
  
  Qt6Xml.dll
- Size
  
  151KB
- MD5
  
  7fcfa82dd4a01915622c14931cc585dd
- SHA1
  
  079736f39ed5791df528fed5a12456285bfa1f18
- SHA256
  
  8b772f5f227b266c47655d02843bf51be6c50729acc28db7dced488d62f7ed4f
- SHA512
  
  caf98eecb1c57789b91dbef88c3f908f0652d29d93ae335526987a47f791d565e67e25ee4643abd006a39b2d9533449672c2c21df23cc61d77032c3cd01d6f39
- SSDEEP
  
  1536:mwnpe/AQ7BlrQR2d4KQfKlxQYCfmh2DGFd7ZsSCLVFEIK0qwxDqyDzbYTOj9AIKG:xIAQ9YQ47KsYAJGFNHCTRqipzvyP7Kvt
Score

1^/10
behavioral21 behavioral22
- Target
  
  iconengines/qsvgicon.dll
- Size
  
  69KB
- MD5
  
  b57d0218475b81560454e6c0a1a6d9c8
- SHA1
  
  21206763e7121d4792bbf24075c6f6e27c2c11db
- SHA256
  
  8ab3b526b35a0dec08b4042da70f942b3b5f4d413ad4035c691f972b2008778e
- SHA512
  
  83464c21073edddcd77dc0978257bf13554ef01825672b60081d9d4ee5caefffe9ed6fbefda0bc7bdc413925b9265981a994195700190cd81cf6b1c93810e891
- SSDEEP
  
  1536:UzibTbDQn6wcma+mHKT6IQubV5awlhBlfbnCMmbizDRT9WcwgKxngep6v:UObTzq6IQubV5awlhBlfbnCMLzDRHZKe
Score

1^/10
behavioral23 behavioral24
- Target
  
  imageformats/qgif.dll
- Size
  
  47KB
- MD5
  
  000b3771b3dcf0d7eb72750edd80a192
- SHA1
  
  35506ee878b8ad21dbd35876baaf586c30152b71
- SHA256
  
  6ff0b57822dae5132e1640afe4f8fd6b75e21cf3f1eae53d70373c25a5506581
- SHA512
  
  4472089f5524172fcfd8d2f8acbf67a3f22b08f788b52d8f42d2736d050cecb87215a9b8d706baca12d5916d3ff79bf57420766746c2484981d679239b3f2924
- SSDEEP
  
  768:/ONXrIbWKNNy/Qq0rvEx2eVG5bvUbBy+oBS/oxgKxnVbGYJlWLNBf:WJrIb9KQOVG5eBy+oBSQxgKxngekf
Score

1^/10
behavioral25 behavioral26
- Target
  
  imageformats/qicns.dll
- Size
  
  55KB
- MD5
  
  b8466ebadaac59acc5fffb674fcc81c0
- SHA1
  
  d40349f19c85405fac6d027008a47a51de9e82f2
- SHA256
  
  79b31f4de8f3d4ae02d1115e4ec384aad568b4fba8631b5a01a578c42748df19
- SHA512
  
  ddecf05443bc19b95bbb654b7ea9417a26f37b9c8a293d16fcd6e817eb984baf0497e183acfe91096e3b1f6367e827fa3833b0a90fb964671af014c78e9c16d4
- SSDEEP
  
  1536:YjQEXCukdHgnHhuS+JJXGAjTaO5HjzbgKxngec9r:YsEqgP+JraO5Hjz0KI1
Score

1^/10
behavioral27 behavioral28
- Target
  
  imageformats/qico.dll
- Size
  
  46KB
- MD5
  
  c64789dba4e2aa3bddf17bfa89e7ab59
- SHA1
  
  d5914f9eede38dda3e16c4299fce8016799b28d3
- SHA256
  
  bceee911a3ffc1ed7b09a9d79374053fa813a04a22c40b0a4984b845582e3e8f
- SHA512
  
  31e5a009284867a591ac9dbce92bddbd8b914133bb03b327984edfc4c3f4329a08238b1a239e7408d8efc715ff23acfa91723720879ab8fd4a2619e948ab5683
- SSDEEP
  
  768:f0hZMxD05ahDHpeNoU3LPepnzGn+J7wnZ2gKxnVbGYJloNb:cU052peN57PeRzGn+J7wZ2gKxngey
Score

1^/10
behavioral29 behavioral30
- Target
  
  imageformats/qjpeg.dll
- Size
  
  552KB
- MD5
  
  3aba46b716d9cb3b99efad42ed7970ee
- SHA1
  
  aeabe030389dff2fec45797f3f726bc2bfbe4f8d
- SHA256
  
  03ebe96116bf6e98fe967f046e62ab269ff863a3bf4dc9a817e0704b6199899a
- SHA512
  
  7e750950f4d9a31f56c3a54bb363711b6326ed42ac09a21da41fef5c78c18b4ab6fc21e340f7660c8a8b8444903dc52a258207abb6b40176b5142c7091a83e7f
- SSDEEP
  
  6144:BIrdnEH48pRZgGBj+3H2WR8Po8M7Kbm7/1HLh6pkUj01SwbnyEPz/cN4XA11CUBN:eRGZhkUuSeFZ6464DJvAT
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

T1222

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

Modifies file permissions

Checks installed software on the system

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32