General

  • Target

    Sandboxie-Classic-x64-v5.68.7.exe

  • Size

    2.9MB

  • Sample

    240602-beh9esdh93

  • MD5

    d6d7d9a99e81f65d3a93af5c763f6bec

  • SHA1

    ade28df205b3352d21b89bd506a33447e11fae26

  • SHA256

    baa1b8c345096214d0301a82bb569b358895a7b80c380893a1d9f6cba5956a30

  • SHA512

    92dbaa7e49790f25d290cb17715d8ca9d54945e485b8b5f852a40bf311fe67e394bb24d9195a4127480e73911beda0903fce29973235ae967fd01c1209105e18

  • SSDEEP

    49152:zZOWtyXwGtGeoVo4fTbGx4GxU06AMzU0tMrIRdOZd3N6JzdrSFDqnXL40:zQTXwGtC24fWxVUPzGrEEb3S8FD8Xk0

Score
7/10

Malware Config

Targets

    • Target

      Sandboxie-Classic-x64-v5.68.7.exe

    • Size

      2.9MB

    • MD5

      d6d7d9a99e81f65d3a93af5c763f6bec

    • SHA1

      ade28df205b3352d21b89bd506a33447e11fae26

    • SHA256

      baa1b8c345096214d0301a82bb569b358895a7b80c380893a1d9f6cba5956a30

    • SHA512

      92dbaa7e49790f25d290cb17715d8ca9d54945e485b8b5f852a40bf311fe67e394bb24d9195a4127480e73911beda0903fce29973235ae967fd01c1209105e18

    • SSDEEP

      49152:zZOWtyXwGtGeoVo4fTbGx4GxU06AMzU0tMrIRdOZd3N6JzdrSFDqnXL40:zQTXwGtC24fWxVUPzGrEEb3S8FD8Xk0

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      046074d285897c008499f7f3ad5be114

    • SHA1

      159040d616a056ee3498ec86debab58ef5036a55

    • SHA256

      254c5ccbce59ad882f7f51d0bf760cabde8c88c5af84e13cc8ad77ba0361055c

    • SHA512

      ab7436fda44e340dd5909ddec809c6b569a90d888529ef9320375e1aae7af85afcab8c1c1618551d3fe8d6ae727f7dca97aa8781b5555da759d501d2ccd749e1

    • SSDEEP

      192:+Gs+dH4+oQOTgDbzuNfrigyULWsXXZF/01JJijqK72dwF7dBEnbok:+GvdH4qMebzPY2Vijq+BEnbo

    Score
    3/10
    • Target

      $PLUGINSDIR/InstallType.ini

    • Size

      640B

    • MD5

      46d2e7e6d3d5ee061b5646df6834af33

    • SHA1

      0a18c3a1ddb2cb56abac24c4bd378d3767065290

    • SHA256

      a9a81ca9a2ebec41663e1da4e5d480e6eaf9bcbde266abb9a0770dc9118186b9

    • SHA512

      e344d14d0cc9ef0bb893a821fbaa9ddfcb3d1987c32228ebdae0418b3f1bf7f83435e38f87593db4de0157d45345a9f72e6c1e7ca36a46d13b7e35577292237a

    Score
    1/10
    • Target

      $PLUGINSDIR/KmdUtil.exe

    • Size

      210KB

    • MD5

      baafac8d8ee251bca4edd6ea69a9dd1b

    • SHA1

      51a1e3fc7f4f7eaf5adcd2473f9f0e554df580d2

    • SHA256

      5aa455646a51be2959ed4156634d32fc66fbc01efdf04b6f9e1cc9f9cf14ad9b

    • SHA512

      92d0a14ce4531019ce59c4d1be90fb0448896dfc3945fad21d253b2e38228654b581e9d2fbe181fc84f812fc3c528d0479bc6cbb64ac0fbf1ae94cc6a3ab60bc

    • SSDEEP

      3072:kEE3d21u1+H+CrH9vXrYiBOBPQug8a+QxXVAL8TIzKLPwSfWv:Fg1lCrH1XrYXBFJabBPwSev

    Score
    1/10
    • Target

      $PLUGINSDIR/LangDLL.dll

    • Size

      5KB

    • MD5

      4cdaaf5da900a8eaed090cd22b8f8781

    • SHA1

      6c7d9cfd96e66d236b66b8d50d65083a0dbb1b11

    • SHA256

      09477d605677bea48019b896f068ce6c2e89004e5c5f0a86c0276db30c6515a6

    • SHA512

      3797d59aeb908dcd66c63eca76cb2064416d3b66033dc687bc7a9c50e2979c42ac94773f54bc8ec45a9cd69c8056b83a2bca6efcd703f71a4b5f67e166f1e06d

    • SSDEEP

      48:iV6HAvq8WeMPUptuM4Z+0x/ImnycNSCwVYOY4vnpXTHhHX/JvR0J/of5d2:2yplJ5ZbnycNSCwVYTwFB3ZR0Qd2

    Score
    3/10
    • Target

      $PLUGINSDIR/SbieDll.dll

    • Size

      877KB

    • MD5

      d3d71408021b1387d010aa5370665313

    • SHA1

      96964fe5f5ff893501dcae8be9537e9982793e51

    • SHA256

      2bd7df683baf4fe51303aa3057fd14969b418a8ec42a14dff7f9d12c23d0ccdb

    • SHA512

      8e0872575241c69b4d568ea2da76085cdce308ca7524142e3feaae89457b6bb32d091baf1d48f25a7a8196c724defd3e98cbedbcbf4a254aaa87b85819e062bc

    • SSDEEP

      12288:rTK6eC69xNDKTjGN2gbW3FoW0qoY8qW52HlwI:rTKvX9yeMkWVoWRoEHOI

    Score
    1/10
    • Target

      $PLUGINSDIR/SbieMsg.dll

    • Size

      3.1MB

    • MD5

      3514503abf2a97a66ddfeabfd21396ed

    • SHA1

      31500856c7a5484064dd87c26f5983fd6f32f0cb

    • SHA256

      773a72fcf792f426f9ae0e8889c9d9e765159baf40d734ce59e5bd5fedea736b

    • SHA512

      872e564b8ed9b3bb3b94103215be655a09a81e106cc6afdaf2a30969bd3b95f417b6d79413238f7922f6c3c05fd3d09a05222e9bf889bfabdf8bdc26bca46aa2

    • SSDEEP

      12288:rwVRRirSHvOUvkwOen9QwGLs61U5RXvPtu4HOcDIM2nOPCHT:rsi00wOenL361U5RXvPk4Hbw

    Score
    1/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      10KB

    • MD5

      0ff5120f1afd0f295c2baa0f7192d3f8

    • SHA1

      bde842d5d11005dcb4ff1d4ea97da31865477697

    • SHA256

      4ca5bf1beb4b802914c4d3e2f37861f6ba5ecf969cfeadf5855edf58f647a721

    • SHA512

      e049ffd7aace8d136eee007ee4f8dbc2ae8f3dce79d1c633d9654392240f8215787df8a6d08085257db51f28ff2a8023a13333dda3ea7f9bdc8b9c57b605f0a0

    • SSDEEP

      192:Xv+cJZE61KRWJQO6tFiUdK7ckD4k7l1XRBm0w+NiHi1nSJ:Xf6rtFRdbQ1W+fn8

    Score
    3/10
    • Target

      $PLUGINSDIR/Warning.ini

    • Size

      412B

    • MD5

      4d358b27a971751e0c517061c948d96a

    • SHA1

      04b7bbc12f641edbcf8acb6eeb90508e0d6b810a

    • SHA256

      74ee005ceb920094d99aa274ed37429efe439fbc10e9d238c78db4c836018a17

    • SHA512

      753cae46b7fc94bea26fd479322395951eb64c6a1854bfc88182596a5babffae8fc51d1f36c70630ffa61abb514372f88c4063b50f7b33f9fd53f74f797e75f4

    Score
    1/10
    • Target

      $PLUGINSDIR/ioSpecial.ini

    • Size

      211B

    • MD5

      e2d5070bc28db1ac745613689ff86067

    • SHA1

      282e080b4cf847174c5c11e4f9157b8c338ecb19

    • SHA256

      d95aed234f932a1c48a2b1b0d98c60ca31f962310c03158e2884ab4ddd3ea1e0

    • SHA512

      a50ca2014869629135b54e848f03cb4983ad8029cd811300d02b0fc54de0436185f418fea4d3db888eb0f3170e33a59d486aa885f024ab29e630e9bc0ae1a2de

    Score
    1/10
    • Target

      $PLUGINSDIR/modern-wizard.bmp

    • Size

      25KB

    • MD5

      cbe40fd2b1ec96daedc65da172d90022

    • SHA1

      366c216220aa4329dff6c485fd0e9b0f4f0a7944

    • SHA256

      3ad2dc318056d0a2024af1804ea741146cfc18cc404649a44610cbf8b2056cf2

    • SHA512

      62990cb16e37b6b4eff6ab03571c3a82dcaa21a1d393c3cb01d81f62287777fb0b4b27f8852b5fa71bc975feab5baa486d33f2c58660210e115de7e2bd34ea63

    • SSDEEP

      24:Qwika6aSaaDaVYoG6abuJsnZs5GhI11BayNXPcDrSsUWcSphsWwlEWqCl6aHAX2x:Qoi47a5G8SddzKFIcsOz3Xz

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Target

      32/SbieDll.dll

    • Size

      698KB

    • MD5

      3a146a25de5d716d97ff10fe0263a890

    • SHA1

      c9bb193c151c2c11767e1572ccae426d951e0eaf

    • SHA256

      9dc4936d981a76d9955d046738639f8d42d49735093da16ee6a95155a11a81f2

    • SHA512

      bfd22dc81b66d92a85eb2eec9bf775f36120fee2e2255f6090090101d523d5e57bbac30c803a4116e665879daa258b50a8e199bbbeb992b09a49861b8867bd7c

    • SSDEEP

      12288:QdF3zvvr0W1kRnk4L7pTOaqlg3CeUVgZdNCqVaXCGM5PPep03A:+3zvIW14kw1O9g3CzVAdNCqVaXCXP3A

    Score
    3/10
    • Target

      32/SbieSvc.exe

    • Size

      309KB

    • MD5

      b4c0a56739a0e19420607fa4478f3f5c

    • SHA1

      812489cf499c952f5414abe447884a536bccda2f

    • SHA256

      3f33a3c02fea8b600cf23f7da51e571f5f0080423f5c13b492708b535886f568

    • SHA512

      f64db6143c0df8afb40204877ae4c0c18ca432d2681bc28392cfb9b29f228f94e5ba2a996d3f122b705c06dd6f17a691f7ed2f2b20464d24a67c41337b63c54c

    • SSDEEP

      6144:+mnLX/XlqjiE5BNxO4m4ziCqigC3QD48mUaCue1oYcxnDUWz:jLX/VlehO4m42Cqi/QDxuegxnDUU

    Score
    1/10
    • Target

      KmdUtil.exe

    • Size

      210KB

    • MD5

      baafac8d8ee251bca4edd6ea69a9dd1b

    • SHA1

      51a1e3fc7f4f7eaf5adcd2473f9f0e554df580d2

    • SHA256

      5aa455646a51be2959ed4156634d32fc66fbc01efdf04b6f9e1cc9f9cf14ad9b

    • SHA512

      92d0a14ce4531019ce59c4d1be90fb0448896dfc3945fad21d253b2e38228654b581e9d2fbe181fc84f812fc3c528d0479bc6cbb64ac0fbf1ae94cc6a3ab60bc

    • SSDEEP

      3072:kEE3d21u1+H+CrH9vXrYiBOBPQug8a+QxXVAL8TIzKLPwSfWv:Fg1lCrH1XrYXBFJabBPwSev

    Score
    1/10
    • Target

      LICENSE.TXT

    • Size

      762B

    • MD5

      0d8cd0c582ae66de515fb8bde81a4aca

    • SHA1

      3e4604cba2be3894f33176a873e906a2b788c1eb

    • SHA256

      b4258283b3a0d9d6213e78557149f96d0538fc066d114871a4e23dd1e760c3d1

    • SHA512

      ec5e82df0451e0f9d7efe3d2226993f091c7e9f84aa78c043a6707abe9333cf2760eb96c6903c0508f2d35b269604404c8fc0cd5c1412599ed11cd76fcc7325b

    Score
    1/10
    • Target

      Manifest0.txt

    • Size

      2B

    • MD5

      81051bcc2cf1bedf378224b0a93e2877

    • SHA1

      ba8ab5a0280b953aa97435ff8946cbcbb2755a27

    • SHA256

      7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6

    • SHA512

      1b302a2f1e624a5fb5ad94ddc4e5f8bfd74d26fa37512d0e5face303d8c40eee0d0ffa3649f5da43f439914d128166cb6c4774a7caa3b174d7535451eb697b5d

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks