ae0d9681cc81177d2fa976060a38ad7cc819b363da0192bca2620f6f285c47cc

Sharing

Copy URL

Twitter E-mail

General

Target

processlasso_portable_64.zip
Size

6.5MB
Sample

240602-lpzn9sac48
MD5

f6d14295c0c0f5190f07b1602d76927f
SHA1

d188e3ec1d6c87712c0ff6b1d184de3f4c54cb9e
SHA256

ae0d9681cc81177d2fa976060a38ad7cc819b363da0192bca2620f6f285c47cc
SHA512

b8af6142e22960f267f7539d7719bf7b134cb9135095e62a7870728612df0e188f1d8a64019074bd0d42aa164a39fe48041ee857dd92d967db2b07d3987437f1
SSDEEP

196608:IuUFIEMx5Q5V2W8CerGWnw8d0Dd7Pj34jfo2GNheUXo:IfIFxrWfeg8Wxj34MQUXo

Score

5^/10

Malware Config

Targets

- Target
  
  processlasso_portable_64.zip
- Size
  
  6.5MB
- MD5
  
  f6d14295c0c0f5190f07b1602d76927f
- SHA1
  
  d188e3ec1d6c87712c0ff6b1d184de3f4c54cb9e
- SHA256
  
  ae0d9681cc81177d2fa976060a38ad7cc819b363da0192bca2620f6f285c47cc
- SHA512
  
  b8af6142e22960f267f7539d7719bf7b134cb9135095e62a7870728612df0e188f1d8a64019074bd0d42aa164a39fe48041ee857dd92d967db2b07d3987437f1
- SSDEEP
  
  196608:IuUFIEMx5Q5V2W8CerGWnw8d0Dd7Pj34jfo2GNheUXo:IfIFxrWfeg8Wxj34MQUXo
Score

1^/10
behavioral1 behavioral2
- Target
  
  .portable
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

3^/10
behavioral3 behavioral4
- Target
  
  CPUEater.exe
- Size
  
  542KB
- MD5
  
  642851047415c717958b2c3493458516
- SHA1
  
  19fcee849d078db1668e8e7d15a5796c809e687a
- SHA256
  
  1fd4ef353f132e39cc12c579a89e30f6ad70ff17ee88d224b72b0fe127f0a228
- SHA512
  
  6f792a579f76a6b1400f9674a85c3615402cfd6f0a32023f177b9a565d309c2222ccb41f308d2346f1c0df9bf7fd9f9e35794b0915700519e64e370afb6c1a0a
- SSDEEP
  
  6144:tLIri5CCZNIEtOnZ78lY/MDvWifR140/6pD1nglbEYoeEthmz:tdCgNGZ78lY/AOBFg9EW4mz
Score

1^/10
behavioral5 behavioral6
- Target
  
  Insights.exe
- Size
  
  778KB
- MD5
  
  61d0519c35b8186d2eafc2f6c71e36d7
- SHA1
  
  ea647169f747444d6d14049eefb0d40bdde8dd34
- SHA256
  
  d55373c7f2a98869483c0824841c0b20f247531f6a9a5caf4a1b34fc58588ed3
- SHA512
  
  ac91401d4d3dca0ffe912b7d06a37c16bf65f436cec3cd1d84853310caa02079871be24f39c19eb1f46959d3ace75138715d0482862ad517a9ac8d8d2e22862f
- SSDEEP
  
  6144:q9MP5JgvGggbadkJWJtZhBM/8RHQiszv05OrrE1GJCo2VV/ya31PMAWFW8fL:3P5SGggbdE7BzH3szvRP2VVXLW48fL
Score

1^/10
behavioral7 behavioral8
- Target
  
  InstallHelper.exe
- Size
  
  853KB
- MD5
  
  f9c34071a07cbc300c799fe65fca3984
- SHA1
  
  9c27020a84111a185d0a85d81fef331e22aac088
- SHA256
  
  50ee937767d63e604a9c49d26160c1a224969cbf6bc8d71629c2e2762f6f3d1f
- SHA512
  
  7fdfaae4c905f260da150d89ead67f0cafec07708ac7a29b3cde851400257718b3e823673596b326bec9de44c9a7a62c948064782574ad02970cc6561af9cb08
- SSDEEP
  
  12288:xw+ZXzFJhyA2bosFOFGYDWEeLh7yo48f3+:mOFJhGbosPwWEeLBy2f3+
Score

1^/10
behavioral10 behavioral9
- Target
  
  LogViewer.exe
- Size
  
  752KB
- MD5
  
  d7a2ddd47f3447b8b98dd50e3550d049
- SHA1
  
  fcb563f3da07524f16bd243102bac40a0d359b26
- SHA256
  
  f592b80ef89b01f19fa17cbaa918a7f80ca0fdfbe09234ca84b613756eff392a
- SHA512
  
  22076abbd77fb717bbd23735cd23682b3ee6f2a14357536059b903a9e9791809d09f88716fa11e17eb02379729705ab6954197280ebecc82bc2c226f356e1991
- SSDEEP
  
  6144:PKHprMS9Vyg6Xl1gNP3RW9Qj4rP47WsCvqZ6ihO80oHpvB:PurMS9VFq2BW9Qj4MeB80oHL
Score

1^/10
behavioral11 behavioral12
- Target
  
  ProcessGovernor.exe
- Size
  
  936KB
- MD5
  
  188915b086edb404602bf83faba84080
- SHA1
  
  4cd4ddc39ca6571a2ccf4cb7b4f72fd62fe35478
- SHA256
  
  9e200c3af08903108b0f415d1670ef359512727e9163b0541f76a351954afe65
- SHA512
  
  99e98fda82cdba398320845807aeceec0a1b7c43a666c1c75743c83a2b2e4f75d9bcf991e0c4af0888e9fe9bf2ce5ab646c852817b13eeebec1960de10ea9652
- SSDEEP
  
  6144:PimshA8pyCod0+nsoj1+aRlkREib9yegspqvxLXoZX4RiDaYQ7Vbi/31U4Zssl8r:J48s+55+awb9yeGvtXEu/biD848fN
Score

1^/10
behavioral13 behavioral14
- Target
  
  ProcessLasso.exe
- Size
  
  1.4MB
- MD5
  
  647e7bef91155962ec7e9db850bbc36c
- SHA1
  
  331215dfd78007e3594e058596afb947f5139f22
- SHA256
  
  524b7d70f73f316b8f7fce265344259ae73d5ffd34807e794d0c56331cf991b1
- SHA512
  
  839eec6422cd81b27efd894536c3f641a9379d26118ca348f321433dd339d6073afd3b7b745754bdc554f1e9178e9c4d804b4084996b44468bfeb4d3e10eae44
- SSDEEP
  
  24576:iOYtqbpQI0fTBy1e8NCs7PhE3jCnCnIP53ioVHc4q+uQfTV:RYgOfFy1e8NCYEXIP5SoVzqNQfp
Score

1^/10
behavioral15 behavioral16
- Target
  
  ProcessLassoLauncher.exe
- Size
  
  378KB
- MD5
  
  3252e937a9c366f20097724d96738bfb
- SHA1
  
  5a1b3e0ae98a6dce8916121193fd87476047d657
- SHA256
  
  c566bd110f86608bfb3e6e8a19073a696632d0f306ebf6b54daeea49b771cc32
- SHA512
  
  40a8550c922edd0f4b1c6905cea9d356b6b40c5a186c8b8551498b8896c1212fdee1ff0be42bbd80577324023a1f7e75f3f160cb94a5b316aa92a5cd3a58993d
- SSDEEP
  
  6144:zTe/J1LANFniOHVqOPWQBID7pTTbFW8fP:qJANFniO1PFBID7p748fP
Score

5^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral17 behavioral18
- Target
  
  QuickUpgrade.exe
- Size
  
  471KB
- MD5
  
  49306476fa72f899d9232f676ec30216
- SHA1
  
  1b873d604f3bd02cca97ef71a23223a532478377
- SHA256
  
  e4037b7213bedcb6cc5129764dd18f79cde31720706ab660eba885fd041402dc
- SHA512
  
  f053f9c670d58a259ff655f381fb82394f697e48dc0284211c19e831d856a0717729074e8d38ce6861700f554ea3abdf9a2a61e87d79fe7d9d6b3250e74c3059
- SSDEEP
  
  3072:RFZYjAv2ptOazSfiYs+qGditPVIYLMFEQthbZzdEtVw6KGI5/WW2k7HoZFWKZfT8:RFZn2rXDX+qsGLL5tVw6M/WLFW8f4
Score

1^/10
behavioral19 behavioral20
- Target
  
  ThreadRacer.exe
- Size
  
  521KB
- MD5
  
  11832395ac96e98d2b6bbab3e32e59d4
- SHA1
  
  6ac1b68bd0ab468994786e10d44426d26711e5c5
- SHA256
  
  f4c924441137e9799099fad4a2f16b58397d40f09e978d6c2476f1144146b197
- SHA512
  
  9ac9214c090d97d8f91a7b9a18173ebd87341a16b7cdf7c07a0cf0a9bfd9f80fccaf24abae971022f056ea32a7df23309001f880f3fbb304596747522ea2b457
- SSDEEP
  
  6144:UUWK8hqZR/cEY98DkFTExoWDyayJDJFW8fo:U1rhqZR/TY7gWWDEF48fo
Score

1^/10
behavioral21 behavioral22
- Target
  
  TweakScheduler.exe
- Size
  
  594KB
- MD5
  
  0123816ba391f9b47e1d6ba231ff9268
- SHA1
  
  f5e591f1539355eb46478c3c527230a87250fd3b
- SHA256
  
  67de086693a6e375f2d563499025c7cb9f2beb953b6fb365c06f77d2fa511661
- SHA512
  
  c086c37e3ae81d885e63a3ba62b9058fb50ea00eef40ffc0a957d6f9831c2215ecd89bed0e9c00b1e145b3309303b4f62299169a2fc584ee57f9415778013589
- SSDEEP
  
  12288:owsfwVVMGjYatqBiqGfLCYhDaCFqGsYb02:owsIfMGjYatqBiqGXhmCFqGscL
Score

1^/10
behavioral23 behavioral24
- Target
  
  _Start-ProcessLasso.bat
- Size
  
  119B
- MD5
  
  185077d189c98fb446268f11ddd67c80
- SHA1
  
  f909667122b3669971b42200673eeea9acc6abae
- SHA256
  
  01f21e44dad0a50f44e619c8856596cf09af674a0505012f9ed7f74128b01287
- SHA512
  
  18b894d91ede89f554ed6ad521252f44e7dbcbd4db24c7b717e5361f802b43bd5925b7cf1dcd36533da75f8c43b04afc6ac848dae5226e702e8a2e2e51c87904
Score

1^/10
behavioral25 behavioral26
- Target
  
  bitsumms.exe
- Size
  
  280KB
- MD5
  
  433e2ca79c93180dc8f9bda3a9d6c78e
- SHA1
  
  a409d99fb73b9b29877cdd713b5dc94ff3b4194f
- SHA256
  
  2a91d4b43e134bf495274ce9a7015332a1d286f64d0d6ccdb4a88d3db4056f48
- SHA512
  
  06182759305865e8357fe50745f092e6c4332e8082bbdcc0a096f297b71cced1ab19807d9fbfa782f16f0aea9b5385102f7c50a8db4f0dc717594ac164aaeae7
- SSDEEP
  
  6144:VCLBR0jC/xfTXQxPXRZ99+t/mk1H0InShOUXoh24+FJo6m:wLBRwkxfMxx9+xmLXoA4+/o6m
Score

1^/10
behavioral27 behavioral28
- Target
  
  plActivate.exe
- Size
  
  188KB
- MD5
  
  4d67879090b98010a82ff04cbec6ad4b
- SHA1
  
  66147fa2654dcea4b3ad6ea45d2bb6fd22c198b9
- SHA256
  
  8bc285f83e266b85bf7f55717f98c5739187e4778f7092119316e03874bd36cf
- SHA512
  
  9d2212332d52f4d11be033d2cf2fee06a93855d4e2a539142d36578acea348046d986bcdbe09259054b2816264a935eea03736315d61c9afe0f147fef7b08497
- SSDEEP
  
  3072:/f2zc5l+zlsr3pOcF2wirT4VLXqmUTXORGdzpyTdahoWQe:n2zc5l+zlslOcQRryaPDpMAhoWQ
Score

1^/10
behavioral29 behavioral30
- Target
  
  pl_rsrc_chinese.dll
- Size
  
  1.8MB
- MD5
  
  5db0f8fbddb51e79bbbb39f4fc90d09e
- SHA1
  
  dd88608f3deacad3e07ebfca92b250269c0ded85
- SHA256
  
  f11440c76e8f4defa1a855d9cbeef7856e4295a2774d415684c49ce4b9c0039c
- SHA512
  
  4716457554db3c9453d367dc6d745adaa53b585f5071fed833e7e7b4bc2fbbe10d65ca65c96d1e1d1a05f7e50a14e0684cc2f37ae868fae0b81cb7c7c96dc469
- SSDEEP
  
  12288:3fcH9VWHHFzLX48fh4ZJe6cwTqREewY6fj:3fcH9gfhUHTh1
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Query Registry

T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32