0993417392ac64907e7906589923664fca44cfb864cc5a55d9bd601d7182d34b

Resubmissions

Sharing

Copy URL

Twitter E-mail

General

Target

setup.exe
Size

120.1MB
Sample

240603-qazsyagg58
MD5

01f362371669800cfbc490b0363dc3d8
SHA1

30e10cb671b8cd7c02ae8285ca5d7e4cd870ff25
SHA256

0993417392ac64907e7906589923664fca44cfb864cc5a55d9bd601d7182d34b
SHA512

678da43044326faec2aacbb9195ae40fc7ff4be3172986f03b2beab624c2397e5e4479436a89a305dd00c94f8d1d01cbb9e1866112283fae50d13675fc678767
SSDEEP

3145728:4te4Ni2O4SbdwCUaBcSruZkpamZKiJqiqD1hm1Pu:J4NizpdwRaBvr8kpB+iHu

Score

7^/10

Malware Config

Targets

- Target
  
  setup.exe
- Size
  
  120.1MB
- MD5
  
  01f362371669800cfbc490b0363dc3d8
- SHA1
  
  30e10cb671b8cd7c02ae8285ca5d7e4cd870ff25
- SHA256
  
  0993417392ac64907e7906589923664fca44cfb864cc5a55d9bd601d7182d34b
- SHA512
  
  678da43044326faec2aacbb9195ae40fc7ff4be3172986f03b2beab624c2397e5e4479436a89a305dd00c94f8d1d01cbb9e1866112283fae50d13675fc678767
- SSDEEP
  
  3145728:4te4Ni2O4SbdwCUaBcSruZkpamZKiJqiqD1hm1Pu:J4NizpdwRaBvr8kpB+iHu
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/StdUtils.dll
- Size
  
  100KB
- MD5
  
  c6a6e03f77c313b267498515488c5740
- SHA1
  
  3d49fc2784b9450962ed6b82b46e9c3c957d7c15
- SHA256
  
  b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e
- SHA512
  
  9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803
- SSDEEP
  
  3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  0d7ad4f45dc6f5aa87f606d0331c6901
- SHA1
  
  48df0911f0484cbe2a8cdd5362140b63c41ee457
- SHA256
  
  3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca
- SHA512
  
  c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9
- SSDEEP
  
  192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/UAC.dll
- Size
  
  14KB
- MD5
  
  adb29e6b186daa765dc750128649b63d
- SHA1
  
  160cbdc4cb0ac2c142d361df138c537aa7e708c9
- SHA256
  
  2f7f8fc05dc4fd0d5cda501b47e4433357e887bbfed7292c028d99c73b52dc08
- SHA512
  
  b28adcccf0c33660fecd6f95f28f11f793dc9988582187617b4c113fb4e6fdad4cf7694cd8c0300a477e63536456894d119741a940dda09b7df3ff0087a7eada
- SSDEEP
  
  192:DiF6v2imI36Op/tGZGfWxdyWHD0I53vLl7WVl8e04IpDlPjs:DGVY6ClGoWxXH75T1WVl83lLs
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/WinShell.dll
- Size
  
  3KB
- MD5
  
  1cc7c37b7e0c8cd8bf04b6cc283e1e56
- SHA1
  
  0b9519763be6625bd5abce175dcc59c96d100d4c
- SHA256
  
  9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6
- SHA512
  
  7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/app-64.7z
- Size
  
  119.2MB
- MD5
  
  f04f5f95598058c55c09a2563cfce218
- SHA1
  
  ec1b2c4ae4c2e18db9d98e459e1402e67741ae68
- SHA256
  
  7b6ecd9fea3af4e643fbcaf76b67ca8bee9bb308d21df95e7995e5ae2d49d43b
- SHA512
  
  18528cddfd2848553959c47777b14f9bd44442bc3677a81ec18c43c6c5199720914658c06b8a09b6b39c29255e9f4185b07f2bbffeb81bc6972662d24f4c199c
- SSDEEP
  
  3145728:Ie4Ni2O4SbdwCUaBcSruZkpamZKiJqiqD1hm1P5:d4NizpdwRaBvr8kpB+iH5
Score

3^/10
behavioral11 behavioral12
- Target
  
  resources/app.asar.unpacked/node_modules/@wickednesspro/bento4-latest/src/platforms/darwin-x64/docs/LICENSE.txt
- Size
  
  18KB
- MD5
  
  822717c53f65e1503299956574d84ae0
- SHA1
  
  0e048c2a27acf34154f978b4a91cba6174c549bf
- SHA256
  
  2d7bde3914d9e1baa7b88bd242c49e09206ab2976a198685b718105d10d0fc90
- SHA512
  
  32fd37e7a267b131fca5db73712f393a45f47a8a16c06353be62727054aa74a9d1787a6e277ddfe70d76147017b5283347a1c5560b62d04524ed631920471234
- SSDEEP
  
  384:+i5Bmhj2PmwERb6k/iAVX/dUY2ZpEGMOZ77o0UDqHZ:qh6un1iYWrTXo0UDqHZ
Score

1^/10
behavioral13 behavioral14
- Target
  
  resources/app.asar.unpacked/node_modules/@wickednesspro/bento4-latest/src/platforms/darwin-x64/include/Ap4.h
- Size
  
  15KB
- MD5
  
  7c255cb94dda25bc0804cb4461942cdc
- SHA1
  
  504d4f2a82effd6c4dcb80caed07913e7e83bcb4
- SHA256
  
  139cb48cd522a1e1bed791bc5067d0de661ac35172ef460bc8ea3c373635e43f
- SHA512
  
  0d1b94e1e981881b8d7fbd6a4064366d9ab0615d902734b7188032d4b77300cf96b0aae0eaaa5b1f33361e3f2b729da629aa8e962d7b2c65b6f761848fc6f77f
- SSDEEP
  
  192:aVjAKLJBrTV8XTmNLa8/rXFvPYYl1LHm0h9uYyKsi8S1qfNUvaFA:IjZL3R8jEa8ll1axi8S1ql9FA
Score

3^/10
behavioral15 behavioral16
- Target
  
  resources/app.asar.unpacked/node_modules/@wickednesspro/bento4-latest/src/platforms/darwin-x64/include/Ap48bdlAtom.h
- Size
  
  2KB
- MD5
  
  2aceed73115566e3aaafc684d346909e
- SHA1
  
  d2886bcbe478190accb0c6f0c2fd923564c732c6
- SHA256
  
  04581beb190c063564eb5ed75b2b3c6a6fb754c7d1dac9af6d1f28deeb4fc3e1
- SHA512
  
  6a23d08f1f14efc9a9b0a8f8c1da1b2a9ad8945dd4eda6d81bf0c7ed758db0ce01951df1b3eb56655303834ecd0fb37c6fbfcaaec5676d49369444117cb4c773
Score

3^/10
behavioral17 behavioral18
- Target
  
  resources/app.asar.unpacked/node_modules/@wickednesspro/bento4-latest/src/platforms/darwin-x64/include/Ap4Ac3Parser.h
- Size
  
  4KB
- MD5
  
  f503e12cfed3593ed0360b6e9c78b051
- SHA1
  
  e63673e6846b1d1ca01365c623d66df643edf237
- SHA256
  
  3a37acd363e581af0335aad986ca0ee489841338b6edf66d229552a9efd60173
- SHA512
  
  ecca7e09e58725ac630661333da354faa8fab9e537cb13a85818fc306056e6678b6c40efa191d619ddc82a4e67f0229591f933e44a9255453ede6c8081f2e7a1
- SSDEEP
  
  96:ACdHnvqhQy7+jy475hsIsjzizpKmDk4f8eD966P6XRLxH:NHnShetPDkCCR
Score

3^/10
behavioral19 behavioral20
- Target
  
  resources/app.asar.unpacked/node_modules/@wickednesspro/bento4-latest/src/platforms/darwin-x64/include/Ap4Ac4Parser.h
- Size
  
  4KB
- MD5
  
  d5902d891b9595a86bd4533ad031925f
- SHA1
  
  eb7bc2b76411c1a320d595a90601d0b50b8a7cd4
- SHA256
  
  d730c43d300b59e304bd4c758254bc90d2682939921bf57df5a7adc73b60280e
- SHA512
  
  c6b439128442c35d8afe7a0454a8758aa42c58263e0efa4a37614c0ed7dc9453b799992423a0579bc3033b9b05f6c1aad292b874ca330f6f81be75272292f275
- SSDEEP
  
  48:aMsQ5bCTwnyIH/IzAy7OuhD5JCG62StkJXkWv/HhvJo4wISTCTcefkYCZI7OScKY:aP2Dj/IEy7Zf7rv/Tgkc67632L0
Score

3^/10
behavioral21 behavioral22
- Target
  
  resources/app.asar.unpacked/node_modules/@wickednesspro/bento4-latest/src/platforms/darwin-x64/include/Ap4Ac4Utils.h
- Size
  
  7KB
- MD5
  
  a81809a31ee67e46471c07812191938f
- SHA1
  
  f06002125cf01f8897488bb1e3647c2da8f6baf9
- SHA256
  
  f15adf76dae1bedad57c575d77a8f1354012d945052000d68f4e39828fcb489b
- SHA512
  
  9fab3040d345415162d8ba248c636b89b7f9f21eea1ee42f5f18d198c3484925446e48e2feb9671c5ca29f5b0532c9bb156306d9c1a7c6884452a46e0fe6b998
- SSDEEP
  
  96:aPEDj/I2UhH4B0M7743AQepg9nT12OEdpCfsEP:asDjA/hFM77aj1nEdAfLP
Score

3^/10
behavioral23 behavioral24
- Target
  
  resources/app.asar.unpacked/node_modules/@wickednesspro/bento4-latest/src/platforms/darwin-x64/include/Ap4AdtsParser.h
- Size
  
  3KB
- MD5
  
  a207406c4621e88362fc1da2689e1477
- SHA1
  
  7a4561fa7b9b0b885530bef9c8993e7dd3827f49
- SHA256
  
  799fb3bfba00c89202cbd3682f542cb64bfed458940fa6c2a22fcb182d7ec63a
- SHA512
  
  e494b394ccf2e6a674b25db15cf2c633aea7242984cdf83d85e2af021ddd0e7f9dbf78208bcb2e4d93088c3cddbf9a2e3b16ae0b75e1cc9afbfa31c205b8567a
Score

3^/10
behavioral25 behavioral26
- Target
  
  resources/app.asar.unpacked/node_modules/@wickednesspro/bento4-latest/src/platforms/darwin-x64/include/Ap4AesBlockCipher.h
- Size
  
  1KB
- MD5
  
  f72f7ebdb149c8d65aedef10d26aad84
- SHA1
  
  42909aef95fb8102da133612e7a0a3890010a3bf
- SHA256
  
  8d5d0d5b2e7f5bb8ebd3abf2918e34f1e0f3b812d8f7618037e25a1db2ecf41d
- SHA512
  
  91d034508f297887d3953cc8b0faa4427601788bdc5607755391578a46b4d79e97fc482fe941c1cd0beb173adf9456206d625fac382eb28070115f2480e80f92
Score

3^/10
behavioral27 behavioral28
- Target
  
  resources/app.asar.unpacked/node_modules/@wickednesspro/bento4-latest/src/platforms/darwin-x64/include/Ap4AinfAtom.h
- Size
  
  2KB
- MD5
  
  d0dec0055cc318b277348c9c8b3c8bc8
- SHA1
  
  a9841235d9546c0eb122614872dc56a7b20ea6ec
- SHA256
  
  831a98682ded3e219224f4513ef60637359e8cfa58d6d250f0575658fa03665e
- SHA512
  
  ee32fbf344204fb4b314fe1f6767af5ec5fcf5145d82c4c3143b51e4e8954f6afa7deb5399d07e2972005d0f50735bc18150f44c308adbecce84e9eb4a023bba
Score

3^/10
behavioral29 behavioral30
- Target
  
  resources/app.asar.unpacked/node_modules/@wickednesspro/bento4-latest/src/platforms/darwin-x64/include/Ap4Array.h
- Size
  
  8KB
- MD5
  
  b68a0928c33baa4f2270b8850a19feca
- SHA1
  
  934e1db5776fdca051c653244a17ceba9e7d1ea9
- SHA256
  
  e5dda9d53d106a66ea44c15c2b7fa0c6aa13d10f6e275768f51ad625bf49ded1
- SHA512
  
  7eb2ee7722780e08bcd9631899af7048fefe254c5b73276f44f0ab9ab82e1e923596d39bb7c4e07a270ec3464f2333fda393cefe0c16c4aa4e8690a73fe2244c
- SSDEEP
  
  96:aZNj/IYtV+y5bZbGnp303sgOu1X9che9CnTS6vswiRw6W9FyH91Jn6P0J:aZNjA0N53sgx1ehrG6vkjpfJnS0J
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Checks installed software on the system

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32