97f6ce221fb5921c55164697f09176f76f65a234f517196cdba347dac1570ee4

Sharing

Copy URL

Twitter E-mail

General

Target

97f6ce221fb5921c55164697f09176f76f65a234f517196cdba347dac1570ee4
Size

2.0MB
Sample

240607-kqjtrseg88
MD5

bf920ebda6d2f27c84e8e252fbb1d1f7
SHA1

401dc63debf78a2f894f76fb60c04abfbc13347c
SHA256

97f6ce221fb5921c55164697f09176f76f65a234f517196cdba347dac1570ee4
SHA512

8065862367dc3e424741dde5dd13025954ef443386c76918c0d737cf8999bb21c2697aab6092fd8a0417465ad71d85919dd734fe4f300183fbc371cb6806da7b
SSDEEP

49152:sUlWUQwxE87vxpsrFpIvq465HHbkvjgs3NbWs+s5YGNDCcat:srUQSPN+TIvF65HEv3NbWs+pzH

Score

7^/10

execution upx

Malware Config

Targets

- Target
  
  97f6ce221fb5921c55164697f09176f76f65a234f517196cdba347dac1570ee4
- Size
  
  2.0MB
- MD5
  
  bf920ebda6d2f27c84e8e252fbb1d1f7
- SHA1
  
  401dc63debf78a2f894f76fb60c04abfbc13347c
- SHA256
  
  97f6ce221fb5921c55164697f09176f76f65a234f517196cdba347dac1570ee4
- SHA512
  
  8065862367dc3e424741dde5dd13025954ef443386c76918c0d737cf8999bb21c2697aab6092fd8a0417465ad71d85919dd734fe4f300183fbc371cb6806da7b
- SSDEEP
  
  49152:sUlWUQwxE87vxpsrFpIvq465HHbkvjgs3NbWs+s5YGNDCcat:srUQSPN+TIvF65HEv3NbWs+pzH
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/CommandLine.dll
- Size
  
  68KB
- MD5
  
  1d859391711a062c5f48212686505a6a
- SHA1
  
  06db312b20ebfd24e1dd1f729d8ee8dba761c8f6
- SHA256
  
  cee8683c16cc43a542cfa1490894f555857eaf031fcdfb1ed7059e1538e21c8a
- SHA512
  
  340224199c171c3d5b9f06d4a9e6159bc7dab79a58324cffbe7f86857b1eef49e5f9d022b4ec907f9475aba334029ccdf06b8b05ec67b197a9c15809cd8ff7a3
- SSDEEP
  
  1536:UZj9JT17qpL/6ePMqBNzrstoJSkrjbgbwzis3hwb7PP3hX/V:Ux9JT17WPMqBNWAkbwzi7bV9
Score

1^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/DotNetZip.dll
- Size
  
  467KB
- MD5
  
  190e712f2e3b065ba3d5f63cb9b7725e
- SHA1
  
  75c1c8dd93c7c8a4b3719bb77c6e1d1a1620ae12
- SHA256
  
  6c512d9943a225d686b26fc832589e4c8bef7c4dd0a8bdfd557d5d27fe5bba0f
- SHA512
  
  2b4898d2d6982917612d04442807bd58c37739b2e4b302c94f41e03e685e24b9183b12de2057b3b303483698ad95e3a37795e6eb6d2d3b71e332b59deeca7d02
- SSDEEP
  
  6144:GuCInHLhJI4FY/ixjci6ychf8xalGQGtSV41kJDsTDDpBnse6OVxLV/Wo0k:UQL32ikCaUS4csRBse6sfWNk
Score

1^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/INetC.dll
- Size
  
  24KB
- MD5
  
  640bff73a5f8e37b202d911e4749b2e9
- SHA1
  
  9588dd7561ab7de3bca392b084bec91f3521c879
- SHA256
  
  c1e568e25ec111184deb1b87cfda4bfec529b1abeab39b66539d998012f33502
- SHA512
  
  39c6c358e2b480c8cbebcc1da683924c8092fb2947f2da4a8df1b0dc1fdda61003d91d12232a436ec88ff4e0995b7f6ee8c6efbdca935eaa984001f7a72fea0a
- SSDEEP
  
  384:wv1j9e9dEs+rN+qFLAjNXT37vYnOrvFhSL+ZwcSyekzANZBJ:w1AvEs3HBLzYn29vYh
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/Microsoft.Win32.TaskScheduler.dll
- Size
  
  124KB
- MD5
  
  9f725ba6eb84f97a3a10d064ecab70e3
- SHA1
  
  ec9636538aea8a0c9f4516478c1d3c232cb490ed
- SHA256
  
  94961a4d686fa65b85b9e56a2a47aa87122c7b4f4ff8a9e7ef881c2a142283eb
- SHA512
  
  3e36dc4f38abb3e92b325616f2ee7aef321f9fe125e38ecc0a0302b10706528d8265046fb18f2f12b65493773ce5345f9b0123c27dcc16707c0b64bb87a68b4c
- SSDEEP
  
  3072:UBCeNh/pcfnLq3wyXYsKRNRwxz+gT37teucRpH00o:UB/w4xQWOW
Score

1^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/Newtonsoft.Json.dll
- Size
  
  692KB
- MD5
  
  98cbb64f074dc600b23a2ee1a0f46448
- SHA1
  
  c5e5ec666eeb51ec15d69d27685fe50148893e34
- SHA256
  
  7b44639cbfbc8ddac8c7a3de8ffa97a7460bebb0d54e9ff2e1ccdc3a742c2b13
- SHA512
  
  eb9eabee5494f5eb1062a33cc605b66d051da6c6990860fe4fd20e5b137458277a636cf27c4f133012d7e0efaa5feb6f48f1e2f342008482c951a6d61feec147
- SSDEEP
  
  12288:p9BzaPm657wqehcZBLX+HK+kPJUQEKx07N0TCBGiBCjC0PDgM5j9FKjc3SH:p8m657w6ZBLmkitKqBCjC0PDgM5CH
Score

1^/10
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/OWInstaller.exe
- Size
  
  298KB
- MD5
  
  bbac8c6550a77b63e858f50173d43e95
- SHA1
  
  a4b400e8538248b33b49e2d483be44f906d37b2a
- SHA256
  
  185e840fda52ea7ea3ae4e4f895be58f4c922469e59c472b1065efe7f5eb9b09
- SHA512
  
  f3e602e9e187fce546cb71929f07d299958c3411486d39668cc4374fba88acf375b6c6fd1436843f75b944944a663b46c9ba3cd2338ed3fa708dbe4bf55922d9
- SSDEEP
  
  6144:WpatEos7K0ICLs17TUOgFR5bu09bFyoSIm900lzq2lSlplKWcme:WpatqK0c7IOgF7qFoSU0vS8/
Score

3^/10
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/OverWolf.Client.CommonUtils.dll
- Size
  
  645KB
- MD5
  
  6a45b1f51b619ba08761fc91567bf0a7
- SHA1
  
  4c29b1915dbc859ec462d13bfca7f77a9985133c
- SHA256
  
  4ad3ecd0591f8dad217d5d99e11d809cc699c28f55296845148254f6fce69828
- SHA512
  
  8fd3c507338bee22af8a74922e1deb28e928734f208cea667bd12e434ec23636c77ccc4d33e9d7c9fefb87715dbe6dfaf75011c3a01619a5050656aad85a3419
- SSDEEP
  
  12288:EITQrrPbOtLhAQR0tYu1HWrw1B1q/Tw25uKEe:dt4tY4WqCw3KEe
Score

1^/10
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/SharpRaven.dll
- Size
  
  80KB
- MD5
  
  8f6ff3176e7f0b58b033b3d3f1303db3
- SHA1
  
  dc21231170a74f459e45d81fa7dba15e0c6fe2c9
- SHA256
  
  0ea20361a01f8fc8eab21ab5613e77d36a3506793d4487438c314daf86e90630
- SHA512
  
  a0a3b3548983d15936b8517c2b5d5fa624b902522ab067ad552bedbd361c3192fc2cae889da0f8c986cfd295cccbbaa91596f478154c42f1a1cafbbc7eff86b1
- SSDEEP
  
  1536:sa9qjviI1YjOrfRK9bvyyfpHbnzDwkN7Pa3hzuG:sEuqI1lRKbvyyB7nlNyuG
Score

1^/10
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  7399323923e3946fe9140132ac388132
- SHA1
  
  728257d06c452449b1241769b459f091aabcffc5
- SHA256
  
  5a1c20a3e2e2eb182976977669f2c5d9f3104477e98f74d69d2434e79b92fdc3
- SHA512
  
  d6f28ba761351f374ae007c780be27758aea7b9f998e2a88a542eede459d18700adffe71abcb52b8a8c00695efb7ccc280175b5eeb57ca9a645542edfabb64f1
- SSDEEP
  
  192:eF2HS5ih/7i00dWz9T7PH6lOFcQMI5+Vw+bPFomi7dJWsP:rSUmlw9T7DmnI5+N273FP
Score

3^/10
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/UserInfo.dll
- Size
  
  4KB
- MD5
  
  9301577ff4d229347fe33259b43ef3b2
- SHA1
  
  5e39eb4f99920005a4b2303c8089d77f589c133d
- SHA256
  
  090c4bc8dc534e97b3877bd5115eb58b3e181495f29f231479f540bab5c01edc
- SHA512
  
  77dc7a1dedaeb1fb2ccefaba0a526b8d40ea64b9b37af53c056b9428159b67d552e5e3861cbffc2149ec646fdfe9ce94f4fdca51703f79c93e5f45c085e52c79
Score

3^/10
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/app/cmp.html
- Size
  
  5KB
- MD5
  
  d7b8b31b190e552677589cfd4cbb5d8e
- SHA1
  
  09ffb3c63991d5c932c819393de489268bd3ab88
- SHA256
  
  6c21e8c07ce28327dca05f873d73fe85d5473f9b22a751a4d3d28931f5d0c74f
- SHA512
  
  32794507a4b9a12e52ceb583222cb93300e38c634a72ea3f51a0189127aba60cf476fb7918942355a4f826185d7071e876cb40348ba34cf5d1ca7e9546ccb310
- SSDEEP
  
  48:t9rc0/GLAoShbEHaLKNGiNQtvmolOGR36tgtr/GTvJP8AscaV4LiMt7ByBZXGz+p:4VLjHa2NGiivmmpWsBVutFwAk5vSG
Score

1^/10
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/app/index.html
- Size
  
  20KB
- MD5
  
  c7b752acf6d1e10f3aca2c67b1ccf4d3
- SHA1
  
  ab793cb43e0c2b5af0fdcbf90d0d29d5d3e164f7
- SHA256
  
  69b9f99f6611f953d94984ac35bdaf9e9817f689e1e3614976bebe3465c613fc
- SHA512
  
  120addd79b7ade4f35b426c02631c8167d81080fde30a01b989453113f7547784e525d53bede41ede0c9b3caca8513060753ba51f75bf6936d32ee597d642576
- SSDEEP
  
  192:8sdqpDNDPkFHmY74+/qmtRCtmK8W9I2gHHMlxh8B39LJ/Hab48JgJnc5w/93mJ8D:+WNaM8UnbjPk89+mppHL
Score

1^/10
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/app/js/app.js
- Size
  
  21KB
- MD5
  
  f718bd3f18dd499612623852cd2a2135
- SHA1
  
  9432b7898f655fbbd8132f4b3f8822959ae3ff97
- SHA256
  
  a14fcaf11a16ad7d904960538ca35d5b05e1c1b6a916f228db6b319c6195acbb
- SHA512
  
  90a697f93f239e8210ad47b6f012d3b40ea9c23a92ab909434d0e2d71bc3d9663d1aa73c64646e3dbf417f9636d1190b3d0cf20d349456dee6b6b8d5536d0338
- SSDEEP
  
  384:4X+acDQrcljKdZGb9plmt902wjI3A4nzwF52xxYRifG6wBEoR3FGHWdeLj8T:0+acDQYlOdEbdmXH3A4nzIAnGifG11RL
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  $PLUGINSDIR/app/js/block_inputs.js
- Size
  
  789B
- MD5
  
  b5b52c92b90f4283a761cb8a40860c75
- SHA1
  
  7212e7e566795017e179e7b9c9bf223b0cdb9ec2
- SHA256
  
  f8dbd6793b35f7a26806f4dabad157aaafdf6d66fad094b50c77d60f223fd544
- SHA512
  
  16ad53ede5424ca1384e3caea25225589e9eec9e80e2d845948802db90fad222f709a7b651cd7601a34ba67a0627433f25764638fd542cbd4612871308e7b353
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  $PLUGINSDIR/app/js/libs/cmp.bundle.js
- Size
  
  324KB
- MD5
  
  1de143ca1babd3c02744f478c8c05c5f
- SHA1
  
  ac918b3d2d5f9cbd9e3b3f5e075ce3c96eec16b3
- SHA256
  
  7fbc3a088ec303143109e0c1b2c04f4c5a6e450a2d6f3071fefb66e92f643ea0
- SHA512
  
  6e419e11f35a3258124127970961907ed8fe0619f618a4c15542ee7f8a01a9f4a7af4d290b634444d21b823ca1afea65f97d5788fff6665d55c2231214edff24
- SSDEEP
  
  3072:LWYyrzt6yrtky1UDtDkNdAOoSPGYTckZtVPuuXheQ:oF6yrKD5kNYYTcIp
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32