bc4101cb2be2bc8fedb16c82b4c4dc808176f519f9c2c8012c6e18b4b35d932d

Sharing

Copy URL

Twitter E-mail

General

Target

bc4101cb2be2bc8fedb16c82b4c4dc808176f519f9c2c8012c6e18b4b35d932d
Size

10.0MB
Sample

240609-jrnzfage99
MD5

2ecfb9233faa522432e2ed58672ca654
SHA1

1b788f7390c331c60671adf5b630ed599e448fa0
SHA256

bc4101cb2be2bc8fedb16c82b4c4dc808176f519f9c2c8012c6e18b4b35d932d
SHA512

7850950438090da9573e789371ffd4177b8408adddd86ede0515a3a30ea77aa9059b14d0edebe1d77411dfbca8990bbb58352853b64a664cb009fcfaf206bf61
SSDEEP

196608:EchDhHEA3hKMs8G0h6CN6w6LxldPvS7aDF+1qOoMRjWM:E8hyMH3h6CN6wKP+mFElfRjr

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  bc4101cb2be2bc8fedb16c82b4c4dc808176f519f9c2c8012c6e18b4b35d932d
- Size
  
  10.0MB
- MD5
  
  2ecfb9233faa522432e2ed58672ca654
- SHA1
  
  1b788f7390c331c60671adf5b630ed599e448fa0
- SHA256
  
  bc4101cb2be2bc8fedb16c82b4c4dc808176f519f9c2c8012c6e18b4b35d932d
- SHA512
  
  7850950438090da9573e789371ffd4177b8408adddd86ede0515a3a30ea77aa9059b14d0edebe1d77411dfbca8990bbb58352853b64a664cb009fcfaf206bf61
- SSDEEP
  
  196608:EchDhHEA3hKMs8G0h6CN6w6LxldPvS7aDF+1qOoMRjWM:E8hyMH3h6CN6wKP+mFElfRjr
Score

3^/10
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/NSIS_HTTPRequest.dll
- Size
  
  55KB
- MD5
  
  52033e4f012b5ea9e6a2a719c5a9f2bf
- SHA1
  
  14ae0a9600997b77057a6c07bdf0ad974971fc01
- SHA256
  
  00b7b5c1addeb7404089cb44743701614717723397790a73a48118aecbc423b4
- SHA512
  
  d3101723c485a28d1871ca49656b19681a36cee459d061ba8a66a97ead9e5d87d635bee912ebbcd5d743f1d562d4dbe0952d97987b7016fd0a6f54dacbc95f45
- SSDEEP
  
  768:fRkeem9aVIuOdDSzL3cMSWVEDaoWX6P+QL3H6WesAAZz6Fi5RvJt:fHemOIuOQ/ZtEpW6TWAZJ5Rv
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  959ea64598b9a3e494c00e8fa793be7e
- SHA1
  
  40f284a3b92c2f04b1038def79579d4b3d066ee0
- SHA256
  
  03cd57ab00236c753e7ddeee8ee1c10839ace7c426769982365531042e1f6f8b
- SHA512
  
  5e765e090f712beffce40c5264674f430b08719940d66e3a4d4a516fd4ade859f7853f614d9d6bbb602780de54e11110d66dbb0f9ca20ef6096ede531f9f6d64
- SSDEEP
  
  192:sRer7uivwq1XpKs4FVWSjMd8tIg2cREbyCsZ8q2R4Sy+Xe:s67Xws4FVWig86/5eCBqSy+Xe
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/UserInfo.dll
- Size
  
  4KB
- MD5
  
  d16e06c5de8fb8213a0464568ed9852f
- SHA1
  
  d063690dc0d2c824f714acb5c4bcede3aa193f03
- SHA256
  
  728472ba312ae8af7f30d758ab473e0772477a68fcd1d2d547dafe6d8800d531
- SHA512
  
  60502bb65d91a1a895f38bd0f070738152af58ffa4ac80bac3954aa8aad9fda9666e773988cbd00ce4741d2454bf5f2e0474ce8ea18cfe863ec4c36d09d1e27a
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  f7b92b78f1a00a872c8a38f40afa7d65
- SHA1
  
  872522498f69ad49270190c74cf3af28862057f2
- SHA256
  
  2bee549b2816ba29f81c47778d9e299c3a364b81769e43d5255310c2bd146d6e
- SHA512
  
  3ad6afa6269b48f238b48cf09eeefdef03b58bab4e25282c8c2887b4509856cf5cbb0223fbb06c822fb745aeea000dd1eee878df46ad0ba7f2ef520a7a607f79
- SSDEEP
  
  192:y1zQhZDqlJcKISw99ioU3MSfwLF/+nhHUisdz:ozoZDGKYw9goWyFGBU7z
Score

3^/10
behavioral10 behavioral9
- Target
  
  $TEMP/uninstall.exe
- Size
  
  273KB
- MD5
  
  ac49750ef5060156b5dbfcc0b2a63134
- SHA1
  
  3c967b82bb4e3d62c0eff4a61d367878e3d911d1
- SHA256
  
  4ba9b799b02be4e2ebe6ba8e5354e59884b63217ded0de536053858dea21e553
- SHA512
  
  fd51b1641f5f4c3078c1bcc4901c2731d04ef7c222fd0cea9dd19c30f6ce7962c89c8117fb9ff8838bba494e1a9e27e25813ce7d56ae54c9287ae01cbe44caf5
- SSDEEP
  
  6144:g50gUCUSINdOHRtKwXPbNsiRlrUEX5eFmM:i0gid6tbPbOiRlrUEX5eFmM
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/FindProcDLL.dll
- Size
  
  27KB
- MD5
  
  6f73b00aef6c49eac62128ef3eca677e
- SHA1
  
  1b6aff67d570e5ee61af2376247590eb49b728a1
- SHA256
  
  6eb09ce25c7fc62e44dc2f71761c6d60dd4b2d0c7d15e9651980525103aac0a9
- SHA512
  
  678fc4bf7d345eeb99a3420ec7d0071eaba302845e93b48527d9a2a9c406709cc44ec74d6a889e25a8351a463803f8713a833df3a1707a5ad50db05240a32938
- SSDEEP
  
  384:DZoRF0XXUuJReQg0Tw67ADWBTgmldIogUD3GLgFmyaX/fVYcWJQCDmrinogRdBl:DZaF0HtTwuz9yu3KgwRX1nWJ1q+noI
Score

3^/10
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/KillProcDLL.dll
- Size
  
  4KB
- MD5
  
  99f345cf51b6c3c317d20a81acb11012
- SHA1
  
  b3d0355f527c536ea14a8ff51741c8739d66f727
- SHA256
  
  c2689ba1f66066afce85ca6457ecd36370be0fe351c58422e45efd0948655c93
- SHA512
  
  937aa75be84a74f2be3b54dc80fac02c17dad1915d924ef82ab354d2a49bc773ee6d801203c52686113783a7c7ea0e8ed8e673ba696d6d3212f7006e291ed2ef
Score

3^/10
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  959ea64598b9a3e494c00e8fa793be7e
- SHA1
  
  40f284a3b92c2f04b1038def79579d4b3d066ee0
- SHA256
  
  03cd57ab00236c753e7ddeee8ee1c10839ace7c426769982365531042e1f6f8b
- SHA512
  
  5e765e090f712beffce40c5264674f430b08719940d66e3a4d4a516fd4ade859f7853f614d9d6bbb602780de54e11110d66dbb0f9ca20ef6096ede531f9f6d64
- SSDEEP
  
  192:sRer7uivwq1XpKs4FVWSjMd8tIg2cREbyCsZ8q2R4Sy+Xe:s67Xws4FVWig86/5eCBqSy+Xe
Score

3^/10
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/UserInfo.dll
- Size
  
  4KB
- MD5
  
  d16e06c5de8fb8213a0464568ed9852f
- SHA1
  
  d063690dc0d2c824f714acb5c4bcede3aa193f03
- SHA256
  
  728472ba312ae8af7f30d758ab473e0772477a68fcd1d2d547dafe6d8800d531
- SHA512
  
  60502bb65d91a1a895f38bd0f070738152af58ffa4ac80bac3954aa8aad9fda9666e773988cbd00ce4741d2454bf5f2e0474ce8ea18cfe863ec4c36d09d1e27a
Score

3^/10
behavioral19 behavioral20
- Target
  
  7ZipDLL.dll
- Size
  
  557KB
- MD5
  
  2d7f717f9a5fb567848c3c4f11cc95c2
- SHA1
  
  bd94031c8a4fcbfcb00b401641094277ea83ef11
- SHA256
  
  775ab21d46bfa4c5206feb37a2dcb412c196090c74faeca5b11372b178a705f7
- SHA512
  
  af0e28bc4bff2604239cf78bf38ff188289f1c28e17875147600804017809b41c5fe67041bbfd41c97d6c5d3de6d86d4d7ff3378543c717c9f4bffc3386923c2
- SSDEEP
  
  12288:02MvfS+YHC1+jheuOUoVXusOlNpvL/MwE:Ui+MC16euOUoA0j
Score

1^/10
behavioral21 behavioral22
- Target
  
  BDCOM/BDServices_Setup.exe
- Size
  
  2.1MB
- MD5
  
  ea84e4e73002667d7b83545e1ad8e23a
- SHA1
  
  e82ac80564cc655e88a7c9bbf390920064791b87
- SHA256
  
  0ea9229624ba6dc7b3d76824cde70452a3fdb2c1463856f437c679eba68ec7df
- SHA512
  
  c441c2489f8cf6bdc6257904ddb8183fe0e1f5db133bd07b232a20a7ededb0cd725c650e50640c0429a9fb2559c3dcb123de6c37203876993c4f856126e5db95
- SSDEEP
  
  49152:zgcUX/8pRez4fL8YEX5kkGtcgG0ivTEfPWszLZ6:z5w8RY4fLRQrwcg1x16
Score

3^/10
behavioral23 behavioral24
- Target
  
  CommonLoggingExtension.pxt
- Size
  
  179KB
- MD5
  
  48c79e0daa0619b41d685ee5bae02e52
- SHA1
  
  86a9ea90ec7abd277ee6babd0e52ff7b4920725d
- SHA256
  
  16a8b88ce1a0d752df78accb92b9eb9aca874d779ae116034216e66b6bf2451e
- SHA512
  
  b7148277699f549f3a16c51505fc893e965f71f42de0d8552ec966c8d626b9dc9a9c921cdb61f0ea7de8068b5bfdcab492b7cae0d98c1e5e4390d92758a6c5d9
- SSDEEP
  
  3072:rVnyIt2Q35xWFa3tzSfD+cSY+m5BsZjnV/zos9Sb:rVnDwqNY6fNSb
Score

1^/10
behavioral25 behavioral26
- Target
  
  CommonSpecialist.pxt
- Size
  
  180KB
- MD5
  
  0b9327f155947612ca3f469252a58d17
- SHA1
  
  ce68c83fc9b75005a820ba9bdd8bb19263bf04c2
- SHA256
  
  f949acba6fb9c4d5b94c1fb8ef2b157e865ebd1fb80c61cce53268da106fc05a
- SHA512
  
  21ae106415d9dc3b460f316597c0d7ee31f70c802709ac2e6ef0b9257cd46c16b65a72f023cf1aff9a96711c9fdfe8b7a373a31fa3e7367c9d97e6d2d3b38f7b
- SSDEEP
  
  3072:8Ql87LDnP0LfFrYf3YS3+sCW3VZdYKYpsIacAe1B+:8Ql8nD8ZryYgfZzQ5aBe1g
Score

3^/10
behavioral27 behavioral28
- Target
  
  DC_offer.exe
- Size
  
  5.8MB
- MD5
  
  a18bb4006a82158678cf462cc4a943e8
- SHA1
  
  b7fbab891bca08438276b4afbf60ba52002be556
- SHA256
  
  11d9d09ca4929d4f38abd7f7a6a7107c3b697e95d02d4ea34b5b991da37d0d02
- SHA512
  
  fefea48273d1778a180dfa945c00f76601d7f7019cd00752cf25736a04d52f8cb36a6428ec3114ffbb07a24fb6323cf5a175f57a41db868e23dc0fc9b511c6f5
- SSDEEP
  
  98304:3vYsyKDAJqrZPTgfFSNAEt39cQvb86Q9j34OiZrq1DfPHNADtV6v+rCnTVv6I1nM:3vYAtOpQvb86Q9j4O7NADtV6v+rCn5vC
Score

6^/10

discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral29 behavioral30
- Target
  
  ExtensionManager.dll
- Size
  
  121KB
- MD5
  
  b1d3e1679bd267facd40604edcde2f5b
- SHA1
  
  08c1ad07bb1e5133a7489fe9a777dd1d1d980bfc
- SHA256
  
  361fd06e5c3acabb49e21906f83579d5fab59266210b365909fba1f478e8f6b8
- SHA512
  
  2c684d29e35b28e91cd1816179e95f08cb931049a76182a7d45561c23a3f0b4dd7f7398c142f7db6dcb82452432544c21ec6749d72f2e011504563795c187f0b
- SSDEEP
  
  1536:2GjKcE8Nbu2NtzibjUzcez/EC6PWSd2g3Il+0+Yvpc96YsWjcd9FdPDQJyOI:zK+rpj/WlFSV+6Q6H9FdPDQJyOI
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Deletes itself

Executes dropped EXE

Loads dropped DLL

Checks installed software on the system

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32