b43b3fb42e824d41c7e2e4f4af1c40f591e6dccd9148d6e677d4ef71d9b94940

Sharing

Copy URL Twitter E-mail

General

Target

b43b3fb42e824d41c7e2e4f4af1c40f591e6dccd9148d6e677d4ef71d9b94940
Size

5.8MB
Sample

240610-tqrn2stbnn
MD5

9f2d6c96d80ed34c3e73be143c732826
SHA1

42b897625dd6f6e407ac2d48823c7bfa56ef00b1
SHA256

b43b3fb42e824d41c7e2e4f4af1c40f591e6dccd9148d6e677d4ef71d9b94940
SHA512

1f8c4de8fb8251ece7723c420f4b90b4e2bd6cde556215cd530b788dc7199a2c36fb654f388987920a652a3d71380f832b6e6db8dbdb3f97f7d934d0fe41e57a
SSDEEP

98304:S6sx6XGiubCtoOF5JMXMuVUfxRuNVlUg4O9iZncMoaa5PLb+XfGfishvF8Pi77xJ:SF6W1bCt55SMuu5GlXJFMo3Vb++isUib

Score

3^/10

Malware Config

Targets

- Target
  
  b43b3fb42e824d41c7e2e4f4af1c40f591e6dccd9148d6e677d4ef71d9b94940
- Size
  
  5.8MB
- MD5
  
  9f2d6c96d80ed34c3e73be143c732826
- SHA1
  
  42b897625dd6f6e407ac2d48823c7bfa56ef00b1
- SHA256
  
  b43b3fb42e824d41c7e2e4f4af1c40f591e6dccd9148d6e677d4ef71d9b94940
- SHA512
  
  1f8c4de8fb8251ece7723c420f4b90b4e2bd6cde556215cd530b788dc7199a2c36fb654f388987920a652a3d71380f832b6e6db8dbdb3f97f7d934d0fe41e57a
- SSDEEP
  
  98304:S6sx6XGiubCtoOF5JMXMuVUfxRuNVlUg4O9iZncMoaa5PLb+XfGfishvF8Pi77xJ:SF6W1bCt55SMuu5GlXJFMo3Vb++isUib
Score

3^/10
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  2a03c4a7ac5ee5e0e0a683949f70971b
- SHA1
  
  3bd9877caaea4804c0400420494ad1143179dcec
- SHA256
  
  d4f0042d8e7622b7e14395e926dd02edab3cdc77e82d88108b67a4d2cee9229b
- SHA512
  
  1942cdb522859f8dba46824786e361794a62e6201279201e1e0e2e07499fb6252933c5661782fccd77291c3650cafb2a7a08eee5431c8238f0da44840ee4c476
- SSDEEP
  
  192:y4n3T5aK+dHCMR1aQR9RuZl3WWmU7WYZsw1JpVGnrjdK72dwF7dBOne:Tn3T5KdHCMRD/R1cOnrjd+BO
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  ebd0da54db9f12ffd15206cc24355793
- SHA1
  
  910be3bebdde55eb1ce05915a79f01ebdc622786
- SHA256
  
  4066a0cbd9f6bb13c0f6fb064d4647ef7bc68a1be3d0caa4460b5ffd9ed1e0e6
- SHA512
  
  cee09db96267b1a30477ff074988606bdf35f9a5aa798a9a10029b11c0c347ab42a124320d777acde458828954cc8cf1a489b1673b31d589cdc4f50d4b86659d
- SSDEEP
  
  48:im1wsjq8W2MPUptuMMFvx/om/ycNSCwVGfOY0vB6/JvR0J9of5d2D:F18Bl91Z7/ycNSCwV8TLZR0ed2
Score

3^/10
behavioral5 behavioral6
- Target
  
  ExWinDLL.dll
- Size
  
  733KB
- MD5
  
  2b470c5c9c7748fff42fdd6d41da00d7
- SHA1
  
  31dfcfc3584fbb13dcbfe3924e8b65e75fcf2873
- SHA256
  
  6addd73926cd31fc9a8fbf425ed18a6e5460e1f2366d1b217d5c0360f94df66e
- SHA512
  
  7a1807d2731cb39d8c78936dd7b1e2fffb0a73e7a736d005f178c8c672e272a3ddc2e37764372852614912d5680685cd68bdecc7950e56b7d5d70d1ac01e48c5
- SSDEEP
  
  12288:sKstazWGUMddtrj56bPCffqIE4aCNJ6Ubv+wtrFeqmdoODZvo2pf1yjWpNRzsbWx:sJiUMddtrjAbPMa4aCX6UzmjZjpNy+Kc
Score

1^/10
behavioral7 behavioral8
- Target
  
  cacflt12.sys
- Size
  
  74KB
- MD5
  
  20a43b5766a66ac5177ed2a7587fdb55
- SHA1
  
  69ccb6c92b643dbf55e6e4b21f5a0e77f5649eb8
- SHA256
  
  692b3d89d9271de0c1af0c9d349b734a2db21577b147ba6bbf3f1fb0b78206b0
- SHA512
  
  eded7e792035260e56f1418463a735796649d0f378992929ba80eede9b5af16fad45784c763bf15e3252d61968533e32205d7efd88a5c1206421f0548f984e98
- SSDEEP
  
  1536:3J3dhdq2lVKb3ZtZnfUTUUBUwX1oICKWqbiDVpdf:3BLPkfZnfxy1oIGq2DLdf
Score

1^/10
behavioral10 behavioral9
- Target
  
  cacflt22.sys
- Size
  
  97KB
- MD5
  
  0eaabf938e30e3673c48482140ef9920
- SHA1
  
  027828562389d99107284308f08ced6d27ebe4cd
- SHA256
  
  add0472a4ecdfd4a266878f7ce07a93964f5401157ae36b558a62d7b4be81e0c
- SHA512
  
  8ff74293c9a3740ea18ca32068898efaa194d7c8c96153e9d375126895424c9366abb90f50d49a7b151dc0c5806e5eb52ba22ffb2d25a5ea746fc9131f387430
- SSDEEP
  
  1536:vigYckYkgz0v1aKW3Vr2JxPhvlRuQPm5FXFfx+K2zdx2RflXKb1M:BYc+w0vwKW3cWosFXFYvL2nA1
Score

1^/10
behavioral11 behavioral12
- Target
  
  devcon.exe
- Size
  
  80KB
- MD5
  
  7db8b3e2e6ef03e3ce844d2b862bba14
- SHA1
  
  1e82f0956112338b2a1c46dabc40fc1adbdd233b
- SHA256
  
  486a54040c71ae9c2e958c131687a55284bce55d099955cf7c65440db632df1f
- SHA512
  
  e1e02e1ebaed848ff334a93334f926f771ecbc726c40b378db8db4c8b9101db2007f6dbfbc386816270ee6b1fdc1a0c9036991e1adecac7771467bea489a5004
- SSDEEP
  
  768:3L7hT5+KybRpnE8K74kca7NerB8iXpYmfRXvti82BSOe9oKSJ2SLD0BEZWkADnW:3+KY04RMmSCYmniF4O7WTDW
Score

1^/10
behavioral13 behavioral14
- Target
  
  fixbcd.exe
- Size
  
  534KB
- MD5
  
  104e046fe670e957e02bf6f98d823761
- SHA1
  
  80aadc178c909310ab20f7260c9aa86ad17ff591
- SHA256
  
  ae48497924a658e2487421537f526246fe21105a9a507a6350c7d3cd1a0238c8
- SHA512
  
  d4688d8f8eb78a246dee0e2846acc3b4704e161d966b287e72ec5e5bff276ff84903eb6e8d9c23ba217534079ac5cc27670309bf9084d4b92e9a21400be3d41f
- SSDEEP
  
  12288:H3xEuJzzTJfSafosPGQVEsmDXkeq6MJ11L6d5EiK451:2u5zFSafoI1VKbke8L1UEU/
Score

1^/10
behavioral15 behavioral16
- Target
  
  hddflt12.sys
- Size
  
  11KB
- MD5
  
  38aa3cf69aebb4fa6757fc9ccbaa7222
- SHA1
  
  cc2c8ac1d0c6a118206e7ebf64ed5cf02f10ae3b
- SHA256
  
  1262eb03130d491d7e982ca6e30c667c90a9663f172915ecc1d7edc506cd5615
- SHA512
  
  0cc4ac4e59a54ba3ac4e2a13ee2d6be9d7bab03345164e1849784981f6979325cc46263b07c03901a6815526d9d0611ce1c6136e1d6c319b0a02846e8ce6f9b0
- SSDEEP
  
  192:1Tn65Et2IpOnw3Ykf6rN38DmdXjtlAur9ZCspE+TMgr/h:1O5Et2XnwIfhFUHeMe
Score

1^/10
behavioral17 behavioral18
- Target
  
  hddflt22.sys
- Size
  
  13KB
- MD5
  
  034ba91cd9f6599ced8532a41379875e
- SHA1
  
  8eb6d62310a70de656e6c71190ef95c3bab04e7b
- SHA256
  
  916253e36f3e12e8c946d9d0c104d73e84efecc3f98dfefd71902d7185207a63
- SHA512
  
  848762596037cc9e695eb1bf34a35ccdde1a43aea27aa53e14ae84b2b01e399404655a5c0e67594522d74fbc16e4ef6bea6070c61bbd55706c53200911e52a51
- SSDEEP
  
  192:o4iR6USzjZjG1Qsas4Xboj4zjfprN38DmdXjtlAur9ZCspE+TMgr5:o7ozjZjwQgWoUz7hFUHeMI
Score

1^/10
behavioral19 behavioral20
- Target
  
  nxd12.sys
- Size
  
  161KB
- MD5
  
  382861a750f98bc0d8050723b1c4eb38
- SHA1
  
  04de404656dd077c7b75cfe413c2c9cc1a01d841
- SHA256
  
  ce2e53a050e204b3e1680b733c5674cb40f43de58f61bfae954c26ac865688cb
- SHA512
  
  44bf491871632269d7335ed261dbee596264f323b29e024e78d4b2ec6a5cd3a332bb49d35e60929ec1ce4fc057109bf3b7b435d5ca799a35ef5dd4bb703e6482
- SSDEEP
  
  3072:FYkfcqeae5HBg5lPN6K7XGtM+SV2lUtRW3y2igwuyxWzG6L:FYkfAN5HBgvFb/UlUfW0gwuCqG
Score

1^/10
behavioral21 behavioral22
- Target
  
  nxd22.sys
- Size
  
  197KB
- MD5
  
  4610573b958227906fcc0e7872c2c959
- SHA1
  
  b828fae34e2756679ba31eeaa852fe2fb5641b63
- SHA256
  
  b1f3f287d26f54ce1542a5fee7de8b6f2e1ffb2f1699d88caa87b87b77d383db
- SHA512
  
  02946f19f0f1ba0ea8e82d632c000186b70d8b44f31cdeb8afbcd09e682cb081d8ad54672d7ca37ce2c5c3f15c3c2be8b5c9bb2efb73cd7d85e80dbfe68cdc95
- SSDEEP
  
  3072:3ZWsvhhLcnRY5Zb1bg5Pu5/qruyEKYriAGNIt9eDZl3UqKPEIlezw2Mnlp:38sZunR8N/qCTPKQ9e336PhX
Score

1^/10
behavioral23 behavioral24
- Target
  
  nxddsk12.sys
- Size
  
  84KB
- MD5
  
  7815bcd6dafd88caf615668f8b69a046
- SHA1
  
  b3d61b5c4c900d26b27c0e75fcc38f7c3471e601
- SHA256
  
  0e3bbf96ba9f5538e6b7d55f01497fc2af00c914b4a2cf0613a2ee1ad68029eb
- SHA512
  
  6e7ed98b906a05e26d43841d8cb68b59f20dddfbb704f5e039e173185e52ec932f4b9ecd1cda32212dea69d9f7f4d8bb10bb4ea408b546e99fa612822d9f3a58
- SSDEEP
  
  1536:DRyDD+3YNHg7BEgmdaN//VxjWSHBzvg8Q1yQHczsxz2yJj:DRW9NHCERdaN/9xO8Q1vcIxiI
Score

1^/10
behavioral25 behavioral26
- Target
  
  nxddsk22.sys
- Size
  
  117KB
- MD5
  
  40df8181a7bb2970898e9edbfdfdf121
- SHA1
  
  c2a67f993888cbf08699f5d13ad293e3560bf012
- SHA256
  
  91bec5f2883e7fc5cd9a87cf5cabb2455f51cca1c96ece1fccbb2886f04a4a90
- SHA512
  
  15fb2cba993546a734da04c776e1a84c183bedf101ca4f375b4fd5c0ff387bbd0ebac59cc1396bc0f1daa9c0668e7f2c98e02a05775096716913453d256365c5
- SSDEEP
  
  3072:xrk/a60oZ2rvESYL7WeNC1C8FA+Uz+vBmKFSkqse:x0Mg2rESY+eU15Alz+HAkq
Score

1^/10
behavioral27 behavioral28
- Target
  
  nxdhlp12.sys
- Size
  
  250KB
- MD5
  
  1f0e514e6aa492f036616f1a55e0a910
- SHA1
  
  c3d0a37f8014c96f11de06e028dc55f7cecda39e
- SHA256
  
  8a98fc6cd18bb4489dadaca87051f491d81fc8cf6aeff3b97ea543ca8abe6ef1
- SHA512
  
  f8bf61f1979616dc60401668b19fedcc6757fa66b773dad4fbba10c47d4bde49bd5af410bdefb7c922b2f2dc0b9a6d3b077c88d29bddd94f49c21ea1907136c3
- SSDEEP
  
  3072:y3S/m9z9DDB8r29aYLjT3J9TX+perzRDzPXkYJ8miUaECM5ZwO5vxg/jGIXHZXuH:l/m9zArAT59ype/fmerv+xXHZ+GLPF
Score

1^/10
behavioral29 behavioral30
- Target
  
  nxdhlp22.sys
- Size
  
  301KB
- MD5
  
  cddc1316697ae3690864ea8674804444
- SHA1
  
  a5dce34f39a42fe079c314647b6b52a51a15bc26
- SHA256
  
  55a1eb7e4835a1022bffa7437c1bd8006e5c491b56e9d41bddef91d938b7313f
- SHA512
  
  5b61d92fc6f6ccc5b6ab449b5e35bdc4f366bb709eae5b643698697e48295a5d2c0f771fe63d7cfb8372f58eda30472a147a4b29f8e3d9fb196dabc720f9c5e1
- SSDEEP
  
  6144:igrpmtnOgs9RWewrmFz9fD8FrtRTTOmLxGnhO+Og+yo:9R9RJcM6RTTOjGg+y
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32