653d46b5d17c5fd51248e6dde5adc57a5d7621299b7561cecf2479464da44efd

Resubmissions

12/06/2024, 04:57

240612-flpr1a1flp 6

12/06/2024, 04:52

240612-fhvtva1eqd 6

Sharing

Copy URL

Twitter E-mail

General

Target

PingPlotter Professional 5.24.3.8913 [Programs.TheMicroTech.Net].zip
Size

21.8MB
Sample

240612-flpr1a1flp
MD5

06b28940f886c3a1b4725d771f17627e
SHA1

ed052cbc64558c946ee3c9a291c6d4a38df88d30
SHA256

653d46b5d17c5fd51248e6dde5adc57a5d7621299b7561cecf2479464da44efd
SHA512

78cf2fba2b784e9450c2e3f6de7f721add508fbfa7458970bfc0ab31f72f00740d50c2838194898310a4956925ed7a3182579f2f81bbf0b7859d9c8b03b7d623
SSDEEP

393216:0f+9iAgusmjmj+8/Znma5RPf72BLYJjPXjyT2u0wbkY0tD20yoZYp6uspWfPfUgp:0Q1gDmjPKl2BMJST2upxJwYp6dp6vK2T

Score

6^/10

Malware Config

Targets

- Target
  
  PingPlotter Professional 5.24.3.8913/KEYGEN-FFF/PingPlotter.v3.30.4_KEYGEN-FFF.exe
- Size
  
  471KB
- MD5
  
  cb3267e801381492384e401d53880716
- SHA1
  
  d313acc4478a87015da03935a4bd0cee76afa42e
- SHA256
  
  6b8e8068c0c816861b00ffc82c54ecb32446c60d50d1b33fd3bce336747435d7
- SHA512
  
  0b0064e76a8b02866a0ef39b9f296906aee022dcbd5f94838264d50f7ba3ef8442c90fa27d11f78f61aa5dd8c9b56072cc508c9849d6d57344efe06d2cc2aa76
- SSDEEP
  
  12288:n1gnI0R3PDUFfhbXzAZqGZlxt1vGzjHIzJVmMEJ:nqR3PDUFJbjAkGDTwHcMJ
Score

1^/10
behavioral1 behavioral2
- Target
  
  PingPlotter Professional 5.24.3.8913/pingplotter_install.exe
- Size
  
  21.4MB
- MD5
  
  ae2015bc36bb8a0b872d049430c622c2
- SHA1
  
  c11db0f26d3554dea55b601eecdc50f90eae785d
- SHA256
  
  3586e0620442b8dfe2ae80f14dd389c224a7b9db7e6b9b29779a5b3d28e4a47f
- SHA512
  
  85c3b9380c2a803bb2f3f64a667bc062f0ee786f9bc5d50f6ce5157055eae20c76f6c6ae3d0ead0a89f011925dd7bb8097d5c6014c2fb5b077cf5ff734cceaf0
- SSDEEP
  
  393216:SeHSB8FeRF1NDgVEoZM9m5boLMMzgO+8+X7gj/pIBibcqBKOCCtbP:YzXay9UoL5+RgjLRgEP
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/DotNetChecker.dll
- Size
  
  84KB
- MD5
  
  f18364fa5084add86c6e73e457404f18
- SHA1
  
  6d87c4b9dbf78af88fddf0d4d5febe845c8e4e6a
- SHA256
  
  39c43d67f546fc898f7406d213b73dcb1bc30fc811ddfa3a02b6b50c29d11f91
- SHA512
  
  716892492390fe4314f3289286f733d07b8b84de1f5af0676b26e68c0be01808682d35ad2bb9e9491247b7bb5a0ea297a6850e26de9baf88621c789206107db3
- SSDEEP
  
  1536:AZBjgSXlkq8su+OudgGpGlmQSMqJS4HGsorJKQUDs0OsWPIcdGbk2HeJ:AYvo7PMqEuiKQGbk2HeJ
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/StdUtils.dll
- Size
  
  37KB
- MD5
  
  0493dcc333f413ae01afb74652128fe8
- SHA1
  
  c6c5d131279da08a54efc7ec565ec03863f62baf
- SHA256
  
  23da25dbf9f9392e29652084881d7ecedec770bc672800d8300b3f902594e890
- SHA512
  
  113c81010a55181d2ed9dd6cf197fc7c14c3caea06fb4bfe56534eb6075969d2ef4a86ab516217c6a26e2eab892c3d5a0d446b80038d5972fbb8ea8e09093f0e
- SSDEEP
  
  384:SRHnRp1w0RUPEACdnlfyXNEkbLitX44KmIQxMkioOcJAMzT8P5nwHkzkBOoWzpf3:cRp1kP8NgWk6tohm7xFi4iMfdOoWRA
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  ca332bb753b0775d5e806e236ddcec55
- SHA1
  
  f35ef76592f20850baef2ebbd3c9a2cfb5ad8d8f
- SHA256
  
  df5ae79fa558dc7af244ec6e53939563b966e7dbd8867e114e928678dbd56e5d
- SHA512
  
  2de0956a1ad58ad7086e427e89b819089f2a7f1e4133ed2a0a736adc0614e8588ebe2d97f1b59ab8886d662aeb40e0b4838c6a65fbfc652253e3a45664a03a00
- SSDEEP
  
  192:eo24sihno00Wfl97nH6T2enXwWobpWBTU4VtHT7dmN35Ol6Sl:k8QIl975eXqlWBrz7YLOl6
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/nsisdl.dll
- Size
  
  15KB
- MD5
  
  39b76431ab111d118f6759c1946a89b4
- SHA1
  
  ae3704cc4d1585c79a0ca5e757c95d5288790b97
- SHA256
  
  1dd9cf437ce9a98db66d1132c8e116531d0b0c08b06226045652382918a23dbc
- SHA512
  
  9d65b6a004c5fbd0e9bfcef5319e32993d41c3023f82bfa4b946cadb6d8946694efec2d6808fba82f3c9542020527b1b80a90f5f043ebaa076fe78d224ee5fe8
- SSDEEP
  
  384:shyd8Y6pu8ZaLf6Uksnw1g8BUcyHisU/b:shyd8Y67WGg8B/Eiv
Score

3^/10
behavioral11 behavioral12
- Target
  
  $_4_
- Size
  
  68.0MB
- MD5
  
  d338244a4c63c6829ba63a436cd96bca
- SHA1
  
  cf5b67a36f27990ae89933913b8e09c48360837c
- SHA256
  
  c04393d32a045faa0940dc56f91d456935060cfa995cf3caee948ef09ab5cd33
- SHA512
  
  ac5ed089a9ca48a7a997cf6053d7a8dec41b729f1ee456051ffc23373425bf62a2f82df9027176fa614b39c335ca86b4e23633fe50359fc0392a54ff47744b46
- SSDEEP
  
  393216:wst/V4e0wTkW4rjtNkWbNUz6sdhq1Dzw7RvPm0DMFGwyZyjVhlwdLnoIXXsagvHs:wUqWYXkW5Ujqhzw7RvtYrHs9os
Score

6^/10
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Enumerates connected drives

Drops file in System32 directory

Blocklisted process makes network request

Enumerates connected drives

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14