Overview

overview

10

Static

static

10

afkjourney...c5.exe

windows7-x64

4

afkjourney...c5.exe

windows10-2004-x64

4

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...el.dll

windows7-x64

7

$PLUGINSDI...el.dll

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...7z.dll

windows7-x64

3

$PLUGINSDI...7z.dll

windows10-2004-x64

3

7z.dll

windows7-x64

3

7z.dll

windows10-2004-x64

3

AFKJourney...er.exe

windows7-x64

3

AFKJourney...er.exe

windows10-2004-x64

1

AFKJourneyUninst.exe

windows7-x64

4

AFKJourneyUninst.exe

windows10-2004-x64

4

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

CrashSight.dll

windows7-x64

1

CrashSight.dll

windows10-2004-x64

1

hpatchz.exe

windows7-x64

1

hpatchz.exe

windows10-2004-x64

1

resource/lang/ar.js

windows7-x64

3

resource/lang/ar.js

windows10-2004-x64

3

resource/lang/de.js

windows7-x64

3

resource/lang/de.js

windows10-2004-x64

3

resource/lang/en.js

windows7-x64

3

resource/lang/en.js

windows10-2004-x64

3

resource/lang/es.js

windows7-x64

3

resource/lang/es.js

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    afkjourneysetup_912ebd41c98565070879877cdf1584c5.exe

  • Size

    14.0MB

  • Sample

    240622-wsa57ascmq

  • MD5

    0bafbd90a6657ebc1d40339949a65d0b

  • SHA1

    e072e153f9cd9279632d82d5c6a618a7c7f0e290

  • SHA256

    4245b59eb49f9ea2596ed1791ea2c81173acbfdfa2ceaf8e17ab418ace71d847

  • SHA512

    074433aa21c00282bdf517e8935dc279f4a67b6105b8c484eee2e320b979254d07deb0234160c0bc6a3c3df9f6ebc50e0a36353dc91a0379dad61f0ff2aebd01

  • SSDEEP

    393216:wcWqAOa/J3K0GWkn+FL9mA2HtJrU3+OhPfAS:qFO+J3TGbuL9YJzOT

Score
10/10
riseproexecutionupx

Malware Config

Targets

    • Target

      afkjourneysetup_912ebd41c98565070879877cdf1584c5.exe

    • Size

      14.0MB

    • MD5

      0bafbd90a6657ebc1d40339949a65d0b

    • SHA1

      e072e153f9cd9279632d82d5c6a618a7c7f0e290

    • SHA256

      4245b59eb49f9ea2596ed1791ea2c81173acbfdfa2ceaf8e17ab418ace71d847

    • SHA512

      074433aa21c00282bdf517e8935dc279f4a67b6105b8c484eee2e320b979254d07deb0234160c0bc6a3c3df9f6ebc50e0a36353dc91a0379dad61f0ff2aebd01

    • SSDEEP

      393216:wcWqAOa/J3K0GWkn+FL9mA2HtJrU3+OhPfAS:qFO+J3TGbuL9YJzOT

    Score
    4/10
    behavioral1behavioral2

    • Target

      $PLUGINSDIR/BgWorker.dll

    • Size

      2KB

    • MD5

      33ec04738007e665059cf40bc0f0c22b

    • SHA1

      4196759a922e333d9b17bda5369f14c33cd5e3bc

    • SHA256

      50f735ab8f3473423e6873d628150bbc0777be7b4f6405247cddf22bb00fb6be

    • SHA512

      2318b01f0c2f2f021a618ca3e6e5c24a94df5d00154766b77160203b8b0a177c8581c7b688ffe69be93a69bc7fd06b8a589844d42447f5060fb4bcf94d8a9aef

    Score
    3/10
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/NsLauncher.dll

    • Size

      7.3MB

    • MD5

      e289f003033fb7d3d52ff9afccbd3677

    • SHA1

      2083fb9828ecc87d3b274208be0e8b88ba37136c

    • SHA256

      e243bcd7575fdff522a23d97a848f562a52d484cea06151642ec5e36773a1b87

    • SHA512

      99b9ec5c405b86754dd48959643080b5dccca4231e3092c1be77a8e86c5dfc893122b7d04cb2a87e4c21ce900f7eace488d01494045381cb96055a96cadc7863

    • SSDEEP

      196608:JGGbkta6MDLZEJStWrXW3DBwI23DJXtFW1ci:JjGa6MDLZEQtWTW3Do3DJSci

    Score
    3/10
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/SelfDel.dll

    • Size

      5KB

    • MD5

      ca8bcdded6b265453cf68bae8bbd0b3a

    • SHA1

      9dbe872ac53e075c0954c882d034aa009c733092

    • SHA256

      299ba97dda721cc9216bda218769eb269a239c8bcf09bd6acc774ff935849184

    • SHA512

      a9b19434c35236a049036f0153a5c7184c95249fdb04ef7605484551d40a8aba37462eb617e96301cd4363a324f0282e26179ce4b78973ca43e0a63b4dffb33c

    • SSDEEP

      48:S17Ql+sbsjAowLVEq1y58vzWLDjjZSeJY8JTaTIUNEyTFS7lr0zsBEaSujrt6EQD:v8sgYLVEX4zwjINxS7xg+TScrQD

    Score
    7/10
    upx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      a4dd044bcd94e9b3370ccf095b31f896

    • SHA1

      17c78201323ab2095bc53184aa8267c9187d5173

    • SHA256

      2e226715419a5882e2e14278940ee8ef0aa648a3ef7af5b3dc252674111962bc

    • SHA512

      87335a43b9ca13e1300c7c23e702e87c669e2bcf4f6065f0c684fc53165e9c1f091cc4d79a3eca3910f0518d3b647120ac0be1a68eaade2e75eaa64adfc92c5a

    • SSDEEP

      192:em24sihno00Wfl97nH6T2enXwWobpWBTU4VtHT7dmN35OlESl:m8QIl975eXqlWBrz7YLOlE

    Score
    3/10
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/nsis7z.dll

    • Size

      424KB

    • MD5

      80e44ce4895304c6a3a831310fbf8cd0

    • SHA1

      36bd49ae21c460be5753a904b4501f1abca53508

    • SHA256

      b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592

    • SHA512

      c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df

    • SSDEEP

      6144:aUWQQ5O3fz0NG3ucDaEUTWfk+ZA0NrCL/k+uyoyBOX1okfW7w+Pfzqibckl:an5QEG39fPAkrE4yrBOXDfaNbck

    Score
    3/10
    behavioral11behavioral12

    • Target

      7z.dll

    • Size

      1.1MB

    • MD5

      e7ae42ea24cff97bdead0c560ef2add1

    • SHA1

      866f380a62622ab1b6c7705ddc116635e6e3cc86

    • SHA256

      db2897eeea65401ee1bd8feeebd0dbae8867a27ff4575f12b0b8a613444a5ef7

    • SHA512

      a4a27b2be70e9102d95ee319ec365b0dc434d4e8cd25589ce8a75b73bbe4f06b071caa907c7a61387b2ce6a35a70873593564499b88598f77a7c25c47448fb0a

    • SSDEEP

      24576:ax6t04DSc9S0B07sjsPEtd+F5zrtV53SePrnvgwPWrlahtN:axBOp1B07sjsPEtd2znPrnIwuh0N

    Score
    3/10
    behavioral13behavioral14

    • Target

      AFKJourneyLauncher.exe

    • Size

      8.4MB

    • MD5

      45b6bdf8c267b7f0848df5ce3bdbf170

    • SHA1

      063000bf7d6c8ece7a83bf19ded5c950642a6bd4

    • SHA256

      f04675e786a4ee91467766316241af4970f56c31c7598de738c95042cf503de5

    • SHA512

      26a82ddbb377000ea1c7d5b3cc5e554a2a5c5e968bda9a2c8fc84eac00662e259e206b70611ab28ea21db4cd79813091fa10c0a2a21dfcf3fb12b3069d2afd66

    • SSDEEP

      98304:iAgCwfDwBWvmua4UkN16q1Kg653H6kcaa1Om4XdI8S4URtCGcNtCGcJVxay:iHfsBWvRzF16qKY1YDUr1cf1cTxP

    Score
    3/10
    behavioral15behavioral16

    • Target

      AFKJourneyUninst.exe

    • Size

      4.3MB

    • MD5

      474a59515c2dbeaf0d7ee72e24ecbe00

    • SHA1

      8aa52d73eae8bf89ee46106ac5e5b41561ebdffd

    • SHA256

      72079e6f9b748fc35a91161bafd28f2f5f183fd91ba86fe4e5c16186b3a26884

    • SHA512

      3e4de23a3039360421daedbd7915951e5e02b1a4e87458f70f48c3ff8167a471eb0a0aaf3f282701ce0fab81a15bb7ff5b4e1e1393522f09d0ec494ba4b198b4

    • SSDEEP

      98304:ctCGcq789Z//+CbaKuZBWkOrCFTghWUYlpx3aCe2gDR7fvm3Gl0kT3ySZLNjeQ24:w1cc89BGyaPBxFOAlT3aCtgd2+0kjy2z

    Score
    4/10
    behavioral17behavioral18

    • Target

      $PLUGINSDIR/BgWorker.dll

    • Size

      2KB

    • MD5

      33ec04738007e665059cf40bc0f0c22b

    • SHA1

      4196759a922e333d9b17bda5369f14c33cd5e3bc

    • SHA256

      50f735ab8f3473423e6873d628150bbc0777be7b4f6405247cddf22bb00fb6be

    • SHA512

      2318b01f0c2f2f021a618ca3e6e5c24a94df5d00154766b77160203b8b0a177c8581c7b688ffe69be93a69bc7fd06b8a589844d42447f5060fb4bcf94d8a9aef

    Score
    3/10
    behavioral19behavioral20

    • Target

      CrashSight.dll

    • Size

      3.5MB

    • MD5

      030673a7f2fe74ec7629dc5ed914b952

    • SHA1

      5ac4a9962c3c6570a58eeac44f1dff32450cc33e

    • SHA256

      8fd13c188935120339cd6c935f9e43034331dc5dc79a90b1d2d0f8bb92973705

    • SHA512

      5ad4cd9a3c83040f2df6c33cf64d660267ebe6b9d34afa7a9ea26c9f6238e4943e65f73a4dbede609d6dfdd68b0f7121c47d7b6e72d1b5153e35016d0bcbb847

    • SSDEEP

      49152:GAX5oOmQF+b75HDczMkeMwgO/AG+FnT0egIu0ODpvRezZadW/FCPJMHOPvTQHTs6:GAXapQFYRorbwEG+qjreIeyMHf

    Score
    1/10
    behavioral21behavioral22

    • Target

      hpatchz.exe

    • Size

      380KB

    • MD5

      c70a5a3ec2ab80264eb1ee3e381c9eb5

    • SHA1

      3ae6c435f337322a2a8558ab4cbe4b4b7eed934f

    • SHA256

      92f22641275a6b72e7a1323a8c4b75a7f3f6bfb3aafb4db6f6959d4ccbe015b0

    • SHA512

      db5818dfc05bfcbafb62b0cc77c69ea7e8d18a94646f7d1c4af4d8567288ad264cda6fc7f9c38484da7fc2fb0b81ac8eb5fda7a67b69e5ffdfe7442b6733215f

    • SSDEEP

      6144:V+lkGGkZRYE/ZxyAmgGluq13tHUsV+o/PAAAAMQ55ljTNPwrX0hn+zqTRKr0jFdx:1nkZRYcZxyA5Gluu3tHjJAAAAMQ55lj5

    Score
    1/10
    behavioral23behavioral24

    • Target

      resource/lang/ar.js

    • Size

      9KB

    • MD5

      aab6a854712e5b2fe33da28965b8091d

    • SHA1

      81a48819687e5b3d5841bedf4ae7b0cdc1aa21b1

    • SHA256

      5e5f11f6115ca5a94141c448f4d96698bfa88125115767c091955967e2c47e30

    • SHA512

      374b0cbd32dd6e8ba36a14b87442578a12aa3be01ef883b892d1d38f49f8894194763a38dfcce2c9e1a0fcc1776d6bf6660996506bd9a9af39b7cc9c0a468434

    • SSDEEP

      192:uAF4pafTkzCgoDyl4wBtb+tYTsVT91Tec8ARjqOr9x5GxX7jbF1J:uAF4pafTkzCg0S4wBtbnTsVT9BQxXXbB

    Score
    3/10
    execution
    behavioral25behavioral26

    • Target

      resource/lang/de.js

    • Size

      8KB

    • MD5

      5e76f7e4ea22a1389b13254f0175a90e

    • SHA1

      60a2019f806890b5f5f29f6cb410dd5d4a701fd4

    • SHA256

      002e916d808f84974672c425617e3413d13493d1000533f124fe69db74eccede

    • SHA512

      0816f7d483228af80ca9f58990411df41509747e35c900f82f419d8db378fc38037fa894039a958819e143e2a0645a2ebb436cb5e6967a630830adf569de5072

    • SSDEEP

      192:fA/TDWj+keMm8wKUPAbnDZIDh1blWXr89rWTMr/lkeHDRKk1fUUrc6WN1kpp/:fA/xkeMcGDZuzsX4WTm/Jfvrc3kj

    Score
    3/10
    execution
    behavioral27behavioral28

    • Target

      resource/lang/en.js

    • Size

      7KB

    • MD5

      d1432c038b67a505a2d522bb192bb1d5

    • SHA1

      4d75cc6ba638be8ff8cfb66df476a96f850178a9

    • SHA256

      6f69e217b096801899fa24837b0dfb325610593769b2c33cdbc5203f697277a6

    • SHA512

      7dcb10007ee52032dd72a582981c9b2abc46dbe639b7bf1c143a296eaa6bc553153ff0b16b5ff2eac1351184c0bbda6ec33a80cb43f29faa73e4d2798908a1ba

    • SSDEEP

      96:lq5XpBnPrbNkzAmqIRrz9W0ECcmW3016UPFYg1rGHhDKd3cpewxRhcyppnYKRLPP:mbNkzAmzzVEiPENewxRhcSpYKlPtSK

    Score
    3/10
    execution
    behavioral29behavioral30

    • Target

      resource/lang/es.js

    • Size

      7KB

    • MD5

      02f895c019ddb8426e5b622e745e4eba

    • SHA1

      e450b17eecf87d96c59afc6c9638bbbb789160e1

    • SHA256

      8526e29111a3b9f4df93348419a057ca0052d39533de76cf0345e56e6d01a985

    • SHA512

      095fc91a239761455b1c97e991b91118130870972805afce9323f020a20fda1d75ee4dd29579193bb3d996c277e5e402796f60ef61c1764fb1d740da53b91e6c

    • SSDEEP

      192:Hdf2jT3rRPghE0uAK7GqhLxhy1jFhe4ouR16Eqo1W6:9yNPgG9Gw/Iyz6

    Score
    3/10
    execution
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

upxrisepro
Score
10/10

behavioral1

Score
4/10

behavioral2

Score
4/10

behavioral3

Score
3/10

behavioral4

Score
3/10

behavioral5

Score
3/10

behavioral6

Score
3/10

behavioral7

upx
Score
7/10

behavioral8

upx
Score
7/10

behavioral9

Score
3/10

behavioral10

Score
3/10

behavioral11

Score
3/10

behavioral12

Score
3/10

behavioral13

Score
3/10

behavioral14

Score
3/10

behavioral15

Score
3/10

behavioral16

Score
1/10

behavioral17

Score
4/10

behavioral18

Score
4/10

behavioral19

Score
3/10

behavioral20

Score
3/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

execution
Score
3/10

behavioral26

execution
Score
3/10

behavioral27

execution
Score
3/10

behavioral28

execution
Score
3/10

behavioral29

execution
Score
3/10

behavioral30

execution
Score
3/10

behavioral31

execution
Score
3/10

behavioral32

execution
Score
3/10