1615e99f6f9bb8c363e69184853037ab937ec116b767b0dc50d64fd606d08e75 | Triage

Sharing

General

Target

SQLi_Dumper_v.9.7__Cracked_By_PC-RET_.rar
Size

5.2MB
Sample

240625-s57hda1gmk
MD5

30cbfc8c83259477269301e0661f65d7
SHA1

b4274a789b40f38a90506d4dda96a52903391104
SHA256

1615e99f6f9bb8c363e69184853037ab937ec116b767b0dc50d64fd606d08e75
SHA512

96c9b262c5692bed78d594e8872d991a3862b894d28527c3e3fed2e83101112343405420b02da5aba576842169447817ce13752b34bff4cf4a4c4dc3c9b52fb4
SSDEEP

98304:FTkCsOZZwZYZao0wm+S57jlTpz/cMJ3ywbXSDC6GkXpxS/eeDw/zjOHs:F2ZYZa7z57jlFKgXn+X7S/eeDwHOHs

Score

7^/10

execution

Malware Config

Targets

- Target
  
  ChilkatDotNet46.dll
- Size
  
  8.3MB
- MD5
  
  c347b978db64c5b0922fdb620a30a757
- SHA1
  
  765a35848098e689b6305ca04b4fbc3d1eeadafb
- SHA256
  
  fa3a167968be8adfd68b88bf303efc8f71e895366bf9297679988549534a8895
- SHA512
  
  d251aec584f51a9c6826a34c2f9c5eda8c86af5895a842788011947def74260c90c4ee119f538a906c08851434c8ef5a5b753a3a09e4af90180dfc87aafb672b
- SSDEEP
  
  196608:BRYEFLWbcypvso0iHPWwvou67ceICkTT6Sd:BRYEFLWbXpV3HPWIou67ceILT
Score

1^/10
behavioral1 behavioral2
- Target
  
  DUX4.dll
- Size
  
  114KB
- MD5
  
  2c7300a2a56c532b4ed416cf0946e6ef
- SHA1
  
  7418b77139370184a5a89d81cbebeec493c2b375
- SHA256
  
  4f8d7daa27615e4a06c1b11a75afdadc4e7e9775c0a778cf6145a395689a255b
- SHA512
  
  63df65d2ed67675fa824790974472ad93544dd59c82dc61dd51a0d96de0cca44d0534b6be249f61ed8a4f62a70cbd14570f3196c8e1c4e788c393485b8077225
- SSDEEP
  
  1536:c+jTe1OiqBCVNVovTc8kY9PlBpbUvFL9hvv24eOEL93BN3:c+jOlVNVovo8nPlAvN724eOC9
Score

1^/10
behavioral3 behavioral4
- Target
  
  SQLi Dumper v.9.7 [Cracked By PC-RET].exe
- Size
  
  3.0MB
- MD5
  
  1f121b5cd0526ce9b1a3ddf3414693c0
- SHA1
  
  1091a21b1cbb670e9a9a3c7add5239e53659159e
- SHA256
  
  ef2cdcef2ad200acb11aa28ff753ac53bad2559e01b4c15022ce0265dc1107b8
- SHA512
  
  ea044a01a4f29a2f76626c4f2680ce26d9f4b7453d557c95604305854969a2caa0f029bdc832984851978a8c156bee879589d80e46951a1844fb3180467a073b
- SSDEEP
  
  49152:XTH0TmAiumuCcLeYomvrveaULQ0Gi1ltdpEPU4aZn:XTH0TmAiumuC7YvrveaeQdYTniU/
Score

7^/10
- Loads dropped DLL
behavioral5 behavioral6
- Target
  
  Settings.xml
- Size
  
  17KB
- MD5
  
  7d2f836ce743897d880d8405404f9b5e
- SHA1
  
  e2489f36760457b0415d6fef853aa7b741302cfa
- SHA256
  
  b20536e3669fe475188dec542ca876f1b503a14eb5ecd97ad5c44af5124a72d0
- SHA512
  
  f938bf3456c58459721141f912d032e73e550792489d6caa927e99e810979d9a3472bea3fb0d53a18942c18a77517caa23f4095e7be06225dd7494cda8eab8ea
- SSDEEP
  
  192:/nyygDNnYzx7PrB6BGQX1UhKbePv0rZykKPZJRQZ+gDNnYzx7PK5:/nywDB6LXqhvsyNZfQZ8y5
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  SkinSoft.VisualStyler.dll
- Size
  
  1004KB
- MD5
  
  d93366374b57b5a0fe3a1a8a1ca95f78
- SHA1
  
  e35d56efef3462897893f5a305f404a88ceefcc6
- SHA256
  
  14f231441dad16ef046ab97415c33195056a61b0240d7d890971e5f626068925
- SHA512
  
  782380533dfaf734a669e52ff7fdee64714c3ba354f24823c8b232b4af18631e237beba48e6d3ad0f5959dac5c82f93021e4923fd65be30834ffaacb14e25eb0
- SSDEEP
  
  12288:QLAItcbSuKgHKeBHLoH/WhMcPu/Vs7hIRPulgC+:05OuuKgHKUHLoHUMcPMVs4EW
Score

1^/10
behavioral10 behavioral9
- Target
  
  YouTube.lnk
- Size
  
  1KB
- MD5
  
  c7056a1f92245eec9e5ca71f406c4811
- SHA1
  
  dfd0cf087771943aa92e7e88114e993234425d8b
- SHA256
  
  bde117478e44d3aa7d55122cf450f10b5af74cfb4ce82ae4fc6fb7dd414c2469
- SHA512
  
  640987725389f98a39892bdb03dbb59f316227b6611c488665f2d166bd8434b34b86ad1d784c9b750e9d57b031ea1c1522be37822111683e2e8762213cfefa2c
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral11 behavioral12
- Target
  
  bufferGeop.bin
- Size
  
  1.3MB
- MD5
  
  cb9ad69965f9f4cff8572983f60be67c
- SHA1
  
  5f49d5a1c915b08d54bca33bc0d52244f523e5a5
- SHA256
  
  56c7079dc309168d9c41dd4a7a61033acd264a120ca8d2e2182abb5b9ae6b0a3
- SHA512
  
  0f8543e976b75d20028d75e15590185106679317d110f0a7796ec9e1fb7fc50374b9866c0e208520df0bb03fef8a34d1e287b9894ac491d5f76f0eb876faa2fe
- SSDEEP
  
  24576:fV8G3DKTAme9ffU+bApdZdbEmniPX5b7U48QZ3tRV9dkUBQd:jTGAmQ4U1BUnQjpdkEI
Score

3^/10
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14