General

  • Target

    9859b96a61b88e8ae36336cca584a82aa0835ccbfb09c6d9cd3fa3531881fb42

  • Size

    4.5MB

  • Sample

    240626-grflysyfnd

  • MD5

    e62546d19f7c6df91b44f1351c4f2a5f

  • SHA1

    ca88321c2d9e5d9df333fdc686cc59e5f7637ae3

  • SHA256

    9859b96a61b88e8ae36336cca584a82aa0835ccbfb09c6d9cd3fa3531881fb42

  • SHA512

    5e8752048dd9d55721902baf5b7a2708fb7ae933ec111e6841e0d6a9c67912d4a2e853fb90d2e2e686f55dc64554b9ebdb85861bedf9478cda47fc441c84f672

  • SSDEEP

    98304:4G7Wjpv3KUpAqkguX8AjtfGk2dl1H3XHhvoGH4QF/k8KWPR:4AWjyqRAjoRdlNJbkVWPR

Score
8/10

Malware Config

Targets

    • Target

      ASMTXHCI.SYS

    • Size

      275KB

    • MD5

      268b5e1b8245e8c8fa6a6a9bc436acb5

    • SHA1

      357fe142d72244379ecd3940651e48b5f31884f1

    • SHA256

      47c8e5738624f60c9922d6c9e28d4c93ca09aa47dbd3a37afe45b99ac5c61b9e

    • SHA512

      a11f9d96d08b2b0b4401eb515261b1bfa05c7cf0b65d71981d20afec033b4b0fce728494c3965dfd406714af4a812b7eb5bdf869002adeabad03e90679d4c7f3

    • SSDEEP

      6144:KzzKk/zSFjmXWAOfMBzHcOzszzlYqjSnJ+7oZ1q6mh:KzzdSF2tOfcHhszzGvl0h

    Score
    1/10
    • Target

      AuditorIISInstall.dll

    • Size

      325KB

    • MD5

      71155355832180db632abf90a04522e8

    • SHA1

      e813b30a3e1ee35f191245b886f267fa98a5ff1f

    • SHA256

      18af647c2ccf5a042bbe084f218e945c71817ace043b2b42dea7ded50a7ddf97

    • SHA512

      0aba824c6eb8653e06774b262d4b0e8704f37569dffcdf0bd93e2ef3736b4a4a9b6d6682ab246ee2697eacc62029b94f03094ca288e382209aaa0fceab3f8299

    • SSDEEP

      6144:DYGslQPWnB2JybPgS4pGffbTBN2lA/qgmHVHHz4oHUEuzYu/aY4n6F9s:YlQunMJyrgBSnB8lAyjzd0/X/aYwia

    Score
    7/10
    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Target

      AutomaticSearch.exe

    • Size

      376KB

    • MD5

      fb35f86d66226c645f98ee826696e900

    • SHA1

      13508b5277a891633f90e0cedc689be720f47f6a

    • SHA256

      c7755125ed32acde1df18dcf45320e8acdb9d86af9562f79bd354bf62a69d181

    • SHA512

      83675788c6b16af2510a52d09b764c860466b821ffa7bbaf050b6f0b9a48339888b471fc767b84bf550030d828686537d140d38fed0d6f02a804877d1203e9a4

    • SSDEEP

      6144:4NepssUkYbs8tbysm3I3M952kF/p/uwONct43j92U3hRQHEMEX:4NGMkYVgsm37n9pGHNu4B2U3hRHx

    Score
    1/10
    • Target

      GetRank.exe

    • Size

      244KB

    • MD5

      022c4991926fd27ba38cee13e69e136a

    • SHA1

      75b548f9dc876037aec6fda476212b8c24b6da04

    • SHA256

      168b1687c09a109055add83c9636248d9c868f4293514312099bc643f2e97324

    • SHA512

      5df86ada26a8175a0edb3b5896f962d2e378f27a2a01856230a156851154bbe7a268b4e56fdfd607755db74692916d9151c293ff190be1bf97a746106e59a1a8

    • SSDEEP

      6144:WmXRQXA+uOWucUgFP96wxD3frsWTBhwmW5/NwjIJ4I:WmXRQw+uPFP4iDvrsWTfw5G

    Score
    1/10
    • Target

      Office Tool Plus.exe

    • Size

      1.3MB

    • MD5

      756e471ba0a5cd5b7be3da906f850124

    • SHA1

      38888cde1bbfef7653f4bf43a61679949d658a43

    • SHA256

      f6cc88d0951cee665a083ff2c2589c0f2decb1454a5b2c0a9e3f6874be04a772

    • SHA512

      9d77a1fa6dbedc3a09e320425de0f9ac5f3bb5520e0388ef13eb0c7a5086e88927637b39e0a499605aadd231dacf80bd9c9bedc47591804dc793655579d2aaf1

    • SSDEEP

      12288:GethJYw1mXmcMciQn0gj6aWlvFdxrfe5seMdgfi/:WKzqyeCgfi/

    Score
    8/10
    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Target

      System.dll

    • Size

      11KB

    • MD5

      c17103ae9072a06da581dec998343fc1

    • SHA1

      b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d

    • SHA256

      dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f

    • SHA512

      d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f

    • SSDEEP

      192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw

    Score
    3/10
    • Target

      U3DPlugin.pvp

    • Size

      4.0MB

    • MD5

      ec4ba327c62c3c5367330097496fef00

    • SHA1

      2fb77c479aeda6aababa8fe5d579558cc08aa60e

    • SHA256

      2624231f837f98fecc26e137c3e0b3c450fb1429388d263802a0b5c2ff66e708

    • SHA512

      73109c09cb0deb80baca09c7d369ab71462f1d06982a3c4c98ba5f7eacd6dedad57042d404fc2a8b43a78f6e4c84252ae2cfa46c58675a4f9bf536d8234fda4a

    • SSDEEP

      49152:mWz5+lnLDYvStqpj33u0FSS8+NQ78qVNH/XEQ0mtDj/rciFSsTUXl7VHXpgetekC:mWQ8P3u0EINC8C0Q0yzsrqe+

    Score
    1/10
    • Target

      WMWhiteboardSDK.dll

    • Size

      884KB

    • MD5

      78e89130d9f65fbe51bfd631359fb806

    • SHA1

      b25e48c8498491db182e69001fae901c15fb2874

    • SHA256

      69b6f5cbf02ba24945c083767d8aced62701171e8c0faa608552e0fb783d1821

    • SHA512

      56b50eaa87002e6d58a7cc43bb1a53c7f990e47ac509df7bd23a22c76fcf720cf35a463648e8602a05a8cd48224c6c30c110076cee963537a9e3a21d6aa1ca63

    • SSDEEP

      12288:egvLyPftkEieqlDrfEmIINywkCqwlt0mqURB1HlP05ZwRhe/ZBJDg:egvLyPriEIcwkpwltBlPkZwOvt

    Score
    1/10
    • Target

      chrome.exe

    • Size

      2.1MB

    • MD5

      1571dc55a0cef6862321697e16a40e42

    • SHA1

      3d5043700c14e6963f5c650bf6baeee32fd53aa0

    • SHA256

      cfb9b406cb17eb8d5598e40a0a1fdac8c2f3fa23052778a7964aec0e988318c5

    • SHA512

      5eda1d4192035b6223849e1910b67b570ed1700a0c7bd59ccc107aa37efed3a2c43b089aec0eebe24f58cbb6cdee4ae190ea695e33e086f065c568f4282837d6

    • SSDEEP

      49152:FE5IZuz9ynTP+z8PcMQys6iHdRS50xZ3rLio:m5RynT2z2Qt7HdRS50xZ3

    Score
    1/10
    • Target

      fribidi.dll

    • Size

      109KB

    • MD5

      8bf61bf129fbb4eb55489dfa4afb2083

    • SHA1

      5622437a03146039736211bb848a438404e2eb86

    • SHA256

      1b4294f20fe366e17d4cb00d1ab45b7a7ca3d6f229746d38f92fa25fb5291e28

    • SHA512

      fd68a22fe35937dad01093e1d8841dc45ec06ae5093307f3b4681af66d01707b76b5c724926b0e7f38adfdbc9495941b83b2ff8481e28dfbec28a1f0d88736f6

    • SSDEEP

      768:ELk8xmqUWioSxAXJrTLjqO000ydThW5EKeYeV8aYs4+42DJZEoRbSlSeBinyu2hP:EA8tiM57qO000ef4VV2Q

    Score
    3/10
    • Target

      gmp.dll

    • Size

      295KB

    • MD5

      b45635125d0585d54c1ce8167ca8bb7f

    • SHA1

      0987c05699b78018d15e8622d5a224572451f179

    • SHA256

      fd8593518daa0839b45411096cdd9f126258f5e0909699fee71da2daeb55e5aa

    • SHA512

      61e19f45f55d384097429c101c625353dfb68b497d72af05031d0ebd383c040c7987ad0ba21fe6f5e018622a67d25870deee22d752b89d0f80bc530dbea06dfa

    • SSDEEP

      6144:j5aqx9yJSVMxKkm6bf4rkeaW1tUHJkD4GXS0:9aeCSVca6f+7aUpDtb

    Score
    3/10
    • Target

      mp3lame.dll

    • Size

      289KB

    • MD5

      f2feabca23c1bd184101c16a8eeb429a

    • SHA1

      f0157e924692a878de21135cbe2d76807c3679ac

    • SHA256

      fcbd987fa26eba2efd6143edbaaa298cc6850ddae7c84418cf96525afdd9d499

    • SHA512

      b9d4b7ad5a6e7b54ed64a405e1464b7833388ec0149737ce6577c1caa9d0ac1f60d4b13da1e1d0ab8e88210e0ef5e7e9f8fb437c8ad93adb176ebafde1f9c213

    • SSDEEP

      6144:eB54Vi2wZyflmygk9ecx3r8nEgfICNwJGmWJtrWqQqviQO:erVelmy5Ucx3IIGmWJtrWqhO

    Score
    1/10
    • Target

      theora.dll

    • Size

      167KB

    • MD5

      fcb8b2052112ef1f2d2d227382320b89

    • SHA1

      5abce73e0c84fba39bc4d3289d0818be9490a796

    • SHA256

      2e1bfee90f9cb52403a584e16bfdf394b1c6092c6f84d695151fd8283a29af7f

    • SHA512

      489f4fba90c1890c27fde943e887f3e82407d156bf28cd134603d74be840b17236897dc30b6d88dec93bd7fe9e0982681b4c6aeda18da12cc46ce6264d9d56df

    • SSDEEP

      3072:CRbYXHLfeTgZokVjSzT38T/kFyzyd2jI0t+FVbDvsJjTaBnP58zIlA:CW7fZokVj8T38TN+FVbQFECIlA

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks