072ae063625482dc3918e8e5af3d03c39778fdd599dab11025f9e2e136ec7f06

Sharing

Copy URL

Twitter E-mail

General

Target

DVResolve-RPC.v1.0.7z
Size

305KB
Sample

240630-1demaawdpf
MD5

8284ec075b790ef4a95ce26346533bcd
SHA1

d6a8c5224be0e2fb218115cd8d027c126d728f7a
SHA256

072ae063625482dc3918e8e5af3d03c39778fdd599dab11025f9e2e136ec7f06
SHA512

b90fdba1a53e4cb0298e78004368c603bb66efc1a31a1de18fc17fda89a4fc082f7e35063b6960bab1f0360e35c51eb007bd786c8c09af0172e6fd42d0399809
SSDEEP

6144:Yl3YAZKWwuX7kfWp2HY1GNGVRvU9RxTEQ25IFuNmATppeAYihOH8CxYX0:YpYqwPE2zRLu5OhATpDdhOH8jX0

Score

7^/10

Malware Config

Targets

- Target
  
  DVResolve-RPC.v1.0.7z
- Size
  
  305KB
- MD5
  
  8284ec075b790ef4a95ce26346533bcd
- SHA1
  
  d6a8c5224be0e2fb218115cd8d027c126d728f7a
- SHA256
  
  072ae063625482dc3918e8e5af3d03c39778fdd599dab11025f9e2e136ec7f06
- SHA512
  
  b90fdba1a53e4cb0298e78004368c603bb66efc1a31a1de18fc17fda89a4fc082f7e35063b6960bab1f0360e35c51eb007bd786c8c09af0172e6fd42d0399809
- SSDEEP
  
  6144:Yl3YAZKWwuX7kfWp2HY1GNGVRvU9RxTEQ25IFuNmATppeAYihOH8CxYX0:YpYqwPE2zRLu5OhATpDdhOH8jX0
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  DVResolve-RPC v1.0/DVResolve-RPC.deps.json
- Size
  
  3KB
- MD5
  
  7b9d0fa610c9a976592c8adb275f672f
- SHA1
  
  68f799baa3a8bab0f8fccc56d24dbe75517f9bb1
- SHA256
  
  9bde474baa957042c5348a2a7ce2d281e4388c8b54cd40c811d774aefb929dd1
- SHA512
  
  8592a10459beaf5d07172ae06db4b944879175d40eb96481836a833494ff8e5f32e42db65f9f3163086bab94bc8e84be4fb6b658f7389819994eefe0a6a34671
Score

3^/10
behavioral3 behavioral4
- Target
  
  DVResolve-RPC v1.0/DVResolve-RPC.dll
- Size
  
  31KB
- MD5
  
  c90906391f1d644b19d21a1e94b17a08
- SHA1
  
  44f1c63f4abaf3ff5206e8061c3380a7e6170cf3
- SHA256
  
  0b3c5d27bd9dbdc950c581f9a29f9086037a5f48f5602ee677a75472aa71e8b8
- SHA512
  
  db7d6bf71d7da9eea7333e1826ee8e5d609048ddb19071a8cdc9ab4336e1912c63e215d69d33e7045af1d17a117950e71b3b167e16b384ef645bb3c3f8f9b567
- SSDEEP
  
  768:th8shH5XKVSanpT68DccqKhHbXQiADIjXbkeRz2:P8iHcYanpT6xq7RnTbkeRz2
Score

1^/10
behavioral5 behavioral6
- Target
  
  DVResolve-RPC v1.0/DVResolve-RPC.exe
- Size
  
  163KB
- MD5
  
  5c2e8b94738262fcb3088c825889509d
- SHA1
  
  16a16978218888e4298776ee6f4c39cf4b79fdc8
- SHA256
  
  0aee63a30c6df7f79f940d05818ca46bcab5253a97679c8bf0e91cb22199f1cb
- SHA512
  
  890536418656c672e47b449702f79c6ebe12a97559efbd2fe48c7bf21d985f8f6e2610f9145e826c84ea29b1280fa782ada6d12049c630f71affc1d8bdcc9bdd
- SSDEEP
  
  3072:KiS4omp03WQthI/9S3BZi08iRQ1G78IVn28bSQcJI8ltnygq7Zh:KiS4ompB9S3BZi0a1G78IVjc2ctnyg6
Score

1^/10
behavioral7 behavioral8
- Target
  
  DVResolve-RPC v1.0/DVResolve-RPC.pdb
- Size
  
  10KB
- MD5
  
  becdd79ee07308dc4a67e4a99e06f527
- SHA1
  
  dd17bcd9ecc323a3fb510e5d24a1dacb8b172479
- SHA256
  
  e57d01fc008d5e089aa0a85535d6d0878c3cf893f492130450b8a8c174a7e023
- SHA512
  
  11d944e04e12f6778e164a1479256237713c5b00aea050e489489c5d9ade20541078def5d5d7731aaf55450004d9b0b1206d0860a49e231519235b8d40be34bc
- SSDEEP
  
  192:0s6MdEggOyxcXeMcXCH4a0svpEupEqr+DD6VcxUvTwgtWwTnc0h3tbHgfopsyncR:uQCRMcXCH4a0sv+upEqrq6GUsgtHTht6
Score

3^/10
behavioral10 behavioral9
- Target
  
  DVResolve-RPC v1.0/DVResolve-RPC.runtimeconfig.json
- Size
  
  340B
- MD5
  
  253333997e82f7d44ea8072dfae6db39
- SHA1
  
  03b9744e89327431a619505a7c72fd497783d884
- SHA256
  
  28329cf08f6505e73806b17558b187c02f0c1c516fe47ebfb7a013d082aaa306
- SHA512
  
  56d99039e0fb6305588e9f87361e7e0d5051507bf321ba36619c4d29741f35c27c62f025a52523c9e1c7287aabf1533444330a8cdf840fa5af0fa2241fcb4fc2
Score

3^/10
behavioral11 behavioral12
- Target
  
  DVResolve-RPC v1.0/DiscordRPC.dll
- Size
  
  82KB
- MD5
  
  c6115a08c8e50dac0194fb98d3edc9d2
- SHA1
  
  903da7fb7ad47b7ad8eb5984ed54a865f6148744
- SHA256
  
  4dd4d48e0681604e3a7a72b6eae42173421d0b806b1af8fa03b45d9999978499
- SHA512
  
  3e43f721cf7b1ab28a4ff771b4186c70523eb2bd236063111593453c08dc8a7cf3fffd6a15af72502e8b800a35fbc7a7bd4ebb5b8f5f41796ee62a7a4a96c324
- SSDEEP
  
  768:eZGfuhWbsoZkmJPTsERSrxWjOFB8ZZnwUMOpSJAT9wQtc3nIYH+nijpJRMnk56Ha:TWIbP3QxWjOQ5pYlPMkh+mTxtSNy
Score

1^/10
behavioral13 behavioral14
- Target
  
  DVResolve-RPC v1.0/Newtonsoft.Json.dll
- Size
  
  679KB
- MD5
  
  916d32b899f1bc23b209648d007b99fd
- SHA1
  
  e3673d05d46f29e68241d4536bddf18cdd0a913d
- SHA256
  
  72cf291d4bab0edd08a9b07c6173e1e7ad1abb7ab727fd7044bf6305d7515661
- SHA512
  
  60bd2693daa42637f8ae6d6460c3013c87f46f28e9b0dbf9d7f6764703b904a7c8c22e30b4ba13f1f23f6cbee7d9640ee3821c48110e67440f237c2bb2ee5eb6
- SSDEEP
  
  12288:1eos/POdGV5jfWrV/9Yeh9eRcyLfLYtT5mWxTZ/B7jW5JMtRRpKzQk:10/POdGV5jfW5VnhFyvOB7jW5JMty
Score

1^/10
behavioral15 behavioral16

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16