25512356b45d1f25c9f5e1ebfd53005773f95a6354c12aa9e8801f764daf215f

Sharing

Copy URL

Twitter E-mail

General

Target

SmartClient.zip
Size

14.9MB
Sample

240701-tmmwpaybmd
MD5

d5d4a884cea57f126bf49a20414005fa
SHA1

1990a9bda008632bb83c912c85ba911c56a96dfc
SHA256

25512356b45d1f25c9f5e1ebfd53005773f95a6354c12aa9e8801f764daf215f
SHA512

f78c6ed13cd29d20a192e5bd30c0216311415f2f310cbe568a53392c569ae81093259c4ead2a1aea04d57975e1104a8c3a3d263d5af81de4c8e3772b2705f6de
SSDEEP

393216:qMlG/dXOeKQo/QralUaSoMoFL2Ry/dt1o7m7pqsq76qq:qMQ/pjYSkFbb1xMszqq

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  SmartClient/AVApis.dll
- Size
  
  88KB
- MD5
  
  99ecd1c9fa16f3f8d8f5716e7df79d6e
- SHA1
  
  4cec30c77982a0079406281b137da8244242fa4d
- SHA256
  
  cacba528cb5623f3a00cec8af23ac0cb5b158aee27c2356e9e1f6d541568169f
- SHA512
  
  0854842c982b09501e18966565c94cc99d1e7db8dbf16fcb7e79337fff2b0d5252c22de1e690e44ef3f9ebc15d20375d1854e0aefab735bf9d0fcdb2ebe1447e
- SSDEEP
  
  1536:thjJGbRe+6SeljSJo7X32k32JPnRJ4Gtrg:TjJGtJ2A402Gtr
Score

3^/10
behavioral1 behavioral2
- Target
  
  SmartClient/BCNetSDK.dll
- Size
  
  518KB
- MD5
  
  1e7f4018e45adec1e6c9dc0065d99ad0
- SHA1
  
  2d8eb16f458bc2cf01f63669d39fbd66c94664ad
- SHA256
  
  f642470d350dccec3ecaa68420b3dcd4886bd19c2e073774128a74cbd6badd6c
- SHA512
  
  b4acce49d04e443a5ca4b404464dcd07eb71b1e0efe620c1654975b8afb261e9602b1bf929a7dbeab2e8ea1adf940f80b775c3ad9369486e39738116585bf105
- SSDEEP
  
  12288:Hl7m0UITAICxWP0Q58H9jV7aqJYjvz7a1NIakWZe5rO/5i8OUT5NmywyzoN3yefz:Hli0UgPCxWPsD7aE5io9NmyLzoN3yO3
Score

1^/10
behavioral3 behavioral4
- Target
  
  SmartClient/BCP2P_API.dll
- Size
  
  148KB
- MD5
  
  f481d080f6f86ccdfb59bc349e092903
- SHA1
  
  9da75ebe1be17618884f15a74b0e75efa10497e2
- SHA256
  
  906e449775c58ff095ffe8fcf04af7f152b481ed09c261802aff3f82c66e10a8
- SHA512
  
  ca119c9b119b901309f6635d990090fc5033582ddb4e355f651d558d230d13d6c369f6118c683db658b1bf38caaec7f9db9f564fce66bfc9ab556a1db94ac779
- SSDEEP
  
  1536:Gb5H6AwyZwMDEE6ozEyEQFKwDXCcOOmfgC9TRQ0v+jZL4Si2ZoP2YtRk/MfUSg7t:GRnZjDtUXYOOg+BYI2XUotHM
Score

1^/10
behavioral5 behavioral6
- Target
  
  SmartClient/DevMiddleware.dll
- Size
  
  119KB
- MD5
  
  332721416401b18701d61cbdd2e4219b
- SHA1
  
  492f2b5ccf8711941f4030753275b2b826f6a7b4
- SHA256
  
  cf31b9dac64eaa8fdf416393124662277959f9b36791d73f02d15324754e32ad
- SHA512
  
  119472fa11ce0446e35adb762ace890371d9165e78aadd420eed2739a5cd57ad077da8389116db4e49b1dc5c0ff4cbd99d14b5fdcb2d5d21d847e08a2f8580ef
- SSDEEP
  
  1536:z6ZZXuvN/abSABwLcILEx1mRWfZL+OoBDxyfvdzFqzAf5MQBxr0n0KAcD/DWXdoL:z6zuFTLO1nMk1zFFL8JzDWtoReGJ
Score

1^/10
behavioral7 behavioral8
- Target
  
  SmartClient/EnCodeQr.dll
- Size
  
  156KB
- MD5
  
  42cc61fdef61737bb6c7788e037b926f
- SHA1
  
  a6c81ca9309a192fc92a8926ca1f93e5a14cb892
- SHA256
  
  cbe3d49f0cd61338aa8cd09520fbfbd86c3a8a7cffc7706781c5b4834070d47a
- SHA512
  
  be9ffa13a2e5cc813e8bb2a3fbe32a7329d44438659ccc4543f7305d3c3e8dfd6c47e165a43f82658215243b03bb203efdd3a68d177e67767b0c4f1360745798
- SSDEEP
  
  1536:9uI03/Af3G2/z4YxCi+TcTeuDQ7xlv5vyQ4ADDtz3AC0t0dWkOcHMMHW8bcN9odL:L04Nzhx4EKlCAnSC0zZB8bw9odyRPA
Score

1^/10
behavioral10 behavioral9
- Target
  
  SmartClient/IOTCAPIs.dll
- Size
  
  156KB
- MD5
  
  21d5169dc45b5ec2b9a479493ddb55c7
- SHA1
  
  77f8a3f74f210a23c0e3bed7c891956359a74aad
- SHA256
  
  038bc381c5f1d5d0e00074e56a7645a3b75337dfb530dba2ad6c59588fb089f7
- SHA512
  
  f5d5849f97d491a5a1495ae9bbc4dcd9c56c9958551c53716493655a8bb9cd8c129f4a42e14b7711e71b1c1fd8a3e8293348231cd558ad64586faa9e3ac8a182
- SSDEEP
  
  3072:cDBeXL0eMeKdzyTuY7WQDB2ZZcegpTptNtL:NXwv97Y7Begp
Score

1^/10
behavioral11 behavioral12
- Target
  
  SmartClient/Language.dll
- Size
  
  252KB
- MD5
  
  19920cae88627c749f3f2c7e799d6f7c
- SHA1
  
  f6c4ebba949083fc4f518d6cfd1d90c31092461c
- SHA256
  
  6890139bd1fe3e86d42a8b01789d8db251d2061cda650c83bf336ad07399d434
- SHA512
  
  ff365149caba68c2c144babcf20e5e570add21c7bdecc2c46c70915069b55d0a514c3ae866f9316bb4ac843ef96338b246fa96b3d7c67c2288fcd10cea297974
- SSDEEP
  
  3072:0KfZiyEylb4XMuKovH0bVSM8sSRzrzLCId0lySEXjW6JDm2N9mBucD5aEVkXB:1iBVv/0bVSRsSlfD0lySEXjWt2XqYEi
Score

3^/10
behavioral13 behavioral14
- Target
  
  SmartClient/Live555.dll
- Size
  
  214KB
- MD5
  
  e1c1b1c7339d2cc0b1eaae0cce2c1f98
- SHA1
  
  cd44de6d1383c30a1dc5da26845b50b72969cd6b
- SHA256
  
  f33a3147cee8529f2f5c7e8aa0eb1d4500c22d0fa2937371f19c06e6ec09f2b3
- SHA512
  
  5738eaf8dfec12bedb02681a998e1bf9d8b71fa05a0cf2bb76c35f4bb5379a51fb946b733a60479dcd1a75cb1c470b38d43309f88893f4efafaf09216f1dcec5
- SSDEEP
  
  3072:qXe7gz9b3qa7J1s2tvwEwq6wleay8SZ8fJvLFpLq34KJkuxI56kcoNn5:mzZls2tvhwq6pZZ8xG34KjkT
Score

1^/10
behavioral15 behavioral16
- Target
  
  SmartClient/OnvifPC.dll
- Size
  
  2.2MB
- MD5
  
  98afdc6fafe63ea3a276e50a861d9e16
- SHA1
  
  ee2051abe84be49d426e1125b1adae15a6edaf6c
- SHA256
  
  30c8a65d1177552319966f0925915a75287b2c6b8fb3fd63dbbfb77be7009849
- SHA512
  
  1c0fc44fc5b0f0aaf8608ad26a1daf23e8e09efca1f51e6e0b8c683e2f8288710f2854a6c479bc36ba0f91e29ff7596872f4cd21ac0570b8edb81ee6e7119439
- SSDEEP
  
  24576:uQDhSQGVt0VloqrODK/+ynx3jtj1QFmMZWKmghYgy5:R+SQJWKmk
Score

1^/10
behavioral17 behavioral18
- Target
  
  SmartClient/RDTApis.dll
- Size
  
  92KB
- MD5
  
  0b2ef2ad94ba6361b61cb2c6bbdc0485
- SHA1
  
  9448242d3b56dadc75f05742616a59adc034f879
- SHA256
  
  c052bba5b7e18ae734a6baeaa641b8562bf70b4b1de13c2b72b0f527745c009f
- SHA512
  
  83df4cafc1b39ff2deee00410aa9316d47f6ef90a991ed8e5c55cfec8ce1e1e97f0b8b591fbb7e8dc052ad0ef539b7b5129c9c561d778d5217f56675010a4912
- SSDEEP
  
  1536:cLFSr/XZ0FWIA4yGMgbPp1PsTnmQqKPyIrXtSa:cLFSvIAjGMupVimQTtl
Score

1^/10
behavioral19 behavioral20
- Target
  
  SmartClient/RemoteConfig.dll
- Size
  
  1.7MB
- MD5
  
  0ec9a5548a56e70ee62ac7f1e4baef3e
- SHA1
  
  cc72c7f57b59d7d65398f724645df62be40b6265
- SHA256
  
  cf62ba24f5b5b4d9ab2a425bdc8b5dc1e01352e5e62e41ce9facfc698c950b24
- SHA512
  
  2c7e0317e6c54b1763db3c8edf37e1034461a085ccfc00117cb897bd3df2d4f4b3a6945f7cfe24525f0fbd3348fa65fb41889d729d6582911cb9b5b3bd46432c
- SSDEEP
  
  24576:Tpz1k+Y6VHSX5W/xPlRUQFReZMs6+RLNOM8L5m4FNDhtPwzOlfK:YIHSJW/xtaQ7K/vL+w4FND/PEOlfK
Score

1^/10
behavioral21 behavioral22
- Target
  
  SmartClient/SmartClient.exe
- Size
  
  4.9MB
- MD5
  
  c8f80e12cd7a80fe87f74d6dc125d89e
- SHA1
  
  3d53877802caf8a0860afc80afdf9122833c17c9
- SHA256
  
  2f45600dcbcc925605c9283a94f24426618e9ae4fdd2abed9c5ce8179b390576
- SHA512
  
  362e9e6c4def2a3468a82405a1fec8553c1051ea58584d17001633506e4510ddff0fe0465d2dd0adec6735520437c2c92e0eaa9b6d7a20d5070753031bde24cb
- SSDEEP
  
  49152:k0FMGlQd1H0tAUOWmub1ab4FND/PoW3rtngZL21wyCnxws9BO7Q+UE:kgQ1HcJqubYb4FND3JngIvS+7
Score

1^/10
behavioral23 behavioral24
- Target
  
  SmartClient/WinPcap.exe
- Size
  
  893KB
- MD5
  
  a11a2f0cfe6d0b4c50945989db6360cd
- SHA1
  
  e2516fcd1573e70334c8f50bee5241cdfdf48a00
- SHA256
  
  fc4623b113a1f603c0d9ad5f83130bd6de1c62b973be9892305132389c8588de
- SHA512
  
  2652d84eb91ca7957b4fb3ff77313e5dae978960492669242df4f246296f1bedaa48c0d33ffb286b2859a1b86ef5460060b551edca597b4ec60ee08676877c70
- SSDEEP
  
  24576:UBOldyR6ORWsaM2QROxa6jsqUENfJjNK/CG6niqiL:2KzqWsayROxa6QDENuaG+ifL
Score

8^/10

discovery
- Drops file in Drivers directory
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  325b008aec81e5aaa57096f05d4212b5
- SHA1
  
  27a2d89747a20305b6518438eff5b9f57f7df5c3
- SHA256
  
  c9cd5c9609e70005926ae5171726a4142ffbcccc771d307efcd195dafc1e6b4b
- SHA512
  
  18362b3aee529a27e85cc087627ecf6e2d21196d725f499c4a185cb3a380999f43ff1833a8ebec3f5ba1d3a113ef83185770e663854121f2d8b885790115afdf
- SSDEEP
  
  192:86d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jwK72dwF7dBEnbok:86UdHXcIiY535zBt2jw+BEnbo
Score

3^/10
behavioral27 behavioral28
- Target
  
  $SYSDIR/Packet.dll
- Size
  
  99KB
- MD5
  
  2ce150705bbeb30e6c8059cc530043aa
- SHA1
  
  3d8615f9d8f8f7a5d78b3c06bf746948b9ef6ba5
- SHA256
  
  cd9f4fb077c25013226e0883f9ae02e9ced9b71f07637081e55ae70fd0788f29
- SHA512
  
  9f7573ca679ef0cc0e1d815f605a399e87f7a046e3e51970d2c7597329b19e118cc2da7240ee854e13e31582f12bab8be506d1612ac81d5b453ef366d4674dcf
- SSDEEP
  
  1536:zbDKMXRC2wKDDuDirGfqs97WcETlsxtl2o+V:PDKMtfuysAcETlsxtco8
Score

1^/10
behavioral29 behavioral30
- Target
  
  $SYSDIR/pthreadVC.dll
- Size
  
  52KB
- MD5
  
  f04a90f917ba10ae2dcbe859870f4dea
- SHA1
  
  6668ebe373ce58c33017697c477557653427e626
- SHA256
  
  99c61abf41c3aec38cab3ed6270adbca9a247bbf5f9aa9d29ecb0659a5527f48
- SHA512
  
  aec29301b9ce311b27f1590b0e0c4121acdc183a30b570e087d77b7035684f02a6dfbdee950c37f3023b32e2ea5a075a5fbe6d18a2804da9490d4959733bb516
- SSDEEP
  
  384:hSvfC8Vv0Vy7ojuq7GQcdWTc4zU+GFronD/yD5rBEe0kiH32Jp9AhOW:wt+TGQcdWYdMG59EeJiH3YzW
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Drops file in Drivers directory

Loads dropped DLL

Checks installed software on the system

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32