ff49326dcd45aa48f91c8c95cd915ac672c9b98d1adb32fa29648fd8eef815cc

Sharing

Copy URL Twitter E-mail

General

Target

ff49326dcd45aa48f91c8c95cd915ac672c9b98d1adb32fa29648fd8eef815cc.zip
Size

16.5MB
Sample

240704-cqf4wa1elc
MD5

8c6e843f7eba0e71c184d6e30b18100f
SHA1

e087271d86b4c4904395b1da052aaacc9e7704a6
SHA256

ff49326dcd45aa48f91c8c95cd915ac672c9b98d1adb32fa29648fd8eef815cc
SHA512

b3575ce16e417be3c7a6d4e7c5e06f7520fcbf3b1fa711b10da1ed4d25e3e1e94df2d562a755282a0a1e4dfc197dc5c98b87743d6484f6dce0f224a6a712f78e
SSDEEP

393216:bfEuMjZNcx0my+PfFA4LsRCbtcfy4pntrFQND/iA0uLvCdn:7OXcxI+Pq4IshcT3+9iZn

Score

7^/10

Malware Config

Targets

- Target
  
  use_2024_tо_оpen/ICQLiteShell.dll
- Size
  
  56KB
- MD5
  
  05e61539b8917fca37c03756bbdd043d
- SHA1
  
  5a72e0e528260de0ea5b34badb9e5f9873cb4245
- SHA256
  
  515c8e0b93f0fef15da3e2573ad92b7e7840374140e65e5d73df63d8e22cb3e8
- SHA512
  
  565d57783e6044d6e7e2026c79dbd897e637c5e1d96e7930dc704ef2b6d801669b38f0c26382f00e67e26668439274941e937a0ade54666de50b5d84f6da7e97
- SSDEEP
  
  768:YEGJ9blT7XZBSbHwJU+tGR0KZUyGKZ0ZgwmF1+3UVambg:YEGJ9bln5o0KZjGKZ0Z1mF1+3UVayg
Score

1^/10
behavioral1 behavioral2
- Target
  
  use_2024_tо_оpen/ICQRT.dll
- Size
  
  32KB
- MD5
  
  1aedcb8994d6ad63ef9dcb87016e028f
- SHA1
  
  f5b891aa15c6353b681bdb7e2d96c6ac8a5f02d7
- SHA256
  
  53e1f40144bab532f9700ff25ec3d5c6a39784a98e17fada583b4ee6d9dd5dbc
- SHA512
  
  89c0f408797c4d78afc52335a9e162345c614e1e419f55487cb358c14f7a69ec82138a7e6250be3133233386ba3659d241e80ab63c9b972b6c8b26b0424cb0c8
- SSDEEP
  
  384:+qtTeds1tkMAp4TxCW9su5UcSu93ggoXUQQIPGEANHl:FTedukelF95RjQUUPpANHl
Score

3^/10
behavioral3 behavioral4
- Target
  
  use_2024_tо_оpen/Language/WinRar.exe
- Size
  
  3.2MB
- MD5
  
  b66dec691784f00061bc43e62030c343
- SHA1
  
  779d947d41efafc2995878e56e213411de8fb4cf
- SHA256
  
  26b40c79356453c60498772423f99384a3d24dd2d0662d215506768cb9c58370
- SHA512
  
  6a89bd581baf372f07e76a3378e6f6eb29cac2e4981a7f0affb4101153407cadfce9f1b6b28d5a003f7d4039577029b2ec6ebcfd58e55288e056614fb03f8ba3
- SSDEEP
  
  98304:lJXOBfK92HbAw0CNB3kJElzNsy8vGUvfCo3ABH43:lJ192HbAXCvDlzNsy8vGUyo3AB8
Score

1^/10
behavioral5 behavioral6
- Target
  
  use_2024_tо_оpen/LiteRes.dll
- Size
  
  735KB
- MD5
  
  88962410244bc5c03482b82a7e3cb5e1
- SHA1
  
  4622be2d3deda305bf0a16c0e01bc2ecf9d56fad
- SHA256
  
  afa884228afc5c05f4b47e90b6de42854d5a8886ec5ed15a253faeccd5309036
- SHA512
  
  c6e7667f91c1439e33ad4d9e2052b7c9fcc3ca2c7688d9e2bc0550b71a5762b76aa76427331df0217429d9bd984925997c7a8d009f25e44e2776c5ce7cc9d98c
- SSDEEP
  
  6144:x9Ej/jb82/HRoXO1q2pt+Mc1/PDPicsUzM+gYESoE/wOuET8F62bH5vnGfcJvl+b:fqptG/PDPo0no2Iq8F6CHBTWqU
Score

1^/10
behavioral7 behavioral8
- Target
  
  use_2024_tо_оpen/LiteSkinUtils.dll
- Size
  
  48KB
- MD5
  
  059d94e8944eca4056e92d60f7044f14
- SHA1
  
  46a491abbbb434b6a1a2a1b1a793d24acd1d6c4b
- SHA256
  
  9fa7cacb5730faacc2b17d735c45ee1370130d863c3366d08ec013afe648bfa6
- SHA512
  
  0f45fe8d5e80a8fabf9a1fd2a3f69b2c4ebb19f5ffdcfec6d17670f5577d5855378023a91988e0855c4bd85c9b2cc80375c3a0acb1d7a701aff32e9e78347902
- SSDEEP
  
  768:FPGeoWyuTx6vrP/zAdWQS6Z9CSKh64crVKTl9inMUAK:tGeJxIHepSKzjVK9iMUAK
Score

3^/10
behavioral10 behavioral9
- Target
  
  use_2024_tо_оpen/Resource/Locals/x64/AdonisUI.ClassicTheme.dll
- Size
  
  287KB
- MD5
  
  8a1b183bca062f48402c74f2daba7b92
- SHA1
  
  d9417bf78b3b37d668c08e67f3c0f21dbc6dc11e
- SHA256
  
  8103f2cce6a864ceefe6c5b0c05087ac85ab04a2abf150e93bc9db90c54d9d20
- SHA512
  
  0f5120fa9ed24d2a49b82cdc62113302002ccc5e1cf389cc28830f36b2915f876bdf77094fa6dfa312fc01b6f482465297fa734509511fa7e72285569ce57e87
- SSDEEP
  
  6144:aMNTja9KIKf5RCs1ussMKlzI5iJQn9gu5DPOvObo:5Za9KIjs1ussMKlzI5lo
Score

1^/10
behavioral11 behavioral12
- Target
  
  use_2024_tо_оpen/Resource/Locals/x64/AdonisUI.dll
- Size
  
  164KB
- MD5
  
  3d4c8b6aad28ec574e56ccda22b34ef3
- SHA1
  
  bc22ac7097e597fba3d7367b2fd5c61adff28941
- SHA256
  
  db46b6106dc1b30041ce3f287ded91166895ff3f1928250fc79dd46c444b1e45
- SHA512
  
  fc56241e65dc7bcc678a2af92f79bda017ceb3f7c4f203c7e9ce753d573da868608a6f56545c0d181a625737278b7b73223e5dcce85bf1f3c5b7b1b06e5c5739
- SSDEEP
  
  3072:fuZPAdWKbu3355s555GPQKljrKxX0yAbTxin1YzqHf0llbS1sjZ73h39Iwj:GydWDrKxG3h39Iw
Score

1^/10
behavioral13 behavioral14
- Target
  
  use_2024_tо_оpen/Resource/Locals/x64/SQLite.Interop.dll
- Size
  
  1.7MB
- MD5
  
  56a504a34d2cfbfc7eaa2b68e34af8ad
- SHA1
  
  426b48b0f3b691e3bb29f465aed9b936f29fc8cc
- SHA256
  
  9309fb2a3f326d0f2cc3f2ab837cfd02e4f8cb6b923b3b2be265591fd38f4961
- SHA512
  
  170c3645083d869e2368ee16325d7edaeba2d8f1d3d4a6a1054cfdd8616e03073772eeae30c8f79a93173825f83891e7b0e4fd89ef416808359f715a641747d7
- SSDEEP
  
  24576:YPUxmkgSxPgobZPRjZ22H6edtOZzWySRO3mlE0i/Yl5P+qF+8k+ao/si6:8UxXPgo8e6WYBSJZSS5P97I
Score

1^/10
behavioral15 behavioral16
- Target
  
  use_2024_tо_оpen/Resource/Locals/x86/BouncyCastle.Crypto.dll
- Size
  
  3.2MB
- MD5
  
  0cf454b6ed4d9e46bc40306421e4b800
- SHA1
  
  9611aa929d35cbd86b87e40b628f60d5177d2411
- SHA256
  
  e51721dc0647f4838b1abc592bd95fd8cb924716e8a64f83d4b947821fa1fa42
- SHA512
  
  85262f1bc67a89911640f59a759b476b30ca644bd1a1d9cd3213cc8aae16d7cc6ea689815f19b146db1d26f7a75772ceb48e71e27940e3686a83eb2cf7e46048
- SSDEEP
  
  49152:JIBbo0WIgmjljFtXCdRLRBcJd+KaGxHIkMNqzP56O8lZ7qXUqi9Y:6BbBWIgWljGxRB/LLY
Score

1^/10
behavioral17 behavioral18
- Target
  
  use_2024_tо_оpen/Resource/Locals/x86/SQLite.Interop.dll
- Size
  
  1.3MB
- MD5
  
  8be215abf1f36aa3d23555a671e7e3be
- SHA1
  
  547d59580b7843f90aaca238012a8a0c886330e6
- SHA256
  
  83f332ea9535814f18be4ee768682ecc7720794aedc30659eb165e46257a7cae
- SHA512
  
  38cf4aea676dacd2e719833ca504ac8751a5fe700214ff4ac2b77c0542928a6a1aa3780ed7418387affed67ab6be97f1439633249af22d62e075c1cdfdf5449b
- SSDEEP
  
  24576:eiDAYMz2epP8AEXn8z7qsyb8c+gntHKuvKtBLtTvD0nsrFSK96fYlYyv:1AYMza36enEuyjpTV96A2yv
Score

1^/10
behavioral19 behavioral20
- Target
  
  use_2024_tо_оpen/Resource/opengl64.dll
- Size
  
  145.8MB
- MD5
  
  71466589eb444bbf272c0f5c920c57f0
- SHA1
  
  4fcace49ee032779d3bf7b8e03c6a9f29ed871ba
- SHA256
  
  e7d625cf255360b0ea96a52ca990be6f1cef522ff7440393e45b12793ac88031
- SHA512
  
  eff62450cf03d72af2594d750a70b008226fa2e46216661716287639bf5e1ff1303076fdaf4f062ca4098ef10a8e29502de55ecb3a6e04753aad7fcad01e3352
- SSDEEP
  
  48:0ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZY:n
Score

1^/10
behavioral21 behavioral22
- Target
  
  use_2024_tо_оpen/Sеtup.exe
- Size
  
  2.5MB
- MD5
  
  2cca9b25e6ed5a9f606d880ab6c95cb7
- SHA1
  
  fe5c91f7417da470a4379a15c526225ea3156b9f
- SHA256
  
  339fe7bdfbe4212886cc8582655b83f5d2ee08c33939fa331447e7ee1ddf0d0b
- SHA512
  
  319ea2bee3b8b0dd69460079b3c3201210f79649e30c47d7bba87f38569c3e245cb3f01694465a9eb003530e5b38d4a7ebd980ecdf977160457cb81bea09b5a8
- SSDEEP
  
  49152:Ungy9PBYGZ6tsa/67rrcSYQ/udHEVbeGfYeZD6k5M:ho/udHEVbeiRHS
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral23 behavioral24

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Reads user/profile data of web browsers

Checks installed software on the system

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24