Overview

overview

7

Static

static

7

Book2.xlsm

windows7-x64

1

Book2.xlsm

windows10-2004-x64

1

GoogleClou...er.exe

windows7-x64

7

GoogleClou...er.exe

windows10-2004-x64

7

$PLUGINSDI...os.dll

windows7-x64

3

$PLUGINSDI...os.dll

windows10-2004-x64

3

$PLUGINSDIR/INetC.dll

windows7-x64

3

$PLUGINSDIR/INetC.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ze.dll

windows7-x64

7

$PLUGINSDI...ze.dll

windows10-2004-x64

7

$PLUGINSDI...nz.dll

windows7-x64

3

$PLUGINSDI...nz.dll

windows10-2004-x64

3

deneme.html

windows7-x64

1

deneme.html

windows10-2004-x64

1

photo_qual...ate.py

windows7-x64

3

photo_qual...ate.py

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9b73f8eb1505799749b1b15c7a9ed63448f6b7658a2ef912dc4ce2b57b38ad7d.rar

  • Size

    1.2MB

  • Sample

    240705-b2srdazakl

  • MD5

    2fdfac4fe0d040e3587c0f3087ed5ce5

  • SHA1

    fa84c7a4a4ae042b24270d066dd83eeb87c707e7

  • SHA256

    9b73f8eb1505799749b1b15c7a9ed63448f6b7658a2ef912dc4ce2b57b38ad7d

  • SHA512

    a1b1e3488ff892500fafe2874426ccf557d461e517c37b39aa28f5f45a709575ffb77b54c001eb06f5af1173b03a62b2eaf3d953bbad73b5ae2cb78d1cc39094

  • SSDEEP

    24576:3GLLgVKVD5i40/qpoET8nBEbzhgiXw3s0PXY1ScPoiZrc/d:2LLEKVFX0/qpvCEbdgiA3stocPlB6d

Score
7/10
upx

Malware Config

Targets

    • Target

      Book2.xlsm

    • Size

      11KB

    • MD5

      528ceaab3d384b4b02420aa401a1adaa

    • SHA1

      d43204f11c660b025c3760372e39e20e7b5ff7ec

    • SHA256

      58c4cb3a6d4427ceaedd0e5d30e4d1101694354d165757ceef6534536f6e63de

    • SHA512

      e05ead3b1c8bb680b474d20fffe47cced8f772e7366d362bcea99228b9d45d845b22fe1e709d0a098cbd47b50393b5d952ca1898f59ced7c0b63588244d455a7

    • SSDEEP

      192:m0YN4+tJBeCFPS5ysPWjraFUlbVvevUqzPANCI/8VhWR/Na4:XYN5tCCFa5O0UlM9zPAb08R/Na4

    Score
    1/10
    behavioral1behavioral2

    • Target

      GoogleCloudSDKInstaller.exe

    • Size

      261KB

    • MD5

      4e17f649c448d908c421fa47f403cf67

    • SHA1

      be8384dbd44401cb48d6ad8593056e5cd741dade

    • SHA256

      b1a79901deb8e3bb861bfe4126bcebb51e1effaa8bacd227a4372b9ea77205ee

    • SHA512

      7aa6f194f0c0804369660e4c15dfd8ec9e29374e62fbcd588995d25230ffdfee1552d2a98d6ae2564fd72c1557dcc49139cb147044092719fc798d63f1857a69

    • SSDEEP

      6144:WlTeOP8bOJRZ6y5oK9JR0VSji0SI4BoZU9j2k:X5QZTyK/R0VOiBX9j9

    Score
    7/10
    upx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/ExecDos.dll

    • Size

      5KB

    • MD5

      a7cd6206240484c8436c66afb12bdfbf

    • SHA1

      0bb3e24a7eb0a9e5a8eae06b1c6e7551a7ec9919

    • SHA256

      69ac56d2fdf3c71b766d3cc49b33b36f1287cc2503310811017467dfcb455926

    • SHA512

      b9ee7803301e50a8ec20ab3f87eb9e509ea24d11a69e90005f30c1666acc4ed0a208bd56e372e2e5c6a6d901d45f04a12427303d74761983593d10b344c79904

    • SSDEEP

      48:6jOBtU/BXN8kUByyy/Aklkcrkyg7Vg5RibGoTCTo0gqVeeaeQqzM5rv774YRljmB:y/DMy4ncrkyg7tbpQFLUEYRxe

    Score
    3/10
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/INetC.dll

    • Size

      235KB

    • MD5

      8ee31a2916657afde78bf5e33fd4bb15

    • SHA1

      ef98d0c6dd7ce6b348a91c683ce9175e56c3a522

    • SHA256

      1d8e76baf1de113c119061bea74ef2e8e684c65c2c9675f93970909f0879cdc8

    • SHA512

      318f5715956e3aacacfeccce920a8cd48998a5cfa65dd933afbfdef57b1675735312060950a7245e5c3e8784a61bcb3e8f9bb10e85774466504f7a7e3526af2b

    • SSDEEP

      3072:8tNXMxiQraqoDDfbrH6ZgxkzStPpwGxqeujXj5Bif/Pa0A:8DXMLaqoDfb6mxk2LqHXj3if/Pa

    Score
    3/10
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      2ae993a2ffec0c137eb51c8832691bcb

    • SHA1

      98e0b37b7c14890f8a599f35678af5e9435906e1

    • SHA256

      681382f3134de5c6272a49dd13651c8c201b89c247b471191496e7335702fa59

    • SHA512

      2501371eb09c01746119305ba080f3b8c41e64535ff09cee4f51322530366d0bd5322ea5290a466356598027e6cda8ab360caef62dcaf560d630742e2dd9bcd9

    • SSDEEP

      192:vPtkumJX7zB22kGwfy0mtVgkCPOsE1un:k702k5qpdsEQn

    Score
    3/10
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/UAC.dll

    • Size

      14KB

    • MD5

      4814167aa1c7ec892e84907094646faa

    • SHA1

      a57a5ecbdfa9a8777a3c587f1acb02b783afc5ee

    • SHA256

      32dd7269abf5a0e5db888e307d9df313e87cef4f1b597965a9d8e00934658822

    • SHA512

      fb1f35e393997ecd2301f371892b59574ee6b666095c3a435336160481f6ef7ed5635c90ce5d2cf88e5ef4a5affb46cb841b7d17e7981bd6e998531193f5d067

    • SSDEEP

      384:3A7q72y8XYDSDJe7H+KXKKK2KRKuKZrjVo787foI7:3sygyraXjQ7Zl99

    Score
    3/10
    behavioral11behavioral12

    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      13b6a88cf284d0f45619e76191e2b995

    • SHA1

      09ebb0eb4b1dca73d354368414906fc5ad667e06

    • SHA256

      cb958e21c3935ef7697a2f14d64cae0f9264c91a92d2deeb821ba58852dac911

    • SHA512

      2aeeae709d759e34592d8a06c90e58aa747e14d54be95fb133994fdcebb1bdc8bc5d82782d0c8c3cdfd35c7bea5d7105379d3c3a25377a8c958c7b2555b1209e

    • SSDEEP

      96:oyqZ4zC5RH3cXX1LlYlRowycxM2DjDf3GEst+Nt+jvDYx4yqndYHnxss:oyq+CP3uKrpyREs06YxKdGn

    Score
    3/10
    behavioral13behavioral14

    • Target

      $PLUGINSDIR/nsResize.dll

    • Size

      4KB

    • MD5

      aa849e7407cf349021812f62c001e097

    • SHA1

      4cbb55b1d1dd95dcb7a36b5a44121ad4934539af

    • SHA256

      29b0e5792679756a79d501e3a9b317971b08e876fac1c2476180d0ae83b77ba5

    • SHA512

      4556baa49e8182d72e29e8d809635312142eb127039f5803ca0bf011b4359f0b584a670a3bd26a9969165a332cfa14a39abeaeae0b4d90519f91fdea755c54de

    • SSDEEP

      96:Grb+u7Dk2IFEZsO22AxqX4PJ7G17JAgX0:yb+u7Y2IFEKOHA0X8i1NAI

    Score
    7/10
    upx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral15behavioral16

    • Target

      $PLUGINSDIR/nsisunz.dll

    • Size

      40KB

    • MD5

      5f13dbc378792f23e598079fc1e4422b

    • SHA1

      5813c05802f15930aa860b8363af2b58426c8adf

    • SHA256

      6e87ecb7f62039fbb6e7676422d1a5e75a32b90dde6865dcb68ee658ba8df61d

    • SHA512

      9270635a5294482f49e0292e26d45dd103b85fe27dc163d44531b095c5f9dbde6b904adaf1a888ba3c112a094380394713c796f5195b2566a20f00b42b6578e5

    • SSDEEP

      384:KExN66Yf2xL5Q4IsjuUjUZfqRDpImexpf88FwHxXvjX3hwlHt6oIfESxSHoOO8n9:O2x64GcVpI3xC8ynToIf1SIOhW4

    Score
    3/10
    behavioral17behavioral18

    • Target

      deneme.html

    • Size

      1KB

    • MD5

      34afea0bdefda9520ece6b760fcd1eec

    • SHA1

      81359e66c6faa08414c93cb9c78d4b3a3d79e44b

    • SHA256

      9c12ff99fdf84e56e62f7c8cc2181d42b56f0632d0c0bf9e7981b851f4429915

    • SHA512

      391474c2231378163844b7e1ffd06d81250f82a208bdd5f160a16d6a22bf58681351eeb765c3c6494b39802666564f56fc89cd05a5c0ac952c765b01e703bf32

    Score
    1/10
    behavioral19behavioral20

    • Target

      photo_quality_update.py

    • Size

      938B

    • MD5

      c28014e8d58da631aefd9242fa19d8d5

    • SHA1

      5d77c08e0f0865ab0af22f50e1eac1e32954dc66

    • SHA256

      2f28a1971572899eb5de4859ebf4284c17b8cf1e2ee0c06382ea65e0f3df1234

    • SHA512

      bdfb1add63ed349ff24576e626f714751621fbf47103c06b8029b30bf510a316646594208c8d03e31c80bf0287afb52b754be0a7ad4865a1cb2c8c8085e80d50

    Score
    3/10
    behavioral21behavioral22

MITRE ATT&CK Enterprise v15

Tasks