Overview

overview

7

Static

static

3

processlas...64.exe

windows10-2004-x64

4

$PLUGINSDIR/INetC.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

CPUEater.exe

windows10-2004-x64

1

Insights.exe

windows10-2004-x64

1

InstallHelper.exe

windows10-2004-x64

1

LogViewer.exe

windows10-2004-x64

1

ProcessGovernor.exe

windows10-2004-x64

1

ProcessLasso.exe

windows10-2004-x64

1

ProcessLas...er.exe

windows10-2004-x64

5

QuickUpgrade.exe

windows10-2004-x64

4

ThreadRacer.exe

windows10-2004-x64

1

TweakScheduler.exe

windows10-2004-x64

1

bitsumsess...nt.exe

windows10-2004-x64

1

pl-update.cmd

windows10-2004-x64

1

pl.cmd

windows10-2004-x64

7

plActivate.exe

windows10-2004-x64

1

pl_rsrc_bulgarian.dll

windows10-2004-x64

1

pl_rsrc_chinese.dll

windows10-2004-x64

1

pl_rsrc_ch...al.dll

windows10-2004-x64

1

pl_rsrc_english.dll

windows10-2004-x64

1

pl_rsrc_finnish.dll

windows10-2004-x64

1

pl_rsrc_french.dll

windows10-2004-x64

1

pl_rsrc_german.dll

windows10-2004-x64

1

pl_rsrc_italian.dll

windows10-2004-x64

1

pl_rsrc_japanese.dll

windows10-2004-x64

1

pl_rsrc_korean.dll

windows10-2004-x64

1

pl_rsrc_polish.dll

windows10-2004-x64

1

pl_rsrc_ptbr.dll

windows10-2004-x64

1

pl_rsrc_russian.dll

windows10-2004-x64

1

pl_rsrc_slovenian.dll

windows10-2004-x64

1

Resubmissions

06-07-2024 22:02

240706-1x4eratgrl 7

06-07-2024 19:00

240706-xnn2xssgpc 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    processlassosetup64.exe

  • Size

    2.5MB

  • Sample

    240706-1x4eratgrl

  • MD5

    079d9a59d53120f4835d58728a8a1614

  • SHA1

    8deb42134fe9d06e91c36ae196b0448c1ddc5e80

  • SHA256

    257f8251ab61b944b75deafc681030a20b6dd5ae03b8540d8f482a6c291efb96

  • SHA512

    cb572655f3a7b2c8767b9813b45e1ab8b76d16f6e7b29b922b0ea756091fc55663c4bcc935a71854e1049713bb51b3bc5c73827a3885bbe7ac0f84ef0303a14d

  • SSDEEP

    49152:K6+yyE+nj/76iNaWWHLjbZx8RI3DMl949upGnH/FrjWdTlxUZRS:Khj/76esbZDDMoApyfFrjkfiS

Score
7/10
discovery

Malware Config

Targets

    • Target

      processlassosetup64.exe

    • Size

      2.5MB

    • MD5

      079d9a59d53120f4835d58728a8a1614

    • SHA1

      8deb42134fe9d06e91c36ae196b0448c1ddc5e80

    • SHA256

      257f8251ab61b944b75deafc681030a20b6dd5ae03b8540d8f482a6c291efb96

    • SHA512

      cb572655f3a7b2c8767b9813b45e1ab8b76d16f6e7b29b922b0ea756091fc55663c4bcc935a71854e1049713bb51b3bc5c73827a3885bbe7ac0f84ef0303a14d

    • SSDEEP

      49152:K6+yyE+nj/76iNaWWHLjbZx8RI3DMl949upGnH/FrjWdTlxUZRS:Khj/76esbZDDMoApyfFrjkfiS

    Score
    4/10
    discovery
    behavioral1

    • Target

      $PLUGINSDIR/INetC.dll

    • Size

      24KB

    • MD5

      640bff73a5f8e37b202d911e4749b2e9

    • SHA1

      9588dd7561ab7de3bca392b084bec91f3521c879

    • SHA256

      c1e568e25ec111184deb1b87cfda4bfec529b1abeab39b66539d998012f33502

    • SHA512

      39c6c358e2b480c8cbebcc1da683924c8092fb2947f2da4a8df1b0dc1fdda61003d91d12232a436ec88ff4e0995b7f6ee8c6efbdca935eaa984001f7a72fea0a

    • SSDEEP

      384:wv1j9e9dEs+rN+qFLAjNXT37vYnOrvFhSL+ZwcSyekzANZBJ:w1AvEs3HBLzYn29vYh

    Score
    3/10
    behavioral2

    • Target

      $PLUGINSDIR/LangDLL.dll

    • Size

      5KB

    • MD5

      68b287f4067ba013e34a1339afdb1ea8

    • SHA1

      45ad585b3cc8e5a6af7b68f5d8269c97992130b3

    • SHA256

      18e8b40ba22c7a1687bd16e8d585380bc2773fff5002d7d67e9485fcc0c51026

    • SHA512

      06c38bbb07fb55256f3cdc24e77b3c8f3214f25bfd140b521a39d167113bf307a7e8d24e445d510bc5e4e41d33c9173bb14e3f2a38bc29a0e3d08c1f0dca4bdb

    • SSDEEP

      48:S46+/nTKYKxbWsptIpBtWZ0iV8jAWiAJCvxft2O2B8mFofjLl:zFuPbOBtWZBV8jAWiAJCdv2Cm0L

    Score
    3/10
    behavioral3

    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      cff85c549d536f651d4fb8387f1976f2

    • SHA1

      d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e

    • SHA256

      8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8

    • SHA512

      531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88

    • SSDEEP

      192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr

    Score
    3/10
    behavioral4

    • Target

      CPUEater.exe

    • Size

      484KB

    • MD5

      b17fa00ea5eaa6514418d1f5a658e8d4

    • SHA1

      0dfe164e40916d937e031122530cfc870ebb17c7

    • SHA256

      2d90fa5a9db0213390d4f864a462ec5c006caf03ea55096bdc5cf46ccf8f6c54

    • SHA512

      440a8e6009dc69deca15431c9b4d1f8a2370a6891337362180b4aa8aa382060afa900d58504a52ed85d06c2e5dbd1fe4d95ae119c83141f7726d6b1c19ab5393

    • SSDEEP

      6144:dJWlpafqCDll1Ik4k5w/Fj/l4lvjlkdQvtIBK5UDEeBxhbYCp:dNfqi1d4k5OFjajlXtiK5UVUCp

    Score
    1/10
    behavioral5

    • Target

      Insights.exe

    • Size

      750KB

    • MD5

      412e905b54abd1e14ed03ce19d090e70

    • SHA1

      0808d564ba46022b6bdc5457838d1b17859831f7

    • SHA256

      55418f5693c9a5d3e28508b39bac660eaab178065ba6789298e1fd8002095a31

    • SHA512

      eac32d75bb94d76433050973dba949cf7a1fe99786ba2854ee063cd750ddae424a51c7817c256c6b0c1d38f43f58dd0a382d4513ba99dca7fd50248bb356d84e

    • SSDEEP

      6144:vEKsfeywcV9FOSZGItAOvd0UWI3csjf+pgxLyN6yr05/E9g0l873rYO+g7WGKV:NsfeRiOSZXtAOvd0m3+p8Ly16/sYKGK

    Score
    1/10
    behavioral6

    • Target

      InstallHelper.exe

    • Size

      764KB

    • MD5

      92abdca748e47cb140160230b54c5a9f

    • SHA1

      9f650c394477c26e9679c928e9292aff491bc460

    • SHA256

      692f402c7f1cd5db5f6e7074e5068e32ca3686bfb6e4896984187230b4291238

    • SHA512

      1868d4b55415c790bc7bc0ae9f85b9892056fe049d9b32b7f14f468aab1169091e15e88d1e808f9ca4e2e545ecf9b3a32ac34de7535ca3a6797adb72f7b5fac5

    • SSDEEP

      12288:OnKSfbJSYCQsHi2+NgaxZfWuzJxfeQXXbSKGhT:kKMwYCQsHi2EgaxZfWuzPfXbshT

    Score
    1/10
    behavioral7

    • Target

      LogViewer.exe

    • Size

      857KB

    • MD5

      96a1a75a99f6404a7a628d444576d6bd

    • SHA1

      1ef87d5de857f9ce9e6e9f49292c9743921e1afb

    • SHA256

      ec49086cc18cc388ff7e5717e7f6db35e13f9cbf47e3babe43f3082f2d7e34df

    • SHA512

      c41631b30d6d40b48cad93c9299805c621d0e94f2a106baf11ed7312b9c76dc8a093ccf0fd5a6c837c5e072bec6624870671f09a3a87992ba3f9400c353184b4

    • SSDEEP

      6144:T3iuBkOY8B59ASUsJHj1HMFdtX/jy+/6WOhVTgvBZOB6csuAPjNqXXB6uAPUFBmh:TnAQ16/jy+/ogZ4B2u1XB67PV38O9F

    Score
    1/10
    behavioral8

    • Target

      ProcessGovernor.exe

    • Size

      1.2MB

    • MD5

      cfdfe7f0dcfa090e86aec3eac408cb2c

    • SHA1

      58f6aa0cb957c8a93ecbf379313100dfbaf638e9

    • SHA256

      4ef5b4b9664c3ec9a7a8985885322de657275c4a4ce45a2eef3a8f745175b7f1

    • SHA512

      5cac13777d64773acced61b46ef19fb0e4143849423d53a5d2d8a34d098c735121d6268881d8bbae86e600e4365d93c863f396a90cc52c03e4e238951adbbaff

    • SSDEEP

      24576:hrtwU1qjJ4sVOH+RlpX7XQXqNACJa9Qf9s3UY+1:TwUkS4KaNLJa9QkL+

    Score
    1/10
    behavioral9

    • Target

      ProcessLasso.exe

    • Size

      1.8MB

    • MD5

      8fcf7cf04f9b344724759ee830e97ff7

    • SHA1

      7e89c71637362333246cb6f7b30f34a2b7693407

    • SHA256

      449c423ae1a63259989c85176dcc808f767346944eb40eac270ce27795abc1c2

    • SHA512

      3acc527ac9014db980d4c511fd416e32d627f616eb09559a2c3b0cb038a86eee6adf526488053fd09e34ba66fec6109bc534178e4371147d1b23f29803668759

    • SSDEEP

      24576:2XGXE/+1qw6stdHLyjToAdB4/5OH+5yU+yMj0lPj1VFLsPkUdKpVA7KykjgxDyQ3:kB+dHLcToMB4cUDHDVFAPkJVtNRi

    Score
    1/10
    behavioral10

    • Target

      ProcessLassoLauncher.exe

    • Size

      397KB

    • MD5

      ffba9b08c6fb3394e03b57f2fb4cec9a

    • SHA1

      21dfe7d8910159b769c248e56770a1dca9810b8c

    • SHA256

      9048d95e30d8ebe36b248da25ac9df5104c231ec3b0ae83a72ac31b513c13061

    • SHA512

      34fa80088b06566c660b19b4c1bbfcbce3dfbb50485bd9ede097577a2309c4f41afa5086541a87b25bda8b2e745336c135363b615782b84911334c959e921614

    • SSDEEP

      3072:c1hBjA8ZOHWQ97VpEwYNY/SzoDlArk7HoZ7WK7Tl/x:ghhA8IHW2VWIAr7WGp

    Score
    5/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral11

    • Target

      QuickUpgrade.exe

    • Size

      470KB

    • MD5

      7ee9df8c8bcae05df1ca4f163fe1d8ad

    • SHA1

      8afb7a02451c7275d5c83c9adda12670980dae87

    • SHA256

      929b5910c1a2e4e595d7f2b7c7838317ae58671ca1fa38e2cc4144e093fe4afe

    • SHA512

      b149115c65a43fb709d06db2906164f90dda254d2a42f17b68b0bee14fdf3b1a56c03441b302fe7a62ba320d85bb023aaf16b2b590a9a40d611c5a9e64df99fa

    • SSDEEP

      3072:/MlF9kZSPyI9m1+rxy9dTDs/ZR1ctUA/86KF7HEyCwMQOrUsLVtPk7HoZ7WK7TRc:/Mlsi9u+ty9xElcyWK+EKfLP7WGo

    Score
    4/10
    behavioral12

    • Target

      ThreadRacer.exe

    • Size

      534KB

    • MD5

      82c9c82d4cba471d9610ea4e977eee81

    • SHA1

      d033dafe04cc925a577750b278a8c881d172a940

    • SHA256

      cff87ebe133039b67d9a4ba6c7f370da797d51ca16c29e50cd956859e35cad1e

    • SHA512

      dca44221326502242b7d31fc2c330568bb1f89b957c7913e9488f6ac28ddde56f14dd0c2e4ff88fdb03acfab8b19637807423da87d391e5c34e5455dad35a5e6

    • SSDEEP

      6144:5POn8YlNnaeidAdYHRVEpvpcANd7WGKq:5PVYzaeidDnEpBdKGKq

    Score
    1/10
    behavioral13

    • Target

      TweakScheduler.exe

    • Size

      619KB

    • MD5

      899828fefc33dec645737ab418e66b73

    • SHA1

      25ded97d9bdcc76bc492121f7037607bb7880c3c

    • SHA256

      9716c3f7549196979af73d64c1587f45fcc7fe251de2a8efc5f69d818dd9a9c6

    • SHA512

      1c19fecbdde014d82c31f4d34fb641b5dcd5157f3b83e26da4afd318295f45cf66f2915e73deba95213fee95436a0424c0bad66ade7a1235035f1881504a2b1d

    • SSDEEP

      6144:ygvo9kk2z8iWNrJLMy7tIIpM/JZdbjKYop1qtWzUpNfV8OtxOVxaJ:292z8JfNNMxZdbjDofP8NCsJ

    Score
    1/10
    behavioral14

    • Target

      bitsumsessionagent.exe

    • Size

      177KB

    • MD5

      829167f1f56b6ea1ca6aace9a89bf306

    • SHA1

      466e6793f17b18ca33691ee3f227051614dffd7b

    • SHA256

      f211d0772d13c5258af7ccef5cd7e815a1e40def91c799b061d1b17070694169

    • SHA512

      091486ec463da26dfc04f8ee79b0d7ef5ebdfbe0876723716fcf9f64a620ba0d38461b585e33dffece98966eb10764efeaddf3d452792f787467ae2b7afb6f10

    • SSDEEP

      3072:fZqCWTn02jGqxokmkEYuhjj9GuUoSQzc8dEsjCNo2:hBWT02jKrYM9JBVFp2

    Score
    1/10
    behavioral15

    • Target

      pl-update.cmd

    • Size

      40B

    • MD5

      cd60ccd708d428df44ca1d454ad0d68e

    • SHA1

      83e3fb9ef19c7d3faabc0b391f96803652fda425

    • SHA256

      ab965ed0402b4c474fe6c988afee9957c5494c687745114fc80d1fb70fb071bb

    • SHA512

      b400530473683de0f7cba3f206b38ba1a0a4d3156a06168c3db0391eb33be1cb6fa65e736c746067aac394d538fc35de8764c30978734bcf4e84392b3294c10c

    Score
    1/10
    behavioral16

    • Target

      pl.cmd

    • Size

      77B

    • MD5

      aa54d58336d2565c369498d035737f8a

    • SHA1

      c6a8791264081a6f854b30ac11477bdd83a8cbee

    • SHA256

      9af8add66b2bb4a0252b65e0f13238055b601d689e8d29455d5b2c87f901fd7b

    • SHA512

      82d9eeab7cb95f012b55d531ba7af84546be650702f40ca294c74858eca5eadc0ed7a87bc65122df4093e483dffe1e04e306845871955b2dc4f5113f1cf34838

    Score
    7/10

    • Executes dropped EXE

    behavioral17

    • Target

      plActivate.exe

    • Size

      213KB

    • MD5

      1eb0b536ac077d922323e557b36cf0bd

    • SHA1

      0ce0b947984f7c323ff85a0cb0a4540410f5493a

    • SHA256

      511b2a948a1baaca6f78853aaad2b2aa0300ccca292938bf3ba6f03082d87634

    • SHA512

      6219d8e60542f0eb4eaf41bc6ea37c616f9efe1caf1847ccff87d847ead93e44b329813b3c60e4984ec67bebb7e4b1f115e8d0161100e9e071374e9d6db6e586

    • SSDEEP

      3072:rrtT90sKY/6RJcZNqQSkQ1P+lS70ehdgzI1NyD77+Gp:rp3/6YZEQSzP+I+7f

    Score
    1/10
    behavioral18

    • Target

      pl_rsrc_bulgarian.dll

    • Size

      1.9MB

    • MD5

      54b1cbf5711753f7e98f4c8c7df1fe3c

    • SHA1

      a18918c0cd189109cd552bc00428e85581df8ef6

    • SHA256

      92310264bb1bff39e1ab45f51aee709735b00d5bc94e5d32d725af1b8d2ec730

    • SHA512

      bf4e543b3c8217c74f7b7b955bbbea807bcfd135d32aa47e590374481b2aa8b6102ab15ca75093986b5df4860fa49c07332ec089181bb91792afe751b3655ca3

    • SSDEEP

      6144:7hlfFa9MmhuV2FFdq7qFrwnim0gsZEeV3dykIjFC8fB4adLxp7WGCNE/Jt1icNEb:7hlfcHokeFzLXKGh4ZJe6cwTqREewb

    Score
    1/10
    behavioral19

    • Target

      pl_rsrc_chinese.dll

    • Size

      1.8MB

    • MD5

      479cf4c42f6cf2a913207582a7324590

    • SHA1

      763dc335eb897241f3835ab858d797c0dc66d1eb

    • SHA256

      8e16f0412879df198780ed16259bec072fbc3a7b56c638ee0e51dda5779b882f

    • SHA512

      ee1b7c42e48930645b63ef6db6c88c5525d46c9bc8b7c3fa2b9bb33ef601321da4c86d37013692a0ec4bffec7b4cae656571669ddeede26a67f8e7ce4305f986

    • SSDEEP

      12288:RfcHo3WFzLXKGh4ZJe6cwTqREews02o8Q7:RfcHoUhUHTh157

    Score
    1/10
    behavioral20

    • Target

      pl_rsrc_chinese_traditional.dll

    • Size

      1.8MB

    • MD5

      3078a2096aaddd64c1fc166e2b0bfeb2

    • SHA1

      ba97a7e630da47a91390baf770f2861eec350a4b

    • SHA256

      30218ec5af253c898b58f4a299820598d022722a9c296ca68aa81046a73c53a9

    • SHA512

      e80c53ec99aa6fef4610f0a2d87a171a9e028267fd0984b82f92282074fb34b5496307896f3d7db17c468906e27c46c7ad754d3477d8722704249b3f3d069755

    • SSDEEP

      12288:fRfcHoANr9FzLXKGh4ZJe6cwTqREewClp:JfcHogdhUHTh14

    Score
    1/10
    behavioral21

    • Target

      pl_rsrc_english.dll

    • Size

      1.9MB

    • MD5

      258063bdcafc8fd2a2a50d9065989ad6

    • SHA1

      ee1bebd8c909d8ebe3b5b6f155c68fc7e6696e31

    • SHA256

      01b75b825eef6092db03156d3e87342a875bfd355a6cf8d9a87365f4c5fda85f

    • SHA512

      b0732da44481e09f38e903fab2bf81447bf661d785631ab2b7421a89b80ef2db38203d85dbea5535c5bb09e8550a2ca737db6c86eac372515ebdf803a59cb5ca

    • SSDEEP

      6144:DJfFa9MmhuV2FFdq7qFrwnim0gsZEeV3dyRNVMjFC8fB4adLxp7WGCNE/Jt1icNQ:tfcHox6FzLXKGh4ZJe6cwTqREewdc

    Score
    1/10
    behavioral22

    • Target

      pl_rsrc_finnish.dll

    • Size

      1.9MB

    • MD5

      bbb02f80b8c1addefd3d616b7d7f2c30

    • SHA1

      adb3c60f8a756f75475e18014f7a39c0a96c54da

    • SHA256

      88cc70afb11ca5ed59dfc85774de6c033882dbcee7b1c40aeae3d4969c5f3c66

    • SHA512

      21ddac73017be470083fec600356904ab36d1e17a1208f1e0e9afecbad650b7038eef7cdb41eb58d5017e7b555462e11c6b819f1ac173b4437a1a214954a9fc0

    • SSDEEP

      6144:ZlPfFa9MmhuV2FFdq7qFrwnim0gsZEeV3dyb0jFC8fB4adLxp7WGCNE/Jt1icNEX:bPfcHobiFzLXKGh4ZJe6cwTqREewX

    Score
    1/10
    behavioral23

    • Target

      pl_rsrc_french.dll

    • Size

      1.9MB

    • MD5

      306685beec9c359ee1c05402894d6bcb

    • SHA1

      06545b2b45775b8ec33240d6dcb93a49e62a7aab

    • SHA256

      ff2900d58680494449eb599fb7a28c30933553ae33062a705d6922594956ebfb

    • SHA512

      9dafae395c4bb8396a23d7100b8883226417a9c250c96407028faad3fc02bfcaf458d269d1a3c7a7ff73e5f088645d2c34b899a0d6aab25d6dea78516e1c2146

    • SSDEEP

      6144:42cfFa9MmhuV2FFdq7qFrwnim0gsZEeV3dyB3jFC8fB4adLxp7WGCNE/Jt1icNEZ:NcfcHoBTFzLXKGh4ZJe6cwTqREewwBg

    Score
    1/10
    behavioral24

    • Target

      pl_rsrc_german.dll

    • Size

      2.0MB

    • MD5

      fc95040ae013e5fe5ab6e622398aef30

    • SHA1

      0aa420e6d8bfc7b630dec36c36275bae515296c8

    • SHA256

      a22a0cb3540ce6e6f61534b635ace02155391744378438bbd2a0979efbb16386

    • SHA512

      ed52865c7609df083ea752b83e00d48ab9ba01e4774c2e9639ec476c0195b529a2b3eee1d9bd5524a5ac1e86e522ddf82e02c8512e741dabc5f1c66b5bd5ee5e

    • SSDEEP

      12288:9EfcHoyhFzLXKGh4ZJe6cwTqREewHv/Y55:9EfcHoehUHTh1oP

    Score
    1/10
    behavioral25

    • Target

      pl_rsrc_italian.dll

    • Size

      1.9MB

    • MD5

      450e517f56e8066abf10f9510f8c492c

    • SHA1

      568e40261a454b0705ccb492090f1b50f303065b

    • SHA256

      f6cffe8beee8602bfa6bd6f3853f87f803578fcfff207dbc2ceff806da5cc455

    • SHA512

      44f7d736b6e8e43fdd426641919ac6d7dd174afd217e9eb78aff182fa3642473a57e7f0af92fc340f00fdfd53f90fe6d50c48bb40eeb3280e9556a804fe685f4

    • SSDEEP

      6144:NWfFa9MmhuV2FFdq7qFrwnim0gsZEeV3dyhz91jFC8fB4adLxp7WGCNE/Jt1icNU:sfcHoh/FzLXKGh4ZJe6cwTqREewUu3

    Score
    1/10
    behavioral26

    • Target

      pl_rsrc_japanese.dll

    • Size

      1.8MB

    • MD5

      8405c86ae96856980df96b614cbeacaf

    • SHA1

      0b08955ecf137d735b7b095ed0eaf3aa3810a2a3

    • SHA256

      7c2d4f13d161493dcbdf83d2bf14f95079b2ffaf85c688a315ab88ad409b4d48

    • SHA512

      e4294e4f8115773c272178aa7fe809471f618be28590bb62014ff08ae46ce4a123393fb80a2c7a62f1bda3e80026afba03528f3bf5e9220c89ce4fec67b9f985

    • SSDEEP

      12288:/fcHodAFzLXKGh4ZJe6cwTqREewX7nsOMfzo:/fcHoohUHTh1hIc

    Score
    1/10
    behavioral27

    • Target

      pl_rsrc_korean.dll

    • Size

      1.8MB

    • MD5

      8a0cac4fc1e6157a32f1dcf8309a76b2

    • SHA1

      8c2760d0685fa8806701b89082e741912a6aab42

    • SHA256

      d901771dbb27ddcc95a9121598e1f3737a2c37769be9d7ac598e2fc8c6ac7c7d

    • SHA512

      96e283c4329b0462bb4bda88cc068421b4e14260270ef372ec8a81be4da9eb78993f157f19d84484e0e6e06b69deb2bdb06d9f436135e30c7ae3cdfb22c9d625

    • SSDEEP

      12288:ofcHo+ms8SFzLXKGh4ZJe6cwTqREew3qds9Fwtg:ofcHoPs8QhUHTh13qS9Ktg

    Score
    1/10
    behavioral28

    • Target

      pl_rsrc_polish.dll

    • Size

      1.9MB

    • MD5

      a0ba2b23104114bc305187d6761c2159

    • SHA1

      b523ac686f1e4fe6ff60ddef75366e3d5de5e2c3

    • SHA256

      2e3bcfe9c479e34667f73cf8abf5f194bdc472c65c4730bbb599a1ebca82a2c6

    • SHA512

      f836f222402fa20b732d5c1491cd117798eba2473a2a6a8574ab9d47a0a05a5e4a256674a3a04d1cd411ca3ec29485fa0d02c3b5779016150980d23e5d7b8fb4

    • SSDEEP

      6144:5Z1fFa9MmhuV2FFdq7qFrwnim0gsZEeV3dyE6jFC8fB4adLxp7WGCNE/Jt1icNE3:dfcHoEAFzLXKGh4ZJe6cwTqREew3

    Score
    1/10
    behavioral29

    • Target

      pl_rsrc_ptbr.dll

    • Size

      2.0MB

    • MD5

      19deb1133a267cdffdbe794b31d0c319

    • SHA1

      4f3a28909f46f0a88c1470b9485f57f29aab08a3

    • SHA256

      1b4fd3d258da96209969cd30707a19d881a9ceda3692d42da96ecf8d35ffede4

    • SHA512

      1d7fffda92de02cca79ae0ca906681a965f40163fc093196a179b82394a99a12c3346a9f8381770ab01e3b12e7255c5903cfc2cd40ef5f402809bd678bcb5265

    • SSDEEP

      6144:MFfFa9MmhuV2FFdq7qFrwnim0gsZEeV3dy8ojFC8fB4adLxp7WGCNE/Jt1icNE/X:6fcHo8+FzLXKGh4ZJe6cwTqREew6

    Score
    1/10
    behavioral30

    • Target

      pl_rsrc_russian.dll

    • Size

      1.9MB

    • MD5

      0b3028c9390588dd5589c5d41e287484

    • SHA1

      4aa02537c9a447f49815c541e19607388eaf292b

    • SHA256

      bf32d38ebc3e584c6df5d8814784738b2258fb85009cf2499e512ab5de8895ba

    • SHA512

      92271ae1d452192157f35d8e490eddd278c6aef68db5e34e2e56b80b15b769befd87ea859e039ba2c008fc5e94ba332584d19e597beae222ffd2196a27727879

    • SSDEEP

      6144:+befFa9MmhuV2FFdq7qFrwnim0gsZEeV3dyKIjFC8fB4adLxp7WGCNE/Jt1icNE2:TfcHoKeFzLXKGh4ZJe6cwTqREewFw

    Score
    1/10
    behavioral31

    • Target

      pl_rsrc_slovenian.dll

    • Size

      1.9MB

    • MD5

      936e1ed63cf9b2630431e519a425be10

    • SHA1

      52160ae9a432f67c0be943fa2473f065bd272fbc

    • SHA256

      9b7220da16ee0bf2df02bceb72de27d42b78427e552412a352958dab8143b8f4

    • SHA512

      58131831b5803c4cc46494f9b15b46edcd862bfa35c553f9627709e631a731650cb8f7eed45aa0cf64a144915dba829f91b6af29035024a35b515b690ae90191

    • SSDEEP

      12288:znfcHoWmFzLXKGh4ZJe6cwTqREewNXGAt:znfcHozhUHTh1NXGI

    Score
    1/10
    behavioral32

MITRE ATT&CK Enterprise v15

Tasks