1bc59ac58f62ba1bec6d0fdd11a7e89c146d233536a198154dae0ec47013356d

Sharing

Copy URL

Twitter E-mail

General

Target

Rift-2.0.7z
Size

1.2MB
Sample

240707-znhagsxhrm
MD5

3a813748d9496a50a16dd7f5738cde72
SHA1

6eaff4d2cc9da473577f7a5472672e29ee8ebd82
SHA256

1bc59ac58f62ba1bec6d0fdd11a7e89c146d233536a198154dae0ec47013356d
SHA512

552ac1d02383250bd620f82057f7fd7561b6e4702c1c92ce460293c0e4ba119a7f54179cf0d19cd452e06450b30c5b37b05b54d959e2df5887096faf5ea1c6aa
SSDEEP

24576:zW+2LhbHKlxqlAumI7aaFw/34cp/0jfFXUNeE/aiVyUIiS5E2Tpu1:YSxqlAxZG63jubFWEiVyUIZY1

Score

6^/10

Malware Config

Targets

- Target
  
  Rift-2.0/Bleak.dll
- Size
  
  49KB
- MD5
  
  fda55f473a8e68f723f15f61f12d02f7
- SHA1
  
  300e944780c04f9dc642dc4e65e8b41642ea52e8
- SHA256
  
  85f6b55650537d837ad42ed0153173843edcfee73c4e47f76600616d623c1be8
- SHA512
  
  597880161ef1a6c8298dc40e45d177bd23bb03e553862d4992afd161d1b7bd15bce12b5427ad0576d2716366d9cbf136cee69522cc5a74707b8021d0d85301b6
- SSDEEP
  
  768:o8vRDGGEpZ39HG29nvh4yTCP7fLNV2QB4PimcLmU9zyBMsc:9vRDVE339HG2vVTEBAa4KmcLmUouT
Score

1^/10
behavioral1 behavioral2
- Target
  
  Rift-2.0/Microsoft.AspNetCore.JsonPatch.dll
- Size
  
  52KB
- MD5
  
  aa2ba31f6caf5f01e9f7bdac8380f9df
- SHA1
  
  6760839aaeb3326da246262221118191d6a26c85
- SHA256
  
  e050779744e8af76d84d66e6f01d832d55cc86d57f87c726a0697a97d8495f94
- SHA512
  
  6e1ecdac9a4286ba19a5fc018392bfef9a2e2b66d2f96670016d542c6fb80d613d3812f80df9090c233d529311ea9a296e1e08358fd635c3b78c1f77d06c7198
- SSDEEP
  
  768:pC18fEBjJfg5mxq8r4QTajKYr2Ka6/yjwqP5onA5IDvW:w18fQJsmxtBrYCKaTsEQAovW
Score

1^/10
behavioral3 behavioral4
- Target
  
  Rift-2.0/Microsoft.AspNetCore.Mvc.NewtonsoftJson.dll
- Size
  
  61KB
- MD5
  
  ac9be8912dad0017f520d8628cafbe5d
- SHA1
  
  e280ead469249ea3a4aeab15b2ab199f34f8d4a4
- SHA256
  
  2238000ab082ded41e63f83428751556cd4d19dc2867ad8ca53ad5a9555942a4
- SHA512
  
  74d2bd78bb6258d88d57178dd71448e82da456835776ed4c87b5188287b3a4f93d63630a1bb1c77761ba445384a8af47a65b05115f2ea01721c6c69105dac991
- SSDEEP
  
  768:CYo//jc9xKPbPQgdXhN8NHlgFSpPM8/bS7H/E8J57361wPHERRUVJFlvN2dDvWf5:MOK9dXWHlFPMob8J57qyvCcHvNgvCCWB
Score

1^/10
behavioral5 behavioral6
- Target
  
  Rift-2.0/Microsoft.MobileBlazorBindings.Hosting.dll
- Size
  
  299KB
- MD5
  
  d37481efd9e503a3758c7cd518e283b2
- SHA1
  
  fc0a87050c8133473bd9b6a83cb715630150fd28
- SHA256
  
  2c93391b8be5bede8d10c866e4f6a9181b42006bb81ebfb6b029fb74d91b5522
- SHA512
  
  dcf384f0bb6a4f569cf957241c33aa6b06b8f52ce4053d42b5f278a54178d94e7a581963ea059c75042d5637cf2c518dd066dbea7da5dc91fc84b26533505e97
- SSDEEP
  
  6144:ndaaaKF6UDBuIqdtgrA7T4Mpo4807loN2qgBUeO:daaaXUDBuIqdtgM7T4Mpo4807loN2RBU
Score

1^/10
behavioral7 behavioral8
- Target
  
  Rift-2.0/Microsoft.WindowsAPICodePack.Shell.dll
- Size
  
  501KB
- MD5
  
  1b21df01ef007434ca92ef3149580af8
- SHA1
  
  1e47a4bb685afbb84129665d47b5fef89f6ce662
- SHA256
  
  567d1afab390852429dd0c34ee5e8824d8eeca9c171898f7ca94e002ffac4247
- SHA512
  
  9ef20a264a59d02af4d082975d1599b443baf8f3e42354da9951f8d28ef1b375435cea16e0ee2d2a22eb7f62bc8058143a9334e9687e38358110d59d3653796b
- SSDEEP
  
  6144:7JBwN3xhQrLnj0YVFJ5EoTBjkvupVeWQXh1uVjBtw8q/RcIEggbtE7T7pY8f++R:7DQYOoTJbQXh1E1Et
Score

1^/10
behavioral10 behavioral9
- Target
  
  Rift-2.0/Microsoft.WindowsAPICodePack.dll
- Size
  
  101KB
- MD5
  
  a176427d6f2c2e537dadf5cfcc86bf40
- SHA1
  
  7daf14ac08a053d1cd58cfea1d43dc24fb59f641
- SHA256
  
  0d6d0daf607fb8222fbd5129ffe41bebdc570ad7a1ed1cb10f548f35e9909c56
- SHA512
  
  12d94746d9ebfeda808fe3ad24a5fa303b7348b76e56366d3a259f7e3f8096cdcb44ad322414a013cb450da5203b1f0673e2939b76f753de7655b5f622bf2972
- SSDEEP
  
  3072:wC4ZInw4ZevMV7IAXGCR9HMcPcwTQFfxorliIz9/iq:wlIZevMZITCRpPcwC
Score

1^/10
behavioral11 behavioral12
- Target
  
  Rift-2.0/Newtonsoft.Json.Bson.dll
- Size
  
  95KB
- MD5
  
  46944e52dbb2982ea49a297902b91ea8
- SHA1
  
  0ed43a73f49e0df7b2fa681a627cad7e25074165
- SHA256
  
  f3c56166d7f90296bbe6b03f64335623c3165ed25948288f1f316fa74dd8327f
- SHA512
  
  7cee82d78afa41f343f839a057b327070b1fafd61ae521905271de635ba3291fd6f14fa6225d71c47de8b6748433e9a2010e6c53d28b0e57899c759cfc1e6d15
- SSDEEP
  
  1536:pLYHa6RMWseWPKMF5us3wuhZrGpeZknuNvAY1MYgI518gcabQN4Fw/rKIWK+2Gi:qNWHss3Dupe2/gMYgI6aQNoKN
Score

1^/10
behavioral13 behavioral14
- Target
  
  Rift-2.0/Newtonsoft.Json.dll
- Size
  
  679KB
- MD5
  
  916d32b899f1bc23b209648d007b99fd
- SHA1
  
  e3673d05d46f29e68241d4536bddf18cdd0a913d
- SHA256
  
  72cf291d4bab0edd08a9b07c6173e1e7ad1abb7ab727fd7044bf6305d7515661
- SHA512
  
  60bd2693daa42637f8ae6d6460c3013c87f46f28e9b0dbf9d7f6764703b904a7c8c22e30b4ba13f1f23f6cbee7d9640ee3821c48110e67440f237c2bb2ee5eb6
- SSDEEP
  
  12288:1eos/POdGV5jfWrV/9Yeh9eRcyLfLYtT5mWxTZ/B7jW5JMtRRpKzQk:10/POdGV5jfW5VnhFyvOB7jW5JMty
Score

1^/10
behavioral15 behavioral16
- Target
  
  Rift-2.0/Rift.Backend.dll
- Size
  
  651KB
- MD5
  
  19cfde028fc4bfe518c8f04a44b4236e
- SHA1
  
  e001d52b061357c243c5ba0eb05f7363f616ed27
- SHA256
  
  c9f6e806354fe226d44249ceeaf13c202576dfb6600825caa405aa7b074988a5
- SHA512
  
  8c9a4b8b1bf8aae32ca12e87260d13617560ad748d6112e47ba599744dacff3cb2a7c3f15972bc3a6c1e3da4c419116715f103bf5929db37cd39d7b334976942
- SSDEEP
  
  12288:ZxJqCcxEHbp/0e2SOHKyxuBXOE/acv9rd6iSztJbC+htuxF:Zbck/0ewHXUNOE/acv9giSztJs
Score

1^/10
behavioral17 behavioral18
- Target
  
  Rift-2.0/Rift.dll
- Size
  
  237KB
- MD5
  
  0c0be58c032f3ea8ee21e748db8f6b29
- SHA1
  
  f825ca9e4e1b2b244dd7613f5cc4948988988ace
- SHA256
  
  5c3f11d20baad0d1be5579e4cb01f5b8b9003d3b908005158a3265f92a9de02d
- SHA512
  
  bedbba2d4936ed5bc669ecfa73dcc364db8a85db0427d3affb4c72a65aa78d006b5837335079c70144eb9c077ec3a3b44cff6b9c588307337b3362a5a3be5b3c
- SSDEEP
  
  3072:D8Ks+5qY4NqI48PuZoXKvktxM8M8IHh0a0TuPAj3FK8BSUNOrxsq:s2o6mLFTuPAD7nNOrG
Score

1^/10
behavioral19 behavioral20
- Target
  
  Rift-2.0/Rift.exe
- Size
  
  124KB
- MD5
  
  5a54a54c3eb3a9c69bd79b5f71531b12
- SHA1
  
  2ec824a382374ac6a7221e2ae451712ba715e090
- SHA256
  
  41bbc5bba54765314d63c3a3c5f99ba0d223a0260796a56ec5603758afbdb9e7
- SHA512
  
  10b0980a74d7d3184cfa86ae576373380bcd975109b6050ca91135e55f6ab68e7549735164f64aca4cbd60d013359a9df6a7073f636653a0845aae778580abc1
- SSDEEP
  
  3072:86DhOHYMjlkvuk/1AdNR6LWaoQctlPn2:8BKqf6LV8
Score

6^/10
- Drops desktop.ini file(s)
behavioral21 behavioral22

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22