a6db8bf479af78246103835641f7b0e93db302176297a84a1233d913365464b5

Sharing

Copy URL

Twitter E-mail

General

Target

CCheckerv1.1_270322115345.rar
Size

4.2MB
Sample

240710-cvndratajb
MD5

bebdf7146b7b653e1d58139f80c464d3
SHA1

e40efccae44e839e525c3f38f0716e099987e0ff
SHA256

a6db8bf479af78246103835641f7b0e93db302176297a84a1233d913365464b5
SHA512

c29c455feab6dd7bd6baa8fb71b40de03e3ef3e143f9683b3648669546940097ad63c41958971b75a7291fcadd7f7380f85b823dd2c4f926cd8805cb7a99f95f
SSDEEP

98304:Csi4xMK0DTwIyCiR+25Whc0lEhFQaCiPbplVfJIZXf:CsinXw8++25WhsvXzP0Zf

Score

5^/10

Malware Config

Targets

- Target
  
  CCheckerv1.1_270322115345/CCheckerv1.1/CCheckerv1.1.exe
- Size
  
  359.3MB
- MD5
  
  9749f2304724744c2aa9c5aa2c6d72c2
- SHA1
  
  09b4fdf8df328a427411b418c3f9d6ff99bfab83
- SHA256
  
  6ac4e317c52d4c25001034ec182e952653ce0bd32adf38d7e35d603a892d808c
- SHA512
  
  65cd8a797e376c07f880dae53b4e0a18cd71e4b310608a93e925b7dae0480eb6ce1b85f68e3d4e8c5b58c1ba165362b7587135ed9feabc080b7d1f7148ed1fae
- SSDEEP
  
  98304:KoRPh5rvXWAtX8XuKIzaPPG1XQfgKsp0Z345qh//Z/YbutPSs:pFvXWaXPd8G1Afgv+Z3B/0up
Score

5^/10
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2
- Target
  
  CCheckerv1.1_270322115345/CCheckerv1.1/Framework/Microsoft.Build.Conversion.v3.5.dll
- Size
  
  104KB
- MD5
  
  ad79e7993dba42b0091beaec2f87e6ab
- SHA1
  
  9fe16d4aaf3f733d5e7308d2cb0ea06a294c0efd
- SHA256
  
  dbe9ad2959af8c06935744160440f972ee692a6a59b41182f64ea2e2404e6df3
- SHA512
  
  e80f91c7ddf1978deb75f43eb2ebe2183f99196014f13ec840d6bf16b64f679dcbcb36fab79a3ab007d0f323fc4480c9f167a816d2e3032b688af0754e04acb6
- SSDEEP
  
  1536:grUN40wLsc5O5Fv0Urd4120iDSUOUUbahA+P54VbGzvoD5DmA:qGWYF15Gi2UOUU+hAQ45Gzg1iA
Score

1^/10
behavioral3 behavioral4
- Target
  
  CCheckerv1.1_270322115345/CCheckerv1.1/Framework/Microsoft.Build.Framework.dll
- Size
  
  36KB
- MD5
  
  72f0757c9d49d721dff4dcaa44f2605b
- SHA1
  
  711810bbb7ec0916ba40215b06d8f1eaf129f26e
- SHA256
  
  00573815dca714b79bc8d15d0ac540efe0005b4f9746c1352d525516c39ea05f
- SHA512
  
  8000a2c1b1a2aed32a0cc6528819741903bbbbf3b5e65a6498546582574d5f874773e41e114c944a9fbbbe30e35cd558ec0f57bd463cc7979fddd7cc475e51b3
- SSDEEP
  
  384:wXXPdYaYho77uXOkszwXmrs1O2zcTx9IeRe73v0jeLyLZZ8ooCdMh5cz6m9g7usb:CFpaysfLyLZZ8tGz6H1MLcsw
Score

1^/10
behavioral5 behavioral6
- Target
  
  CCheckerv1.1_270322115345/CCheckerv1.1/Framework/Microsoft.Build.Utilities.v3.5.dll
- Size
  
  80KB
- MD5
  
  b3bb23eab7f43655292ba8b7400f4f65
- SHA1
  
  972ba3645668fb2d457a396e09162f6907261a2a
- SHA256
  
  182607b4b66bda43686ba034d35894c224bd3bf8351df8892fc74d7cf383deb5
- SHA512
  
  4b821dd6a04e84f03bd1f2bb004a50fb67f4677c7a3fccb14878935563defd2bce3f4bc76b287c33214b1a71ecdfabafd8e6731c366290d6ef5b186735cbd77b
- SSDEEP
  
  1536:+rzUoiMxfZ120isljhNDUJxM1GLyZ8pu+v6HlZ0Dq5e61:+rzUoLi/xM1GWZ8ppiHlZ0Dq5e61
Score

1^/10
behavioral7 behavioral8
- Target
  
  CCheckerv1.1_270322115345/CCheckerv1.1/Framework/Microsoft.VisualC.STLCLR.dll
- Size
  
  42KB
- MD5
  
  157c1832d25493b027a937ccb41d60cb
- SHA1
  
  25b69d44406c6be38db92b990daeb3e59aea6089
- SHA256
  
  eec19cee6dc01d03298d439047b263ee62968233d7077bfc6088aca769b4681d
- SHA512
  
  95d644629265b712f3bc700886a51c0a926e1e314dc2b1b5cb2f7b328ab91ad452b28b34abca4dffa1416741dcc99c7ae9b7e51d34051286ee1df22ff1c1ed5c
- SSDEEP
  
  768:GI95yEmnDyPuDJOi1c5W9Sokh4GTKPWkz+:GzyGwmzgBTKPby
Score

1^/10
behavioral10 behavioral9
- Target
  
  CCheckerv1.1_270322115345/CCheckerv1.1/Framework/RedistList/FrameworkList.xml
- Size
  
  23KB
- MD5
  
  b2d9070f565023bbe17facdaa654b865
- SHA1
  
  aa3b6d023fd6189216bcc4bb9b876233752e5513
- SHA256
  
  36f356dddcab6446db56a32e927e38e0f6a6d2c335cbec9baaae8e7aeb729abc
- SHA512
  
  c2e3f3df241eb5291d9304b3c05dc4880b5a17523e6eabb0b5e61f46220c9fda10cea5ab39d18772632636c6b5ae373d04d5a371ed5e99843e63230d7058196e
- SSDEEP
  
  96:TFCqzrJ5c5m/JuGZI1Bel4xWxWGC2eCXoXaX6XCuouau6uCSfILweoAQTpotA+gF:pH+HsarJFw/o7Ww+HswrJFw/o7W7
Score

1^/10
behavioral11 behavioral12
- Target
  
  CCheckerv1.1_270322115345/CCheckerv1.1/Framework/System.AddIn.Contract.dll
- Size
  
  44KB
- MD5
  
  b64589a5267f178961fa1c43a194ee0d
- SHA1
  
  a2222ed4b038eb6823ef22921a47e19715166d10
- SHA256
  
  5e80e973a69413c7f2eb8c2f1e6ece95d47b6775e0a1c4078111dec4e8140973
- SHA512
  
  cc418e12322bd8f134ebc565153dece294900d9ec69b5cd6c5f27d9d6629b759d6f5072eb0c334dfabf7906a993c0570a440b095f2b1817618890af96a2e75d3
- SSDEEP
  
  768:Q0EKRGrzAgHZ0jKvisPkoGGetvFFiJgB:bRaFHZ0jciDnGetv6CB
Score

1^/10
behavioral13 behavioral14
- Target
  
  CCheckerv1.1_270322115345/CCheckerv1.1/Framework/System.AddIn.dll
- Size
  
  160KB
- MD5
  
  7f6e1dad593cf5a748a15c091a3c8ad7
- SHA1
  
  b1bb1b68307e0b03e01db596c40e7686192b74c5
- SHA256
  
  4bc9af2d2575823819a00ad6e17d366097a6b1646d4407046bf5a61c9160b780
- SHA512
  
  869ecc4c79cf99604149d4e5d410f14911ce37fa31ebbbfa4e1ebb90bdc4d60496aca5be2a09a41ada1756f8f0e12f62c70cac2cb3043527389c4cb27ecdd6bc
- SSDEEP
  
  3072:6P39d4oMwNRjZn1FZ6YVPAgBMhgGehPg+aR6NqOuw47wlQ9Gs6LWTsrMWsJbDU6:qnNRl7Z6YrKgG2g+aYNVuwi6LIsrMWsJ
Score

1^/10
behavioral15 behavioral16
- Target
  
  CCheckerv1.1_270322115345/CCheckerv1.1/Framework/System.ComponentModel.DataAnnotations.dll
- Size
  
  56KB
- MD5
  
  e8f185cc5d94be7af4b1128c94f861d2
- SHA1
  
  ee6fd16eb780b637c6aa6b3a50f7024e47c87682
- SHA256
  
  6a2b139e10b8921bc4f6867feb05cb3c2cd7974b163125e18e4fb5eaccd9fe7c
- SHA512
  
  26d4338ee428915905e5fc59845f5fd60efb755778a4dad79a9d8a2da79a56c157577c3d8915aa891df9b4ab8aa1c89b5f29866fe3d13962e65d8a68961cadb0
- SSDEEP
  
  768:BXOIEfKs6Vz8/a46NsSvf5g+71V+9Sl7V3YGXlDWEb/NFiJ0q:t/EfKs6Vz8l62S3X117JYGXbzy+q
Score

1^/10
behavioral17 behavioral18
- Target
  
  CCheckerv1.1_270322115345/CCheckerv1.1/Framework/System.Data.DataSetExtensions.dll
- Size
  
  52KB
- MD5
  
  f7a32faa21723136d70eb4691250ce8b
- SHA1
  
  dbfd8f1d027d09523de34564bfaefd0fb1e33a14
- SHA256
  
  4e426634578f96bff98b0aa22bcf256bc5a6168d8377f9ed0a23720fa15f1c9d
- SHA512
  
  d86528e8d04908afdd50c79590ab8e542a123beae781bb50096b832074a53cd7133015cd783b05f2efa90a4a1114b630b5ee4a728831e125b69ee746be32df02
- SSDEEP
  
  768:y3Pxm9GpBHJ2jIMB8mEuR63zFEGibu+FiJzBRZpq:yU9CBgcbmEuWzFEGibivU
Score

1^/10
behavioral19 behavioral20
- Target
  
  CCheckerv1.1_270322115345/CCheckerv1.1/Framework/System.Data.Entity.Design.dll
- Size
  
  224KB
- MD5
  
  c07aca1997a92440f6dfac3fde58e0c3
- SHA1
  
  2341925d266f6508f7626af9c1ee86b2fdcf0bdd
- SHA256
  
  72709959dfc88f7ac70e2549c5965ac61e0a7d504bdd22b668d13c5ba8581add
- SHA512
  
  363c91a96bde0934e7c6ba84e210f82d3592956479c76afe09d193d068e39961ec2a1fbd149753239f1b7fe58f7ee82d5c8bb6f8f27a6a355f04ca8fc6c6e16a
- SSDEEP
  
  3072:476QdXsCWaqy/rqBFPbP/tROqPvNNjFAYhzvDABzBN9Jr6cx/ZGi0Lq+mhHtiy8D:4eCXsYqB9VROqPDvvDY/CzaNiy
Score

1^/10
behavioral21 behavioral22
- Target
  
  CCheckerv1.1_270322115345/CCheckerv1.1/Framework/System.Data.Services.Design.dll
- Size
  
  160KB
- MD5
  
  c553f8551a9e5e397a1b9d0afb6cf0bc
- SHA1
  
  1f914ac6ed44631d463b13bab0db6d82c64cbeed
- SHA256
  
  09b1b0adbe6244abdc1a4a0cd340e65b1c882d21a74e1a6620e6b680a337dd34
- SHA512
  
  072299bf2333481d482764b4ebd221431ba1c745543e6fed016e4ae6b58a816d6b57db44d76daede19515f387a2041abea99dd997f6bddce0e6aaf756e6e5964
- SSDEEP
  
  3072:X7h2WRC9uZtK+FR63LT8UZJBzBN9Jr6cN2gxwLWRY:12WR1QAU2LW
Score

1^/10
behavioral23 behavioral24
- Target
  
  CCheckerv1.1_270322115345/CCheckerv1.1/Framework/System.Management.Instrumentation.dll
- Size
  
  140KB
- MD5
  
  cc96b659f2fcb14b6c2301040ca162dc
- SHA1
  
  6dceb9407150da681d8330245cd0a030e0badd90
- SHA256
  
  585fa8b2faaf41786a9d41ad9916238c3765c63737325e261fde87c83ee59587
- SHA512
  
  09672b7e1ac6c6d89036a880cd3419924c2038903a63074dd5c4c84b1e39b5de19e99e4fd692dcf7a07535016ebbd42300355faac8d58aa24c887cd2dbff4900
- SSDEEP
  
  1536:mRC1dhSPkqYi7+Tqfo7IehHFL3tUzZsabxwI5/FldUcGqdDyPcrpnAG+:mkgdYi7+GEIehHAzDbxn/GqdDyPEAF
Score

1^/10
behavioral25 behavioral26
- Target
  
  CCheckerv1.1_270322115345/CCheckerv1.1/Framework/System.Net.dll
- Size
  
  232KB
- MD5
  
  9c9ba143da16f4ea91923dcc6a643218
- SHA1
  
  3db1c29364448509622df4934f52bc5503db47c1
- SHA256
  
  30a0584045f0725543d0b5dec612d5ddea7e71984b04634a1e5511aedf5bf3c1
- SHA512
  
  82b0f637a3b396527ccbb156b6ce0575e68ee8d0b88c5be2c72e430d867bc92187161bc7e05eb2de5e856245406b6f94439a165eb27093035acf39b187f94ccd
- SSDEEP
  
  3072:u7ab0E4jbe6lwANv9gC/uJs4UZ/6irnCVLgHugGkm046mIDUAwwV:z4jx/KTUZRDN5
Score

1^/10
behavioral27 behavioral28
- Target
  
  CCheckerv1.1_270322115345/CCheckerv1.1/Framework/System.Web.Abstractions.dll
- Size
  
  76KB
- MD5
  
  d661c6c10f91c58f7bedf69fbbd87ff9
- SHA1
  
  80b356329dbc79441ab7de0b32b5298097468434
- SHA256
  
  aa06a406b21bf118b4385032359904d48817bc79bef9ccf2eaaa436c3daa72cd
- SHA512
  
  2c7df526e3ff4e3152dc081c680830a1adecf488aaa919c7efdaea744778ac480695351a4b12e54881431e5bbd0664d97688c26606487402811bc6b38f7235d1
- SSDEEP
  
  1536:jRQg9KkbT/QXpAOnLPkqd7X19crvS29G5A:99XQ+OYoX8rvl9GC
Score

1^/10
behavioral29 behavioral30
- Target
  
  CCheckerv1.1_270322115345/CCheckerv1.1/Framework/System.Web.DynamicData.Design.dll
- Size
  
  32KB
- MD5
  
  61faefb00a0fdbe21a36d1cf248b21a8
- SHA1
  
  4e5ff5c17bc082856706c26cff451b333174c9ed
- SHA256
  
  3c830bcd8609f932b33bd7b138522348b51d42cb89dd12b4a430f14364e287c3
- SHA512
  
  a40790d5b0883ebcfd35130ba1b3ece225710e6c062a8e412b0c2dac9fe4f399dd1d8c42d56e7e1dd36b822f215c3a3f82521e9b430440a331ebf48ac40277a4
- SSDEEP
  
  384:EIOtqjpiSDGsTz98jzkCg67KGhJSxUCR1rgCPKabK8tBX5PKytZ+plW60W:OkVdDGc+kCFiJCX
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32