96a9073dbbb88c9c8a24af84d3084f4650626da0a3b80f9c1954dca0f773d0b4

Sharing

Copy URL

Twitter E-mail

General

Target

##!!SetUp_2244_Pa$sW0rd$$!!.zip
Size

14.0MB
Sample

240711-n9qm7sxhnf
MD5

8de11189840b4ceb549ed0425d119cff
SHA1

4ec6121b9cc515ed97983b555ef2dbcb84a4611d
SHA256

96a9073dbbb88c9c8a24af84d3084f4650626da0a3b80f9c1954dca0f773d0b4
SHA512

d21a33b7cbce9a37412f5076a6b49ad44dd0b8246cc647df3eec300a3905583b0c50ce84590c52f19664dca64d0e2f7cc71d53c7fa2b9ee0911d315ab9c9debc
SSDEEP

393216:/UYViXuMjZNcx0my+PHb5A0l9YArOrFQND/iA0uL8:sYMeOXcxI+PHlXYAq+9i3

Score

7^/10

Malware Config

Targets

- Target
  
  ##!!SetUp_2244_Pa$sW0rd$$!!/Language/WinRar.exe
- Size
  
  3.2MB
- MD5
  
  b66dec691784f00061bc43e62030c343
- SHA1
  
  779d947d41efafc2995878e56e213411de8fb4cf
- SHA256
  
  26b40c79356453c60498772423f99384a3d24dd2d0662d215506768cb9c58370
- SHA512
  
  6a89bd581baf372f07e76a3378e6f6eb29cac2e4981a7f0affb4101153407cadfce9f1b6b28d5a003f7d4039577029b2ec6ebcfd58e55288e056614fb03f8ba3
- SSDEEP
  
  98304:lJXOBfK92HbAw0CNB3kJElzNsy8vGUvfCo3ABH43:lJ192HbAXCvDlzNsy8vGUyo3AB8
Score

1^/10
behavioral1 behavioral2
- Target
  
  ##!!SetUp_2244_Pa$sW0rd$$!!/MediaInfo_i386.dll
- Size
  
  6.2MB
- MD5
  
  c950aec2ed8660ec0f3c81c0e3d65d0e
- SHA1
  
  da7ea3e3ce81553df62df4c2ddc9f7e90a7f0ca1
- SHA256
  
  2d8f58a6d16501be65dc93c93ab091cbec14754e2ce978dee0ff0547a9cbf846
- SHA512
  
  3e0cec7aa757ea9432c5c227117564be12c76bf2e1d202f077edc337a2f5b12ad30bd8a3451526c8a2df0bf97deb788ea5a29d20cfba7631ed900cee29dae63f
- SSDEEP
  
  98304:4DnZ93i5eqrKnv31BWxlSFkPDgc/tYYHDPQ4SBDo:47Z9ieqmtmB/lmk
Score

1^/10
behavioral3 behavioral4
- Target
  
  ##!!SetUp_2244_Pa$sW0rd$$!!/Setup.exe
- Size
  
  38.1MB
- MD5
  
  41e7a253862392cff9c7fe629fffd27a
- SHA1
  
  460593e15394f9bd18dafa4f616984746e76e989
- SHA256
  
  4487a7bc41c7c4e3e2b8b0e698b9a8b5a31a0ac4d6a421dcb4ea62a31e4d6cb0
- SHA512
  
  48f9208e6fdb09cac1a7ae41b356cfe650b38c8742a77ddd6dce838cc0063d075387716049e995c23c898447d9d0cc28371c182a5c3f3fc669a553c0a8347a24
- SSDEEP
  
  3072:5MvbirZEuBkR75p/3kopQVjh6MXKYgIwiwJgXLS0+Q+qxYxCn:ujir7epX8jFXHwiwMu
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral5 behavioral6
- Target
  
  ##!!SetUp_2244_Pa$sW0rd$$!!/butternut.app
- Size
  
  90KB
- MD5
  
  29cd4547bccac9eceb84bec5f97af250
- SHA1
  
  deb25f2bf4a1641516bd77967d703d13d9736faa
- SHA256
  
  d555ed5da7165b29e14af396532e3b91cb433b9e9f215dc826d2c4125d29d34a
- SHA512
  
  23c306a5751bdeba2f11458fc081d3b9a17f0c05276b664b2fb15e150a57d4a306a25dce6e65c75a0745f0ccffe7a32ff69a7644ed0fccea6865439b216df2c4
- SSDEEP
  
  1536:5kBYcn3PUHJM0FHnh0C+vbV8JWdmVl3mQ/QBu+UpiKfsVf3WJjuB/:5kB5fU68Hnhh+OJ9HmQ/QBu9YK0o9uB
Score

4^/10

evasion
behavioral7
- Target
  
  ##!!SetUp_2244_Pa$sW0rd$$!!/en-US/AutoWorkplaceN.dll.mui
- Size
  
  2KB
- MD5
  
  a311c98e7cb3bc2c6f4ad9ca65e95810
- SHA1
  
  481168e5c9437731ab632fcacb9c88471c008d6b
- SHA256
  
  799cf32fc0515a4bcc0388d0d39618d9c67ee67a1c2000d7344c5a8120004e2e
- SHA512
  
  8eefd67ab748725145db643dab47f608b66582c194e42ed412bfe31f26c36b2bd2c4e157fa1bfaa582c697de267c242e5e809be109c7ab3f61f19bd6812e416a
Score

1^/10
behavioral8 behavioral9
- Target
  
  ##!!SetUp_2244_Pa$sW0rd$$!!/en-US/avicap32.dll.mui
- Size
  
  8KB
- MD5
  
  a5696b2d379fb322c7ee1e18c01ca920
- SHA1
  
  0063d4f4814d4565334b5937fd83b56287ab413a
- SHA256
  
  cb852e13a323c8e226b9bccc7786df3c55e4be16d9d63f4911ea0565ac879a9c
- SHA512
  
  01e93385f90fd0a25d8c7da31704cf8d04596113fbc9c19199506bbb5ba978f974c65a636ea663fec0c32408a931499814f806091ef7b3d9ca59c26fa01cdabd
- SSDEEP
  
  96:9XIEThBLwopUCfwpyIR3M7Pel5LdDzdlSjrviqEtp9JhZ47/5PYBtTdbhFYIDiqf:KKxy3M7P5vRULZ4S5HTbnWnUrTWQ
Score

1^/10
behavioral10 behavioral11
- Target
  
  ##!!SetUp_2244_Pa$sW0rd$$!!/fonts/chrome_[1MB]_[1].exe
- Size
  
  1.9MB
- MD5
  
  068cf70414b79cd8bc078497553389ed
- SHA1
  
  d9778170404ad0435ab82ebba3fb5515831dd17e
- SHA256
  
  c532ffa77b220ac54083dffb2286c526c2873131448e3a37fe29dbee6aa028b4
- SHA512
  
  89b69a9c53530605573d7816eb625840404251e9407fa6041492fa5ad21bfe21206f2fa5bb21f4b85017c5a39daabe13f51c615f54ce08fffaeeb5556bdb45ad
- SSDEEP
  
  49152:9b8W92V8WpGaPIgI0GW5VuwHDoTZyMB0q7ug52I8:mW08WpNPLGY4wHDoTZyMjSF
Score

1^/10
behavioral12 behavioral13
- Target
  
  ##!!SetUp_2244_Pa$sW0rd$$!!/vcruntime140.dll
- Size
  
  94KB
- MD5
  
  11d9ac94e8cb17bd23dea89f8e757f18
- SHA1
  
  d4fb80a512486821ad320c4fd67abcae63005158
- SHA256
  
  e1d6f78a72836ea120bd27a33ae89cbdc3f3ca7d9d0231aaa3aac91996d2fa4e
- SHA512
  
  aa6afd6bea27f554e3646152d8c4f96f7bcaaa4933f8b7c04346e410f93f23cfa6d29362fd5d51ccbb8b6223e094cd89e351f072ad0517553703f5bf9de28778
- SSDEEP
  
  1536:yDHLG4SsAzAvadZw+1Hcx8uIYNUzUnHg4becbK/zJrCT:yDrfZ+jPYNznHg4becbK/Fr
Score

1^/10
behavioral14 behavioral15

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

T1564

Resource Forking

T1564.009

Modify Registry

T1112

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Reads user/profile data of web browsers

Checks installed software on the system

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15