ead791414bf8b9f1126e4d6b099ecf939f595d03d5d30c69dc05c637806ea0d4

Sharing

Copy URL

Twitter E-mail

General

Target

ead791414bf8b9f1126e4d6b099ecf939f595d03d5d30c69dc05c637806ea0d4
Size

2.5MB
Sample

240714-245f3aygqe
MD5

4726474b31484684a60f8be1ecfa7986
SHA1

5ad7989e8d5ecfcdba14bdb0135380ce19f709fd
SHA256

ead791414bf8b9f1126e4d6b099ecf939f595d03d5d30c69dc05c637806ea0d4
SHA512

15f13bfa0be287fd2d62561ce0c97594504b98d489a51c4db2b1fcdba233ac462a16b2e2edb7f144b50563b6e2d25e3f991314d6858d4038da01a9d6f8683922
SSDEEP

49152:I9If342N0i9pbtiRQg0O5ItoeoHB25zJinnbi/DQfmOugHjwaKy:f4X2Bca/OCOhhkzMW/3OuxQ

Score

10^/10

aspackv2 evasion

Malware Config

Targets

- Target
  
  ead791414bf8b9f1126e4d6b099ecf939f595d03d5d30c69dc05c637806ea0d4
- Size
  
  2.5MB
- MD5
  
  4726474b31484684a60f8be1ecfa7986
- SHA1
  
  5ad7989e8d5ecfcdba14bdb0135380ce19f709fd
- SHA256
  
  ead791414bf8b9f1126e4d6b099ecf939f595d03d5d30c69dc05c637806ea0d4
- SHA512
  
  15f13bfa0be287fd2d62561ce0c97594504b98d489a51c4db2b1fcdba233ac462a16b2e2edb7f144b50563b6e2d25e3f991314d6858d4038da01a9d6f8683922
- SSDEEP
  
  49152:I9If342N0i9pbtiRQg0O5ItoeoHB25zJinnbi/DQfmOugHjwaKy:f4X2Bca/OCOhhkzMW/3OuxQ
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  15KB
- MD5
  
  9a886711c559308c39c01c20e9d9a1e3
- SHA1
  
  0f27cf1cf6e4960e140651b68d72ed4b92c58e9e
- SHA256
  
  98be8860d38ad9cf31b55a1a04594de59eabad67510ba2a33ed20a80863ddfa4
- SHA512
  
  4dabdd9ea7a8330a367589a3975a9dc7286b82c66efc7db118b4d7a2db08a467851c6d3dc991668e13c4dd5473aa974e9696a2226039db94df8b198da54354a3
- SSDEEP
  
  192:3+8EHhdmwZYQBjHUEuX0esaONOs6zrMQQwoJwjwE6g//6IF7cBMEha:3qzBFHUENesmPdQwxj6g//QBMEh
Score

3^/10
behavioral3 behavioral4
- Target
  
  114IE.exe
- Size
  
  3.1MB
- MD5
  
  6da132acb38a83304f35543dc670e184
- SHA1
  
  688936ff1b95cefaa04c36e6a662719a59965b09
- SHA256
  
  ff1dae85ff708d8a51b99b0400c07fa068df6d953b597a422021019496224f69
- SHA512
  
  3dbbe03007054fd7d2a6153f775d1f4a092376ded43693a77100596939ad8595833c66834208188237a961d031e39a6f41ecd1aaa61243bdadb2cb57e9425f54
- SSDEEP
  
  49152:LubHDDMxSIVdydRr9/UWcTNb4Ywgl5vDk38zAU7Ebwnwp/6hYTe:Lu7YM/h9cTNbVwfMeKC6h
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
behavioral5 behavioral6
- Target
  
  bin/114Web.exe
- Size
  
  1.0MB
- MD5
  
  456385615105d99eabedd2fa8061b9cd
- SHA1
  
  55925aa692fc84a7710de82328531198f514c42d
- SHA256
  
  a6e8a835b172f77c16e24e4775d31600b65c8ca16a8c4e1d007ed2430f039f57
- SHA512
  
  49e7452371c2b1145b2cc80e3e35dacf78d4cd4e60a78e1262f109eb5131d5366fab2cebffd2a1608d66544ad63eefa3bb18460d907af26cf98f150e11752a2a
- SSDEEP
  
  12288:1ix6cKYbxlx80tGQSfXe2yGINTshy7KT0oxZl+CSGIWc0h+:4lsXe7TshyAxZXAWc0h+
Score

1^/10
behavioral7 behavioral8
- Target
  
  bin/Addr.dll
- Size
  
  675KB
- MD5
  
  fb9e8f751c7962174277a14d26314036
- SHA1
  
  d6df50a3ed7f5b3eb45aa99a187b51fa9fd8393b
- SHA256
  
  22e1d274a7c1f0fe99296c7486ec44c36badfd5f05c45e07f87f9033437bbc89
- SHA512
  
  366bab88118c1cc807807a2da1c677ce1e779d2dbfd04b3a65ba1b93ff0748e48c0b9de4982a6e56495f1282f502175cc0d038fe040001ec971d5d775ccffc1d
- SSDEEP
  
  12288:1ZxWhOI3nKV/CVkZLXBIdHlIX8xTiZl9kmDRB5ahk:1WvoaVkRBIdHuX8xTiZlhDH5aS
Score

3^/10
behavioral10 behavioral9
- Target
  
  bin/CameraDll.dll
- Size
  
  259KB
- MD5
  
  f6164e18be446ed9dbddcef2776923c8
- SHA1
  
  0de1a8af9848c8796fa09ae4e9488524800d2b3f
- SHA256
  
  ddd1c13886bdd148d1a1bcbe94e572d3bf54665a5f0711b7c5e823e6418a5caf
- SHA512
  
  f841e6b49ef108e5ccfd4dc47c4df53d82971449229648411554b275256b4a5fb2c998db3dfe30b757d9bf81ee4a6b76f8d773beae57347cb46eb495f78b3b9c
- SSDEEP
  
  6144:BjPK6XyF5LdYV7MEPkQu1DWhTBqi627nMDtd4:BjhX49dcsQsWhTsicd4
Score

1^/10
behavioral11 behavioral12
- Target
  
  bin/SnapShot.exe
- Size
  
  35KB
- MD5
  
  edfa47918570b66fbff66890a146898b
- SHA1
  
  fd93666ec0dcbdf3e163071156888c3db7d39f4d
- SHA256
  
  be88b41d505d13b93886383c862ee219bcaa4a8c9616a478733cf7748f7550e3
- SHA512
  
  dcaaa2f6b15a668ff25c68b9563d0a524198abd9a91328476c3f60183d4e664bd39c9d67dd58db207a8dd941d0eaf9d00532156b1dbcaae79d984eecddf5f8da
- SSDEEP
  
  768:yc2NFOarOa6VT0xOha5/xpe29XexG3lrsK:yc2nOsOjVJ253v
Score

1^/10
behavioral13 behavioral14
- Target
  
  bin/TGHistory.dll
- Size
  
  390KB
- MD5
  
  8e3fea0eb834af6dc3073c796f83d02a
- SHA1
  
  ab1ce0516e9a891e13f267b81f87b95bb6e8f4e6
- SHA256
  
  a159f5ca0e8d86694041132fa5df770c85b9981c842dc30cc9dbe5f502dad546
- SHA512
  
  d6a05138eb6dbc4d89eb1de8d40c5a383feae858186afb1f489db27827a2eeec2ae9c383195917e289d8eddbb4377b2ddc2ea78ff357d4476b6ad22a86701b0b
- SSDEEP
  
  6144:FEZ+d2UnWhxJShMSHsJkiHInFRnWoi21IxM:m6aXkF1WoVmM
Score

1^/10
behavioral15 behavioral16
- Target
  
  bin/TGMail.dll
- Size
  
  10KB
- MD5
  
  0dd252c56a284ca392bdee7dc25e3ee4
- SHA1
  
  a04667d967f6fe552f63b8e6c099d437bfec15ed
- SHA256
  
  f0a824ec3a5626a0764d9b1c9f3e0e4032a34f4724ec235d8baf79797a299aa0
- SHA512
  
  bdc29d30979b9a34e46390e09fb9a368e5f6bae39d018fe8da6b61b37052baba6089d469d654dc5c9d9389c68b8752b92c2c06d73791a3600a1dc7ca12cf6bfc
- SSDEEP
  
  192:0ypZrJeGEccLrOfOZfS3XuEq39SkazQpkqs1IZiwfCx+ebCfXZmG:0ypZdFEccLifOZf++m31+NCnbC
Score

1^/10
behavioral17 behavioral18
- Target
  
  bin/TGNetWork.dll
- Size
  
  423KB
- MD5
  
  432c0784d6f5facdef14386c80be3cf6
- SHA1
  
  376931308e6f71713f1d6b30a182cfe6e5b3d2b5
- SHA256
  
  9a7357357a9dc61fe89cf28f4fd341818ab0b7473038c50bc126321a90f3d6fc
- SHA512
  
  f517938780d52da76d88882068a44ed7c5a020350c25efa95c96ac596b98e6329c2c12cc817c3f274507563c6cb7b43b65b4030c8bd80e8a2c7a4a8ec857a584
- SSDEEP
  
  6144:hF/UZuGS7zprjHErEpZ2PBttl/V8D2xk0YZQDB+zkKu:zDGSXprjH8tfKD2W0YZQh
Score

3^/10
behavioral19 behavioral20
- Target
  
  bin/TGRes.dll
- Size
  
  123KB
- MD5
  
  ec15e2d1401662fd49241cba88366689
- SHA1
  
  b06eb886b330cf307a60b254ffc09ca582a95df3
- SHA256
  
  9e2785f48c9043b4455746a77ff81b0913d36d7fb36b0a1c5c7b35f1533b990d
- SHA512
  
  dfaf91227e7db7fadf26d5f26f0a20b9cbb7f8b6ec36e8685f74e0f8ddf3ebca49787a236ba53f1d79a97310d9cde6164fc18e6a4d54a437311b357b56585f11
- SSDEEP
  
  3072:qoht8ZjxBNR14pQ635SKuWWCdjCvDFEq1J9i9zZboVbk2ArN:JhtgBEQ635SKuWWCdjMDFEUe9zZUy2QN
Score

1^/10
behavioral21 behavioral22
- Target
  
  bin/shdoclc.dll
- Size
  
  486KB
- MD5
  
  8aacf2dab353f88f56a17e5e471d5ba1
- SHA1
  
  f76c54c38f56213dfa8cb4fde157b9464c6a20bd
- SHA256
  
  3abaa4788d5130bda0bdec8f52cb97edd1fc263690fe10966ded3818e740b236
- SHA512
  
  0a798adfe6b35af021a2919bf2b5d44574420c17bf289af4248b5aecaf440b2bf89bdcb96745514191c5881bac1f815d1a9ff884b061f18e21cd183efc7a1614
- SSDEEP
  
  6144:DSz4HMKqBYgejnrz52mAa0P+ptxHn8b1LS4/XYZTblhHKT2NSt:PRqWrjrj0PRz/XYZTblhHKq
Score

1^/10
behavioral23 behavioral24
- Target
  
  uninst.exe
- Size
  
  59KB
- MD5
  
  6646020dfd9c677eb6366413e1e16e97
- SHA1
  
  3cd364f01516fb4b3f61cc6ce6f0dddb6ec214f5
- SHA256
  
  bec6f664b5e2df43493b8113f0c2c14df1205acc50b5af582ba527c975a9719e
- SHA512
  
  24542b307c3ada89032cd128058e42c61264ba6669c3d41abe95f8eac79cd8016a371cc25fead32abc70abd8f66f576eeede634ff1524b7188d90319f728512e
- SSDEEP
  
  768:Ye3PFaDVyOQgljLDKRJyM3BmsHzSB4us/wJJanOZw8m7CwQoEVnV6PDRchfwNFIh:P3cpyORJLuB4P4AJJQ6m7C7VnV6PHm
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral25 behavioral26

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

T1543

Windows Service

T1543.003

Privilege Escalation

Create or Modify System Process

T1543

Windows Service

T1543.003

Defense Evasion

Impair Defenses

T1562

Disable or Modify System Firewall

T1562.004

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Modifies firewall policy service

Deletes itself

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26