5dde351516155c3ec5f77c4b93018609d6beeb642a03f12d5da30f0e1ca9d410

Sharing

Copy URL

Twitter E-mail

General

Target

840971f6b9e264361d0748afca50d310N.exe
Size

5.4MB
Sample

240716-hjzwassdnb
MD5

840971f6b9e264361d0748afca50d310
SHA1

b53db20b34e04b0b625b950c86a77251f77663e3
SHA256

5dde351516155c3ec5f77c4b93018609d6beeb642a03f12d5da30f0e1ca9d410
SHA512

4912f33d43e17444fdd58247a459f390ed1433b6f9892688c262a4fa0cbf3e3e09e5677ed956d9b40767ed47786265d831ac63c5e9e03523777702ca37ef4c21
SSDEEP

98304:hjWpiX6sEee+AHN/zABIzs16UQqRZaOBXVqRt3DKe+LMceFa/D4vHZ0M:NMiK8e+kNxzs4UQaaOB8tDp+recER0M

Score

7^/10

Malware Config

Targets

- Target
  
  840971f6b9e264361d0748afca50d310N.exe
- Size
  
  5.4MB
- MD5
  
  840971f6b9e264361d0748afca50d310
- SHA1
  
  b53db20b34e04b0b625b950c86a77251f77663e3
- SHA256
  
  5dde351516155c3ec5f77c4b93018609d6beeb642a03f12d5da30f0e1ca9d410
- SHA512
  
  4912f33d43e17444fdd58247a459f390ed1433b6f9892688c262a4fa0cbf3e3e09e5677ed956d9b40767ed47786265d831ac63c5e9e03523777702ca37ef4c21
- SSDEEP
  
  98304:hjWpiX6sEee+AHN/zABIzs16UQqRZaOBXVqRt3DKe+LMceFa/D4vHZ0M:NMiK8e+kNxzs4UQaaOB8tDp+recER0M
Score

7^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of local email clients
  Email clients store some user data on disk where infostealers will often target it.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  $COMMONFILES/SpeedyPC Software/UUS3/LiteUnzip.dll
- Size
  
  46KB
- MD5
  
  1259c3b4bda98faf491bdfec7a147b36
- SHA1
  
  c8d0a31672ab51a9bda2def63a5830dbf59a92c1
- SHA256
  
  645fe3e7dc8ed3c2f363ee551f064986a10c36fdb9a37153b30ba5400cf738fe
- SHA512
  
  fdcdbb1042ba5dc2a365345bed123f317e8735dba5d9dbf3d6583d40a728049ce6c253e3311ce427c924ba3afc846f25dcd9241fff4b2b02380a457cb55c7b9c
- SSDEEP
  
  768:08zd/VxMu48xq5j+HW6D4nf6HSE53CtRGXDpD2F+8edR5xPa/JM:nd/VxMu48YQbtSE53cRGzpz8G0B
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/GraphicalInstaller.dll
- Size
  
  77KB
- MD5
  
  c6a2332af1db39f76b37ad024003d9e7
- SHA1
  
  72a0d82abbff2edcb2ef21b5c8793105482c625d
- SHA256
  
  dd8cb56054cf916266937c5410f94f79009443fd090d9e8d0f2fda03d5868bda
- SHA512
  
  11d7e259932f4411463a711368c2017ac3f206b724dae9bf6024bafd40cff4ed006dd12478021bde64e2c3dcf7f73359ea65dedd76a4f06b24847042ef001fe0
- SSDEEP
  
  1536:ipqSQq8J680lEOSS2phk7NRoe5s1KAsu:iQSv8YHT5UKq
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/Math.dll
- Size
  
  153KB
- MD5
  
  7fc4a4937d364d42d4d06ff3554a464d
- SHA1
  
  ad7ddfa47d0abfa0f3e9546db4d6fd6d40a39b41
- SHA256
  
  4e540d1d8ca1c7564753232d18a884b0597fd7e5df88f8b5d370824d858954b7
- SHA512
  
  da80c681fac9497d2002ceec33fee63f3d6ed0ef4a62213405f87343e3723b27ab0f51c98cf6f588a48d9edf10e68bbbe8856657e630bd6a15252ad96ede2da7
- SSDEEP
  
  3072:2REe7Z38wWD1faAg0Fugz//BNABN6X195j8e3:NwZMweZaAOg75yw+o
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/SkinnedControls.dll
- Size
  
  77KB
- MD5
  
  364bb3c9218429dd1315ad1db47e152d
- SHA1
  
  3253c1a381161c268bce8c487e892c8e5dd29dc3
- SHA256
  
  5f7998711ea856730139c4dac403f11b947ed94a464dc6d2d4b22f928c3a8536
- SHA512
  
  d9084068a259acb9a1691d10da8610053d3abdf6dc78d7357d80d1ac794d940478d2b05c3050484680ddee4c832ae30d71a67b2c2978845e298aca48058e01f6
- SSDEEP
  
  768:Q0p2dJFs6nYFg0vxrF9jd+IpMCGC8BnmmfJmLVp1aB5tEEThyX7QirbTGgyhTFDK:Q0YsX7vxGjBvJgVTadaXBTeh55axv
Score

3^/10
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  959ea64598b9a3e494c00e8fa793be7e
- SHA1
  
  40f284a3b92c2f04b1038def79579d4b3d066ee0
- SHA256
  
  03cd57ab00236c753e7ddeee8ee1c10839ace7c426769982365531042e1f6f8b
- SHA512
  
  5e765e090f712beffce40c5264674f430b08719940d66e3a4d4a516fd4ade859f7853f614d9d6bbb602780de54e11110d66dbb0f9ca20ef6096ede531f9f6d64
- SSDEEP
  
  192:sRer7uivwq1XpKs4FVWSjMd8tIg2cREbyCsZ8q2R4Sy+Xe:s67Xws4FVWig86/5eCBqSy+Xe
Score

3^/10
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  f7b92b78f1a00a872c8a38f40afa7d65
- SHA1
  
  872522498f69ad49270190c74cf3af28862057f2
- SHA256
  
  2bee549b2816ba29f81c47778d9e299c3a364b81769e43d5255310c2bd146d6e
- SHA512
  
  3ad6afa6269b48f238b48cf09eeefdef03b58bab4e25282c8c2887b4509856cf5cbb0223fbb06c822fb745aeea000dd1eee878df46ad0ba7f2ef520a7a607f79
- SSDEEP
  
  192:y1zQhZDqlJcKISw99ioU3MSfwLF/+nhHUisdz:ozoZDGKYw9goWyFGBU7z
Score

3^/10
behavioral13 behavioral14
- Target
  
  7ZipDLL.dll
- Size
  
  535KB
- MD5
  
  cc356317feceaeb3f98dd72170e0b279
- SHA1
  
  13f8dbb6e683d1db06888ef2182d200b1bb4e793
- SHA256
  
  988b259b5c96eadcd14a5ee709f0f8d65fdb526b3fbc9714152e92fc92d9052f
- SHA512
  
  dc5805cf1a35b628cda5970ef02212d448349492f8364d250c3d3ed285ad50afe2d46e02ddf291510c5e7b97ef45cbd34cb84c0acfc1d8a9c5deaa078f80fd88
- SSDEEP
  
  6144:7xZKMZcL5HryEO+VpnvvdEBptqi5Bn7LNOLkmVKapZG9OOhX8xmyEtrVUjSSdQbI:VUxdHl3dm37LNO7VVpU4+WYtrVUjqbI
Score

1^/10
behavioral15 behavioral16
- Target
  
  CommonLoggingExtension.pxt
- Size
  
  151KB
- MD5
  
  c208b1d248531b0035a8f3a3235017c4
- SHA1
  
  007a1541aa837f07070bc5bf5207e1c52c6441ef
- SHA256
  
  e28f4d9dad57441c3690af654733804cfa06a94ba22ce64854e82bbe55e24c68
- SHA512
  
  c5d4f074449900af68b84f06e7a8aa1a2b78171a8f9e86bdea05a6868ec0b7048a7735ad2d2caa9742e9844b70abef7e02b8abb323039bd736377d3e31b29ece
- SSDEEP
  
  3072:xMO/k7ZqgzQzIpPTnvwxWbgbro4F1LuB2qWiCzUcBW1ogaeqnFYLIDhQpebQU/zR:xMosAEMIpLnvwxWbgvosLuB2qBgUcg16
Score

1^/10
behavioral17 behavioral18
- Target
  
  CommonSpecialist.pxt
- Size
  
  150KB
- MD5
  
  26dc5b273d817257941ef9264129736a
- SHA1
  
  8b120b6f966b76e57f7af4e7245f66241f5fc38b
- SHA256
  
  63bf8ea19ff5e70b7a3b69f280b771cce39b4c0cef449bd8ba2c8c6de1c8fb1e
- SHA512
  
  011f3b9d02145bc7c17f47cd22ef67667c71a3217246c4c1bad6f59ea34bb4d1acb44fc50c86158d1a56bd07693466bd401d2af2b01370338d3c37c17b7fc8cf
- SSDEEP
  
  3072:eLgfRn1L3ZvyE9/VZCzyOuB780R/TFraZP0Err:tpn1L3ZvrFVwzyOuB780lTcZPnrr
Score

3^/10
behavioral19 behavioral20
- Target
  
  ExtensionManager.dll
- Size
  
  81KB
- MD5
  
  87914af1bb2966187873d0894b43db6f
- SHA1
  
  a71df7273841b0ff3ad2c633c07f14c0ac680097
- SHA256
  
  9757bb4caddabfe7861c55bd4bedb41c90a3afce6a3aaf136492cbfc6c2d515d
- SHA512
  
  04798b9365b39911090b0295657642f645bd7c3bd077671dc16c0edb55abe42f463489eddf1faca772a49cc90c9e81caf7d741c14877fe23a910e01ffe9e5b4a
- SSDEEP
  
  1536:CmZlNFtFk/PSW4LHqaJlediaXfkoITMpGYD/i2zKp5JLqRY:CmZ5rlRJZ8dITMctgKp5JLqC
Score

3^/10
behavioral21 behavioral22
- Target
  
  HandleUpdate.dll
- Size
  
  1.5MB
- MD5
  
  4c10f80fc0e6bf4561dc4c2f9dc15e4c
- SHA1
  
  2cea6e0e220469173928510296a1b6a1b65f8c25
- SHA256
  
  bf29393c138a865535682c99cca2920e00f15a17bba14ae6ffb915de55535dd6
- SHA512
  
  07a18da0f91321232ad434d11382387a7e1381e9e55f37a53031f701aafdc3541b1b7465e0c2d3a53cfef022c526596ab0894e28b4c1c3b1fbb537b8ea65a6a7
- SSDEEP
  
  49152:zcqgaNMrg1bqbgPF7G6yFi9wdHqqz+z+NTwq2OYZJtkaPfMD/mxn:z2a31+bgPF7G6yFi9w1qS+z+NkOYZzkY
Score

3^/10
behavioral23 behavioral24
- Target
  
  LiteUnzip.dll
- Size
  
  46KB
- MD5
  
  1259c3b4bda98faf491bdfec7a147b36
- SHA1
  
  c8d0a31672ab51a9bda2def63a5830dbf59a92c1
- SHA256
  
  645fe3e7dc8ed3c2f363ee551f064986a10c36fdb9a37153b30ba5400cf738fe
- SHA512
  
  fdcdbb1042ba5dc2a365345bed123f317e8735dba5d9dbf3d6583d40a728049ce6c253e3311ce427c924ba3afc846f25dcd9241fff4b2b02380a457cb55c7b9c
- SSDEEP
  
  768:08zd/VxMu48xq5j+HW6D4nf6HSE53CtRGXDpD2F+8edR5xPa/JM:nd/VxMu48YQbtSE53cRGzpz8G0B
Score

3^/10
behavioral25 behavioral26
- Target
  
  LiteZip.dll
- Size
  
  39KB
- MD5
  
  6b0a2f1a4894ea98ae291c4c7157258c
- SHA1
  
  eb84113974e5a9f407d7bae2acc83a9d6b3f7c99
- SHA256
  
  4df5f1b5f6068347c9e0dccdfc07c4c8103fb798f3b3ea31c3b8c53cb384a9ca
- SHA512
  
  f32719a62fd7cadd95618405f201f930ad48002fc65c23245456989ad4dd798a16e301777dff229b72dc58a74b81b74acd79ce4364c3dfdad10172b3c0df804c
- SSDEEP
  
  768:oy41BN8y3eMQ7kaXYeluJGa2vhZUBgAf9rY1Ve8R0jr5:oy4vqWThel+Gh63f2Ve1
Score

3^/10
behavioral27 behavioral28
- Target
  
  MyResources.dll
- Size
  
  492KB
- MD5
  
  730a2278d165868c39af6fae3f64cbac
- SHA1
  
  e0d584f4ed52ba50e218089b70659dc67e6ccc1b
- SHA256
  
  a92db1a505e81c31e7111b26b5695ec9922e9a38255f518e02dbc7cc6f6d0f92
- SHA512
  
  13b3011cdc97df73301b1bd2e313577fee309e919aa485b7911493976789abb77aaae6bc776d59c5655d2f89fab62a40a9fec9563dd678b5d24eecf0197e9c80
- SSDEEP
  
  6144:1zU+ezVQKszQL0kPVLmljzLIUT4dJCZEzZqaoHqdQXx6:1I++LpdKdIUkdJCZwq9qr
Score

1^/10
behavioral29 behavioral30
- Target
  
  RegHookSpecialist.pxt
- Size
  
  135KB
- MD5
  
  bc0d79e8a7d66f61d144bdaba9f21c4e
- SHA1
  
  f79057485bf1d4dbf59039a6682f1c3459de87a8
- SHA256
  
  e562086d730661316e8195013109ca305dbb0a07f4a0ab3965daad6fab5a7166
- SHA512
  
  0effdb356df6f854f3dee8814c4f8737047422670a02db1f6a86bd1bfe544d32b66d0910c18e40b008672412e535dc3dcbba92e2cea552217382c83d97e60534
- SSDEEP
  
  3072:arxH+fulSq6qEfTvyHoBbnS4frBdZoJBLvPAY:arxH+fulSqlHHqbnSyfZoJxoY
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Reads user/profile data of local email clients

Reads user/profile data of web browsers

Checks installed software on the system

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32