80628c3bf2a36c061210b3b3098309ccd74c12778906ab75734acefa22af21de

Sharing

Copy URL

Twitter E-mail

General

Target

CCleaner-Professional.rar
Size

77.0MB
Sample

240721-xh9rfasenj
MD5

593eca6687c7f0134cbcbae8d7cbb548
SHA1

f760c7b37f3ba542c48d7351b65ffbd70b77ba5c
SHA256

80628c3bf2a36c061210b3b3098309ccd74c12778906ab75734acefa22af21de
SHA512

cfb394195460881d50869895ea86cdf206a4393390e404c1138b813b0368143b7270e6a159862c5c9fc742a75084562f87cda6bbcca03832570a1fb78c33595b
SSDEEP

1572864:yvBn7XWXQfAiSulWSqsLnSp/o9QjdQHdK5k7QDi8iB05xJHQoT6cwgS5m7mtypyi:yvBnDWAfAiSulxfnCo9L9KcQO/C5Xp6I

Score

7^/10

Malware Config

Targets

- Target
  
  CCleaner-Professional/ccsetup625_pro.exe
- Size
  
  74.5MB
- MD5
  
  dd1c07c23f43164a71d525f23cfea8db
- SHA1
  
  97ab99a14636e2b9920fe1bb1868fcbda3094fc0
- SHA256
  
  193890704894e4aa1c8112aea01c425fc027653c10d8157f0356395a63aaf74c
- SHA512
  
  72ff71268e40695aaf8783840cd532bdddedc0da11279ffbac7bc55fbcc96765d29f7dc830763516318cf5577dfa8ad1d04edc3a2a76b0c9003d50238d3c49fd
- SSDEEP
  
  1572864:yvBn7XWXQfAiSulWSqsLnSp/o9QjdQHdK5k7QDi8iB05xJHQoT6cwgS5m7mtyp:yvBnDWAfAiSulxfnCo9L9KcQO/C5Xp6p
Score

7^/10

bootkit discovery persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks for any installed AV software in registry
- Downloads MZ/PE file
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1
- Target
  
  Lang/lang-1049.dll
- Size
  
  269KB
- MD5
  
  3bed33f9ee8176c73a447555a1dafe61
- SHA1
  
  ce695505e5d06a95eb00c3fae9065c7d4a8fd944
- SHA256
  
  93d8b511d7299097987d7bf627dbfb70ceebc6bd77881bfa5ee274164121862a
- SHA512
  
  15826adf8f3d6b5f8957712966da0e2d52ca403572d5171163fd5222941983a77863b25f7cf3282a78360db4b27d48593b1b0655a7a194596d2615d4c5697eef
- SSDEEP
  
  1536:qOAob3Gt57KUkqLBbZSBTjZGjjFaskv7Txc:qOAE3Gn7KUkq5ZITdGnFaskvO
Score

1^/10
behavioral2
- Target
  
  Lang/lang-1050.dll
- Size
  
  280KB
- MD5
  
  f1df7a73539a9e89ae68477234c7265a
- SHA1
  
  2dbc6228a6d363b8c3e5a3185040b1b218a7d7c5
- SHA256
  
  4e860a809affd73c530da7202f61eca65e7fa7f807378ac7f827dc64e73d972c
- SHA512
  
  743ee6d7ee0d980ba9e1f5584251137d44d8d3cb31a8a2d8b491386a9ce338c0dc7273b6e35553a0e1f8139e391bf18b4a8bde056c4e28ac859d1da20c6c1d9c
- SSDEEP
  
  3072:fOunwUkEjuTAg8LmwkuvBi/NfKlDPhzCK11AFM/jg3XK5wKq:ZwUb6gmqCJZ
Score

1^/10
behavioral3
- Target
  
  Lang/lang-1051.dll
- Size
  
  266KB
- MD5
  
  f5f53e874282f1131d1c31166e089928
- SHA1
  
  a5e087264d06810b88eac8337c6277243602eb54
- SHA256
  
  3aceba21c486debe00cf970821b6792cb44c557fa53966a37ba5838634d34149
- SHA512
  
  46ab8cc5aa62b2072c451d25067286c08b217098fc756dde6b34865ed3e008fd06ca4d835bf3163d14ab547239368c5f399b3ccb74c5ece3a5e505ff0dfecdca
- SSDEEP
  
  3072:5O+QdGr1zSE4O4XFtr2LWX0sop3ABenp521oRU6rDv9DETWfxtLswf82trxqt2hD:PUfZ6GD8
Score

1^/10
behavioral4
- Target
  
  Lang/lang-1052.dll
- Size
  
  96KB
- MD5
  
  0365b9e5a0fa290b228c197b71895c09
- SHA1
  
  4a6a13d4e5f95e20a36c6d3d83ddb1ef7844b0fd
- SHA256
  
  f2d11c5244ac42bdc8aefe190fd86cc36264698be4cbc087b8d619d8c93a283a
- SHA512
  
  6889cef520b898b7478e2f282d180f0b9367d2f0463d76c7d49562b300eb2a571f2a88bdfe67cb46c8e1ebe3f74339ff07e0d1f8f2873b3e02cdbd74fb0793ec
- SSDEEP
  
  1536:Xn6qRuv+PTg0Pg9evRKrmFqYbXm17fyxF:KVvExPg9evRKrmFqY617m
Score

1^/10
behavioral5
- Target
  
  Lang/lang-1053.dll
- Size
  
  262KB
- MD5
  
  1cd4f803bb4a9fbd7a9a07305887566e
- SHA1
  
  afbf73c2591612cccb8c1dde78f4b6c404853035
- SHA256
  
  1431c4c6f475450c0221a6780ebaa670e0a491a2d2d7f56a960a04aeff6aaeb8
- SHA512
  
  314de1f2dd4ff906e5e6085f80d1c6ecd86569f0381f23ab743680d3dd8139c5af4c4979dadade29c08dd456794c86b140f3422e41989db9a4a7ab9d0337c5af
- SSDEEP
  
  3072:wO3kN/puqpv0GWYIuzj9CU1w48dFPn2iaNpQ2S/nsuZs9+UTBl/EEEqJ5OS0qZp+:d5gvrfViDMLZA3Q60dO
Score

1^/10
behavioral6
- Target
  
  Lang/lang-1054.dll
- Size
  
  251KB
- MD5
  
  60405d90b4135a8aa11782eff095ce7a
- SHA1
  
  0810c166e0bf542324ab2a7592fc33bbdbde6955
- SHA256
  
  708d9f08d1e963507b984c4fdbd8e8ab5f059a35bb013482007e8b9211f3834a
- SHA512
  
  897434629193e90599a55c4a83ec0c7375534d2990371cdc7fa685a980c0899b43631e661dd4c3b28e84f10724f959f98eb0e5dc7568d68136b5967fc7340fd3
- SSDEEP
  
  3072:KOAGZVlkS/+Mgkz7D+iBVMSHHCjq9n3weW5x78OCM4b0R3mFnqxuuYR3l:1bUo
Score

1^/10
behavioral7
- Target
  
  Lang/lang-1055.dll
- Size
  
  281KB
- MD5
  
  85071f75eda638dbb6f43aff570edfb8
- SHA1
  
  6278a2c545d7eaa9aca842ad84ba6a8f1277d3c8
- SHA256
  
  ef9f7952af2911b468771cc956da229dc594a330b699e16dabb1100fddf960d3
- SHA512
  
  9cbaf02ef20bdd9454f0f08652d80ac28e87f45929511f89fcbad61f9f7bda11ba3a1de2512fc818ab259901171cc95cdc466e340decdbaa6c8c788f17d40332
- SSDEEP
  
  3072:WOI2tbSoZXtwbSayJfzLK36reuSPx7aoLRG1UdB1uMmcxj2JuyI4kOienS6moo6J:OyoxJ4rlN6ryL4cfG4coOYU411QnaXM+
Score

1^/10
behavioral8
- Target
  
  Lang/lang-1056.dll
- Size
  
  269KB
- MD5
  
  85b6fdc49e569f5c7b4cc85b80521abc
- SHA1
  
  5b73b385731ca71c452d808e88e3a27e332808f1
- SHA256
  
  f74c34ce40a6cae4f57f5b00937ac578cfb59780f5efe48175c5cfb7d3150a9b
- SHA512
  
  f97b0e85d60384e51443f3459b1d31c77c6222c013eee412781a89401df0d9884402939d8f19d634c2cdc7d391007dabceb00b7c899c67c54462df6141bba21e
- SSDEEP
  
  1536:oOu/XHhZhf4PSkj5RKgkLth+GvoSd7kx3:oOu/Xn5aRj5Rw5c
Score

1^/10
behavioral9
- Target
  
  Lang/lang-1057.dll
- Size
  
  271KB
- MD5
  
  6f3a8af1904aa3580e5bf8bb5b5eef01
- SHA1
  
  24f235106466322e8a10498ab59ddd2b63f38d09
- SHA256
  
  2219844a9aa66616ea8233b7201da0e200bcffb528e99686280cc3323298fe4e
- SHA512
  
  7ca083ef52901d4b9990411d94c83fcbd57dc77622c05ad9c3f55739e3b4195fce65f471047fc9b5b97eb34ffb3781a63298d85a8820d37a12d58674065aa90e
- SSDEEP
  
  3072:SOk21sbqLRRB3LPllkJq5WycwPALrbC/hDiypbDsalR97gAWl11NB:/B3blelr+/h+i5k11z
Score

1^/10
behavioral10
- Target
  
  Lang/lang-1058.dll
- Size
  
  273KB
- MD5
  
  87b3327cf5d9f390e134d4003340700b
- SHA1
  
  010489f7e55c3158dea435844b29d673fd646fce
- SHA256
  
  88b30ed4cde5b5d480b515c4ee0c0a1c19781133ce95adb285871b14be9ae7a6
- SHA512
  
  fb65ff2a8719de0edac3c8fc76f52e48b7f871477c13a4f5631f636417ac09ccd06e9c8d6462fcd897a82a5907a6a119f8111148c0bf1ef6415a43b8166849f0
- SSDEEP
  
  1536:0OFc+BUwhopP24xej01KKA6NIhMEDdQPlYB7om07ExxF:0OBmwm24xwphTDdq08m0oV
Score

1^/10
behavioral11
- Target
  
  Lang/lang-1059.dll
- Size
  
  267KB
- MD5
  
  eae1a18f5d3ac5647837602574676a6b
- SHA1
  
  e503f3bd691728a3957ef2af74292e6669798d5f
- SHA256
  
  66ff69328e5fde62c7648d7e3c2128cd75d93a2818a50e7809c1bde21a69f11f
- SHA512
  
  2f843f0b26393f4f4a385bebbe67bf7741dbf3e5e51712a893cb4738a8723d373e7c289bd8858aaae3f58af8f07b059fa1976a75667ac2d2f7db2aa9dfce3b84
- SSDEEP
  
  1536:6OSOAzzGdrZbDYz7cSXIjN+EGtmods872xp:6O2EVDYXXsatK8s
Score

1^/10
behavioral12
- Target
  
  Lang/lang-1060.dll
- Size
  
  284KB
- MD5
  
  e5d6ac00488eeb653d385b52b1890f89
- SHA1
  
  1d1e7cd9666cc8937dbabe94876f0bfb08029706
- SHA256
  
  460658be3a82e864eff9712467525db992ee730e9eee1d2d0a8041b640753ec4
- SHA512
  
  204b4183ef29b2f6119ee9d042186d75a2ab924a32da7d9ecedc87d6aa58dbf1cf1d52880388883becbae6a5c4878ea87cfe0f16bd437be072878e803a2f6f20
- SSDEEP
  
  3072:HOXb6yNUB+Db7tT0yRVLX90eNfVyYoD1sFZVpmg4V+JkEKvperPV/4JmZIdiZbCg:iVUs
Score

1^/10
behavioral13
- Target
  
  Lang/lang-1061.dll
- Size
  
  258KB
- MD5
  
  90268a6cc1ce42d4f1375de691de096d
- SHA1
  
  9f461a5fdc6502cc08483bb381b9160d692b100f
- SHA256
  
  94651b73428c3893778e6cf39705fb887de25ba6ac5b8008d71d0ade82abf4e1
- SHA512
  
  868665155569a28ed632dbf06700f340ca16bac0c0116222607a8965d8f2763c778a556872cb8bcfc74c849e117bfb9e2c00d29cc971e931fc267b094effcef1
- SSDEEP
  
  6144:vS6PYBjrXQw4Kfm0lh7+BKJlmO447p+AKuYq:FLo
Score

1^/10
behavioral14
- Target
  
  Lang/lang-1062.dll
- Size
  
  266KB
- MD5
  
  ac9b5ee6074c0c04db54670c181dc23a
- SHA1
  
  98c38a43090c34a6f01076e4542a45089f0341dc
- SHA256
  
  f95adb132ba570c551c714045078a85917ee53c8e7d533d2e23b3c4048201d0c
- SHA512
  
  cbd14d885fb82c26ec00b72ff55ae920d240cfd07c1fdcbf6b68286208e50b23b608dbab94bfb83edd03a8a5cdf1ca8cf1a6613e4f3e60cd5cbc5af9ab540080
- SSDEEP
  
  3072:RO137sqaua3xqfkz3xOe2cWIrCy1ddAG98kPHeoagIxJDhFCrxo:mQqjtlIrF1ddAG9zPHeoagIxJDhFCrS
Score

1^/10
behavioral15
- Target
  
  Lang/lang-1063.dll
- Size
  
  272KB
- MD5
  
  ca290f48e8fe83acf71ebbce3071d18b
- SHA1
  
  d3587f06e583fc2154eff02adfa636ab0adf4978
- SHA256
  
  782d73a0bfa4434f79ab37ab00ce9df4f1dd6987bd3a26374ca22c5a9366ca39
- SHA512
  
  9737f4cfda0dad3f19712f8a16490630f81197687eedc440240e04b6bc8257a6a502b573b0c5f4fbe8f7a4bd9bfe4dd50b0d360ff1cb5a02e00ecd56848b4d03
- SSDEEP
  
  3072:OO2GoFxILT3wHKd4OZphEXSKyb74AwlCTWgVEhm5f6UsAJ2QE09GZytVEaLpglnl:xItwdyL
Score

1^/10
behavioral16
- Target
  
  Lang/lang-1065.dll
- Size
  
  267KB
- MD5
  
  d0488f45814369e9d2e21f3e4d1406f8
- SHA1
  
  07527eeb1fc5874e2e0385d1eb5fced2a51233a2
- SHA256
  
  8a2df91b3179b5a55cf28f052e668bc9ef7222a26cded8fcfbca0a485ca410d6
- SHA512
  
  d61438f057326dae3a0952b0f26fc6adfaaed5af4ca838998c6fbf590f6c4685286cc4e501e3f1dbbac6de0fcd5b65c01502dd7104565b5d2ec0292df9034df8
- SSDEEP
  
  3072:jOi6wg68Y8bfz7uFEgw1vO6asQKjY97MH5kVw7hu8W0YU:j6wggaf2Egw1vOtsQKjY97MH5kV8/WFU
Score

1^/10
behavioral17
- Target
  
  Lang/lang-1066.dll
- Size
  
  278KB
- MD5
  
  7ea294c3b5e445113feda53dff4f5fb0
- SHA1
  
  3a312276f4df0c75385ef8c9a4197e076a4cc42e
- SHA256
  
  dc50eaccab6afe86c32ce7c4118b7b9584802a8eba265f090b974ee2bdaa145f
- SHA512
  
  7db5e74c954f48b39a6ac0229eab05e39c89d3bd5e0e923c3989e7e016652f3a7d2df68b4222733fb7a29a39d1339c41505170faca841e95176919bea0f3235e
- SSDEEP
  
  3072:YO5VLHQb3OJJv3Sy5boo+hEoMMK8bAy8TI2ZZVP5PlMxF:jk3OnS9K8T8LZDUP
Score

1^/10
behavioral18
- Target
  
  Lang/lang-1067.dll
- Size
  
  95KB
- MD5
  
  043d41e915e72add181b4a662aa77bcc
- SHA1
  
  be0840057b3d144df6a875238fb1b7cd9a2b6cb6
- SHA256
  
  8fe96ed27a10cad334c2cdf1903cda8a470ea1c9eea7876197d24ba5e7d4631b
- SHA512
  
  7d3b38c3aa2b9808f424e07e0c7d8ce4d39e5e59e5c1928b18f09284a9c678ce68add552dc3294f1f5cb614e7b8841d5641014fc97eae3422212a543aef84212
- SSDEEP
  
  1536:vVRKRwjihIlKVSYMOv2RLT7KooahF6LAIUjmuJ2DispH1aNv73gsmfAsZATeg9eD:dQyXThwi0Yeg9evQ1rmFqYvsc
Score

1^/10
behavioral19
- Target
  
  Lang/lang-1068.dll
- Size
  
  94KB
- MD5
  
  c7162b539c39cdf4e85439ca50bc4ed0
- SHA1
  
  34766ea341f9c040fac6028903dbb1586879ceec
- SHA256
  
  1ee7f1265645714e5d5b5e54f1d2965eba6af5925359d89115a8b6afc75b6768
- SHA512
  
  b56982885792df9dc0325b2ee3a7a168a1cb5404dc2407af11be8567f34502a2eb9b2ba44a79b37b9f609c74203cac2adc474f20144d4fe949b8621f65259938
- SSDEEP
  
  1536:28OWtBFOFKSvrNse08AsdUMJ8vlKnMTg0Pg9evRKrmFqYWXs7gxr:/JBYxselfGvlKn4xPg9evRKrmFqYn+
Score

1^/10
behavioral20
- Target
  
  Lang/lang-1071.dll
- Size
  
  103KB
- MD5
  
  db3ad560ca389fb1b58dabbb608602c5
- SHA1
  
  e2b3fd3af35ba29454cdbb5d7c900033a59d5d21
- SHA256
  
  06eedf95ea7536f8666191530fcb05863c2c7820fb159ac5e12661d8bfee033d
- SHA512
  
  809d8b53e7c91d91355eb02873652718e3a1bb7d7204ea489b61148a1f51b20a0c616b878f688d2f0a763a22c239232fb3661fece1117a6ca6ce0182472d9b5c
- SSDEEP
  
  3072:TIfvxxMq132FYhTaWH1zgdevRKrmFqY7R:T3WHc1a
Score

1^/10
behavioral21
- Target
  
  Lang/lang-1079.dll
- Size
  
  96KB
- MD5
  
  b19da55fb6bc975394f4402e0c942bdf
- SHA1
  
  9eeb3afcb6ebf0a43509209f86f2a2608507b8bc
- SHA256
  
  95e18c296035d9339b56eaeb6a6cdc726758280f3f17267622dee6d1c72c70b8
- SHA512
  
  79e1f3595070c7e387e7b9328adbc5d41d83bd31f6007e3e41b0c84740ecbcd591c045afb1c468e3611910ff4e378c80b4af51970ad40c88ac46f906fdca3635
- SSDEEP
  
  1536:0Mim7E6UZ2gL/VgFvSDKBMTg0Pg9evRKrmFqYWXf7+xp:ZUZ2gLdIvSW4xPg9evRKrmFqYgC
Score

1^/10
behavioral22
- Target
  
  Lang/lang-1081.dll
- Size
  
  270KB
- MD5
  
  d4c19b73a3322b229592248cf13769b9
- SHA1
  
  87268d42785e94da804d074f9432cd84645c3258
- SHA256
  
  5a9af5238955515cdc947cac3147ea1bfb6dedc9d9d9645564301bf37d724cbf
- SHA512
  
  ab840c660d0223aa51a4d94de3bdd450323d43eaf2dd101339d62536a2dc4a1769d8eb4847665aed7839ae52e63783e9d37880f8dce529073325b6449837eb77
- SSDEEP
  
  3072:aOacNh0qtd0dv9GCYxmdFchBhThkbX+IErKc/Rdr1trcMKeBzAWTJ3z+bhAqhnV+:PFvkF1+tk1aWaMtI1x
Score

1^/10
behavioral23
- Target
  
  Lang/lang-1086.dll
- Size
  
  281KB
- MD5
  
  8e75d885603accb10fe295af3cba25f6
- SHA1
  
  70f6d2cff978f67e989cdb11fabe186b66dacb4f
- SHA256
  
  ef10274d11dcadb7cf5b8e3a11269ded0da1e52949ca7fc5d391d8bf5a4ba555
- SHA512
  
  328233af585b610f9cda927432f0cd04724d9218a4980087fab0b9d4dbc9a58ae7012a1693489e175fdcdcf651276fe25c42ac4f082aee03f544fe058499c52d
- SSDEEP
  
  3072:aOuOUGG59FkMuQsug+hOPyq2UnuCpHUhv:uwA
Score

1^/10
behavioral24
- Target
  
  Lang/lang-1087.dll
- Size
  
  93KB
- MD5
  
  b389bd5e0b49655d9ae381bfdb29dfd3
- SHA1
  
  7b011f4ed0c4f713a4897fc99c184e4e51754c26
- SHA256
  
  c0a7030cd9dad5b4015e76506631cd7a1a08fe9440f8f0e6ab3edc55a27cda80
- SHA512
  
  0810a7c67a863569123ffe3f17f1e7b1cdd05a23bb8f5dedceb662381b099ac243c1f12f71b072d1192ae3c354fbcec6b48c058aadba42d928fce72068d5bc12
- SSDEEP
  
  1536:Y8xbxAJ6vrN4mB/jx+dnwSp69vhdFUxtg0Pg9evRKrmFqYM76xij:HcqJIwlvhv4xPg9evRKrmFqYMp
Score

1^/10
behavioral25
- Target
  
  Lang/lang-1090.dll
- Size
  
  104KB
- MD5
  
  8592a347c2d4041ab9d3ad2bbfe1d174
- SHA1
  
  b4cf3bfcab93fab1a7aa89a9b3d1c2a38899d8ea
- SHA256
  
  53a34fae0df71a206d3ead72145ca0fb4409c15ecbf3648e00f10201a95248ce
- SHA512
  
  91650ae975a7d4d494d643898ecfa8e04ffa7cb4643380a8f5ae3b033d02db2e99fe085b8950c688ca9e40a4a32dd141c233e3f0fc45e5e61a002206979e649b
- SSDEEP
  
  3072:vUxZ5eiAoalbBP+98CddkERRc5ijjsfaWIG0LwB0spaS26NDdNdmVesHAn4qoqIT:tVq
Score

1^/10
behavioral26
- Target
  
  Lang/lang-1092.dll
- Size
  
  92KB
- MD5
  
  74a5fa31fff66d1abaf8bb4334d54386
- SHA1
  
  55681f6d99fdacf3dc29f8143c2cdbc0c77adc91
- SHA256
  
  1f2317d77e4c49d237b5636e07203334f7ec43961f92c73f7848144a0769e7c5
- SHA512
  
  b01112fe5e527446180974f9bb157a916f07762ea247e78d284870a3f8ed62e6df90127d0d47ee57956d0ee64b21cce93881cebe67e52327f01e2f3d8ff1d928
- SSDEEP
  
  1536:32E8pozpgNaKTnEcNS7vO0MTg0Pg9evRKrmFqY+s7Axx:R826aKTEcNS7vv4xPg9evRKrmFqYL4
Score

1^/10
behavioral27
- Target
  
  Lang/lang-1093.dll
- Size
  
  274KB
- MD5
  
  52973b482c8563799950daadf9f3b057
- SHA1
  
  3fc34bd1fac060f38b732c7b8ddfb952f4d981c6
- SHA256
  
  10ef67d5b1e3b802b48483a37f94414faef9a149579d72d4b620287276183340
- SHA512
  
  ea44d9f903463ced4a06a03fa418c10067cc9d39ae8681edc485cf01777be12efe14c68ab8c7a843491f1ccc637544c94e518683b07c6f38a76a681582cd1d53
- SSDEEP
  
  3072:dKOc+67kbZVDyYhn1ivN2zA46Erzs+PvC+xIasNu4CyZtlIEvR:dakbZVDzhn3zAUzssIaOu4CyZtlZZ
Score

1^/10
behavioral28
- Target
  
  Lang/lang-1102.dll
- Size
  
  97KB
- MD5
  
  381d2aefe6ae70eae8f0fe116d947e2c
- SHA1
  
  2aa93cb4feef42b3ea241efa683cfa3e18b8b5ad
- SHA256
  
  ee63e20691f8c210701d5f1e75285ab1a3e171b16aaf4be0cd8b4cb8737cdbf2
- SHA512
  
  2be4500bff8f94ce3b50ec2828828edde3e6bdcc30372b68a926094534d1511e7b193f2c7f29873c22eebfdacbb03d845fe511887fb7629e5b3195e03d454fb5
- SSDEEP
  
  1536:oQ+vvrNhPw/3mdwJ3vJbMTg0Pg9evRKrmFqYWX17Axw:uRh4/cGvZ4xPg9evRKrmFqYGV
Score

1^/10
behavioral29
- Target
  
  Lang/lang-1104.dll
- Size
  
  95KB
- MD5
  
  d5983e2a53a95266a058c073253ceee3
- SHA1
  
  6e62c7808c62dbf00ea9401df67c82382d42af31
- SHA256
  
  440b53f746ca5e4f718f0d7bc07791243aaf80d6ad36c1d9d59dc52401c10d78
- SHA512
  
  fb685c5db3e02492fbdd11852c94e3de45a9b4b0bdc59f7e2b44ff20bba420085d0d2d3b005287e3e3f155d104a56776d5467cad6c1525ec15e1d97efd8b0290
- SSDEEP
  
  1536:K6WKkcKSdmT/ya7LLuPaCdx4vOw38M1g0Pg9evRKrmFqYWXY7XxX:zWnSAHaH8vAexPg9evRKrmFqYjx
Score

1^/10
behavioral30
- Target
  
  Lang/lang-1109.dll
- Size
  
  99KB
- MD5
  
  0f82c8139f35f14cd7462554c53f284a
- SHA1
  
  4b69bbd0c8b0d75e81a2c1bb2916e51869253dd7
- SHA256
  
  e92841526dbde6d7a2bb895541775069fdd46440dda5fd043702249be9540c6b
- SHA512
  
  6730b4a0806ed0b55c3216edd13e84c32b4018015982b91ffb9fc2a5b1603899e2e4b91471a544f9c148058483ec1c9b991a3025cc16e0ee6694d49f56fb5062
- SSDEEP
  
  1536:gNsWvrNxLllQdwx9veMTg0Pg9evRKrmFqYWXM7NExx:+sI960ve4xPg9evRKrmFqYHhK
Score

1^/10
behavioral31
- Target
  
  Lang/lang-1110.dll
- Size
  
  94KB
- MD5
  
  a3a3f9d96eca8b5514e47a50e6e0af0d
- SHA1
  
  c986ed1f5b4bcb43cfdd12bd1178b42118a835d0
- SHA256
  
  c3693f3233f4408a5d22bb0eb9ac97fa20d271ed4d1499da14c99e646c566b66
- SHA512
  
  6c11de7bc2f540ae5e6adcb1b916742623d97ca22c42f3a9fa531f254aae58a09cd85b0b2670f6dd84ca4084534460cc064f04221369c151d6c0784cc6b39b05
- SSDEEP
  
  1536:LtVvrN/KQEDdwd9vJ2q0EZqMTg0Pg9evRKrmFqYWXQ7Gxx:pL/hE5IvCR4xPg9evRKrmFqYLY
Score

1^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

T1542

Bootkit

T1542.003

Privilege Escalation

Defense Evasion

Pre-OS Boot

T1542

Bootkit

T1542.003

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Query Registry

T1012

Software Discovery

T1518

Security Software Discovery

T1518.001

System Information Discovery

T1082

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Reads user/profile data of web browsers

Checks for any installed AV software in registry

Downloads MZ/PE file

Writes to the Master Boot Record (MBR)

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32