Overview

overview

5

Static

static

3

Installer/...nt.dll

windows10-2004-x64

1

Installer/...er.dll

windows10-2004-x64

1

Installer/...er.dll

windows10-2004-x64

1

Installer/...2D.dll

windows7-x64

1

Installer/...2D.dll

windows10-2004-x64

1

Installer/...er.exe

windows7-x64

5

Installer/...er.exe

windows10-2004-x64

5

Installer/Serilog.dll

windows7-x64

1

Installer/Serilog.dll

windows10-2004-x64

1

Installer/...og.dll

windows7-x64

1

Installer/...og.dll

windows10-2004-x64

1

Installer/d2patch.dll

windows7-x64

1

Installer/d2patch.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    293611ae6bdb0517260724485a9d669c9040dc69b2c1f282b5fefd174edfb4e7.7z

  • Size

    1.7MB

  • Sample

    240722-s1amvavckf

  • MD5

    1ca8702c199ccb5f0df6171e5a24b988

  • SHA1

    83cc6364251743ff3a0c3f766a8687d0c7b893d3

  • SHA256

    293611ae6bdb0517260724485a9d669c9040dc69b2c1f282b5fefd174edfb4e7

  • SHA512

    30892d88088c120eb062c680f21d2249f4e85e06df794d192f2800d51f1d70def47dd200c4a9c7a30af8e648e9193cfa1ca9218e350e1eb67e8d44ea4f090288

  • SSDEEP

    49152:eCamQX69R9KxdK6iVqImROHQzD4MtT033EiQPmI3Q:96w486i8ImRZ3dB0nGHQ

Score
5/10

Malware Config

Targets

    • Target

      Installer/ActivationClient.dll

    • Size

      55KB

    • MD5

      35a501747ce3031c033bde8b3ba0713c

    • SHA1

      6c1fe3945ed37e8a7f70ba7f3d5d0a02f149c4b2

    • SHA256

      51ddcaeb8c77610f06c7d72fefa7072a85b625a893191d399ac768cd989363c3

    • SHA512

      015f7e1963f02db92f0553c3e84e20662e8ae827495efdcb6a23f1db41166a96e26efb803ea45ca76bbec3fd692b931383c1f1760844609da9a70ad29fe9a2dd

    • SSDEEP

      1536:kgGZUQifL0Rd/xo5QbmkPHbdHOUvvWwABmohI:W83EPHblOUDABZhI

    Score
    1/10
    behavioral1

    • Target

      Installer/ActivationManager.dll

    • Size

      779KB

    • MD5

      8001ad297ea7b2851de6629044b1a8c2

    • SHA1

      485d79d18d0a07c827d5ad0df6869f5a11c055ce

    • SHA256

      6b7c0b5e7ce32164ccfb69da6eb43b4c2552df0b98973b183ab1b04e5f2f4597

    • SHA512

      89411ffee36a2a28de92b945345147b13e67b68a1171458d45a11090aca2f73149088c0ac679277859bcd376f66959a33db7031cb4280d219672f7c6b501d359

    • SSDEEP

      12288:44ckDcBjLXan3wrY86pmKLkBzUCJ1p6lHgejZJn:LcsU0NtYKLkBzauejZJ

    Score
    1/10
    behavioral2

    • Target

      Installer/ActiveSyncProvider.dll

    • Size

      1.6MB

    • MD5

      e845ac66b7c5c0e525de7a3be02dea56

    • SHA1

      0b94dddfb937008a95642c2e2b78b92ee5619ed5

    • SHA256

      770f8744cf005b6b0e6e2bfe0295441443e104ca552e4452a171e9039f52ae06

    • SHA512

      e6d5a57f6370a5c6068e833c2dd70b89af64762a3834b1a885e339e3da133ddce6dc9ebcc88c347de723523780601566b66e5c9797289480a92f6dc3534e745b

    • SSDEEP

      24576:TWrq6/TiS0gaHd+aYUNzmgzuscMNVdd3XO9rpkA/4nAm8XiG:TxiiS0VHd+VUNzZd3m9PCUXiG

    Score
    1/10
    behavioral3

    • Target

      Installer/DirectX2D.dll

    • Size

      74KB

    • MD5

      8007e86641d16e884bf59012f5ba6e21

    • SHA1

      6ef0792bb5262bdd890ec0547cc4b882f1ec732c

    • SHA256

      71c6dc21f24ac87f16a0ecac17bb2fa135962af2df7c8dae8e2e3cd669ddde8d

    • SHA512

      3bedd9c7786eb882bc1b2225e8bff51447cf7a8de541757a49f2390212025662cc4b9b3afa225d5732f8f48e5dedc82346fd4d88bb4df4b33fbefbfb56179c2a

    • SSDEEP

      1536:N9rxMjLwEdysf5Oxcb7+9CTSj5vcvwLQb5kk9khkgxDg9nHxLghp:swE1cu7+9CTW5UvkQbeLxDgFk

    Score
    1/10
    behavioral4behavioral5

    • Target

      Installer/Installer.exe

    • Size

      351KB

    • MD5

      c083c3af46c7e1c955b4e7b4df33636b

    • SHA1

      e1d3169769e419284fcde1f3721f04e522c174da

    • SHA256

      f1f8a75979ba412b0818330b2b6aa4ce8fce42199c2df35d2829c5b358882105

    • SHA512

      1b26c4771ce6cce5373217dee5105dd93138a541d6985ccfbfc3801f206b2f7ce23bdb4ab781e86254dc690da759c38730d5822f1347f97189bb47eea62ebf28

    • SSDEEP

      6144:fYvW5bKTSlM4VUgJZOXT7HN5eOqKF0KdIhil40X5ReuOzOsomRmLjwW:fUTSvVUgJKPyOqKWKdIhiNZ6OsommLU

    Score
    5/10

    • Suspicious use of SetThreadContext

    behavioral6behavioral7

    • Target

      Installer/Serilog.dll

    • Size

      125KB

    • MD5

      181f3e3d0c509566283156816eb317ca

    • SHA1

      400debdd4fb9ae24719157132a87c4bfeff7fa6c

    • SHA256

      db0a4c4a21a1ba0937d1c22095c2b0702422efd4c7a41aaa577608288a2e69fc

    • SHA512

      039d5a0013d6f0e916a86baa95452d79d4524f5c83b913170daa73e1333b2d424c0d9a74193e71ede3a0866b778781c57993806baa08833d11df825626e6d667

    • SSDEEP

      3072:6obKO7RaoWuUeZk/f0Sh1HlWZm1ZZTdyGFkNUMT+P65jDt:bbKKz1UeZk/Phv8lDuPa

    Score
    1/10
    behavioral8behavioral9

    • Target

      Installer/archivelog.dll

    • Size

      49KB

    • MD5

      11eb138db53f5896f3cf95144d04132a

    • SHA1

      204fd914b84630366c3a656254f39a99a884d8d4

    • SHA256

      f80c92ce064a19d514cdaaf1838244f203c188462d26119df7b408291d68f8b8

    • SHA512

      da60124b8c95e6bc7d123def35e61041f567df57401737ad3fdaeef12140d2a6410eedf6cd29889f401cae4cff7b6c0bdd71507b2885e06cb39d75da42bd63d5

    • SSDEEP

      1536:Pyl9DERHUxDiJrVPpO+KeH8Ie1sGvLq4WMn:Kl9DGHUxDiJrRcIcsYV

    Score
    1/10
    behavioral10behavioral11

    • Target

      Installer/d2patch.dll

    • Size

      976KB

    • MD5

      b6dde6f8a1b88fe4aae962064a6f5271

    • SHA1

      177543d5128191e4eabeabd4e99041ff4d193652

    • SHA256

      a9f8f9c014a760b568212c99f17f2c1b4e0e4d6082f9971d04bd3250fa931927

    • SHA512

      8c28819c5fc8c449b1ca6b395ff35deb099a44f857be35323347834c3285c87d65067b547eb6dead26183a06499f0324445103f03ca35935a2016e2e0af09115

    • SSDEEP

      24576:2jveAn9tcCk5sYGKbqKmKVHIhMkVdyfcoET3qU/1+:2R9tcCEsd69GoAc

    Score
    1/10
    behavioral12behavioral13

MITRE ATT&CK Matrix

Tasks