b2eeac12dcd385e1b91eda960caf741ac185fe6ef0e370f39cfea650c8e90118

Sharing

Copy URL

Twitter E-mail

General

Target

Disporia.zip
Size

16.9MB
Sample

240724-nxkanaxflg
MD5

321bbe08efc12ab84b0b083edb69dd98
SHA1

3bdb91bc5b60a47b9919fc8a8fe194fb11c926dc
SHA256

b2eeac12dcd385e1b91eda960caf741ac185fe6ef0e370f39cfea650c8e90118
SHA512

b6daeb3b80af0760f868b448f805d80a00a860e3ff7735b6c7856a00e58df35320e6e853f6601296fb23a85586b8f52bd6d03af0fd19b16d498e9e7b1e2ee925
SSDEEP

393216:pJ21ZFpFfeV73TppQxJcs4MJXhZq7qnOrupf6h0MFIh:pI/FpFfcEgs7Jvq7qnOruJ6R2h

Score

9^/10

Malware Config

Targets

- Target
  
  Disporia/ByHighNET.dll
- Size
  
  1.3MB
- MD5
  
  9166536c31f4e725e6befe85e2889a4b
- SHA1
  
  f0cd8253b7e64157d39a8dc5feb8cf7bda7e8dae
- SHA256
  
  ad0cc5a4d4a6aae06ee360339c851892b74b8a275ce89c1b48185672179f3163
- SHA512
  
  113a7b77d2d557d135470787deead744d42f8292d853e2b55074e9cb3591fd045ffd10e5c81b5c15dde55861b806363568611e591ae25dcb31cf011da7e72562
- SSDEEP
  
  24576:IJSShz305vgNF7/cOCPHPSVs4Eq+QTNX+cfQdS+2MMPishd/Ws5:ti0aNvoHqs4L95X+cfx/HGC
Score

1^/10
behavioral1 behavioral2
- Target
  
  Disporia/Disporia Injector.exe
- Size
  
  8.0MB
- MD5
  
  6d2ccd485fdebb72bc2c41f091537051
- SHA1
  
  d19b33908567baff6906de878dbd4d973458dbd0
- SHA256
  
  bfe00508bcda264ff9218dba1178e356c675a3dddcabfb9da0df8721e16ad261
- SHA512
  
  8db1ac7749af567c982493db5028e26817d5995ec1842ba892b8b2b19c2f3e2ca3500ca06e9dcfb828d429f3071662d5dbc102164c507ea1a4c0eacaf41fce08
- SSDEEP
  
  98304:FoRoh8FwjzD92BpzIvkK8MMhJMjargKaJObO/OH9KkqxzGW1PgeDbXrqa9LAJdPN:Foih8FwjErzIkB6yM+KriWuAJ9sjPoQ
Score

9^/10

collection credential_access discovery execution persistence privilege_escalation spyware stealer upx
- Credentials from Password Stores: Credentials from Web Browsers
  Malicious Access or copy of Web Browser Credential store.
  credential_access stealer
- Command and Scripting Interpreter: PowerShell
  Using powershell.exe command.
  execution
- Drops file in Drivers directory
- Clipboard Data
  Adversaries may collect data stored in the clipboard from users copying information within or between applications.
  collection
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Unsecured Credentials: Credentials In Files
  Steal credentials from unsecured files.
  credential_access stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Enumerates processes with tasklist
  discovery
behavioral3 behavioral4
- Target
  
  Disporia/DisporialAPI.dll
- Size
  
  1.2MB
- MD5
  
  a5e19fecd7db392469f74b60b5f0a65c
- SHA1
  
  3da8a11dbaef047c663b82879531e829a8fc6fa0
- SHA256
  
  a5d967c72169d38fd8e429482bf4fae3dbb9d5c47c5cda6882261c05f15d1c41
- SHA512
  
  0bbfc68f955f70134f8620e49795953dcfa4536024cdc9a579f0e5a9f7a4c970561d7b2786699a255a9948367ebb92560d681033398d7d23fdc984e33297d45d
- SSDEEP
  
  24576:c/DatK7f4Im/2dF989RLRXNlDeb1i9JyxAme3MpZp:c2Of98zLRXNlDdJyxzCM/p
Score

1^/10
behavioral5 behavioral6
- Target
  
  Disporia/Koblo_v2.2.dll
- Size
  
  236KB
- MD5
  
  2ecb51ab00c5f340380ecf849291dbcf
- SHA1
  
  1a4dffbce2a4ce65495ed79eab42a4da3b660931
- SHA256
  
  f1b3e0f2750a9103e46a6a4a34f1cf9d17779725f98042cc2475ec66484801cf
- SHA512
  
  e241a48eafcaf99187035f0870d24d74ae97fe84aaadd2591cceea9f64b8223d77cfb17a038a58eadd3b822c5201a6f7494f26eea6f77d95f77f6c668d088e6b
- SSDEEP
  
  6144:SIQpxILDXGGMO7Ice9C5kQw2hWHcHTykhb:SIQpxILDXGGlET9n/cHG
Score

1^/10
behavioral7 behavioral8
- Target
  
  Disporia/compress.dll
- Size
  
  15KB
- MD5
  
  982475050787051658abd42e890a2469
- SHA1
  
  d955e35355e33a9837d00e78c824f6e5792b47f3
- SHA256
  
  4e193ccda4ef7ec7fc1bc12d7abba225a9af5b4612aa0b67a02324b9da8b268c
- SHA512
  
  c97b40c82499759e8a11b581004252be618f967153b5a9ce425f9a385746f3a1bdc467686023f36ed11212ea23e1c6b03b4df32cc5dd2a8c4b1d4ab23541c1f6
- SSDEEP
  
  384:mZ81sYtoyOlQibJB2qdKR2kPDv5RDN5xnF:W81sty6jkzDXBF
Score

1^/10
behavioral10 behavioral9
- Target
  
  Disporia/disporia.dll
- Size
  
  7.4MB
- MD5
  
  5331f9d8278c927450148c4e37c5d16b
- SHA1
  
  df61c411e6c9ab9615c0c9c413d26539f3efc84c
- SHA256
  
  229e8423fbaa7c67bd1e0ca3211499b77d6cb08123fb5e294e0fe54877ac0ff2
- SHA512
  
  d653c6973bed7cc02fe442db5e41fa076eb24d870604961cf190b5f955050ec06f9ca3a216ea044cf4d6cba4f2c7cf31f2e5e9db8f32c4fec5997f93cf94052d
- SSDEEP
  
  196608:To+EMcMRwTnX3nvejd6Qmle2RTSFPP7aFkB6zaf:CMoTX3vej0X76zumf
Score

3^/10

discovery
behavioral11 behavioral12