c2d4225a8dd180e87aed7489da9f1d2bc6b38f7507ca52fc9cdbf55efa4446a4 | Triage

Sharing

General

Target

c2d4225a8dd180e87aed7489da9f1d2bc6b38f7507ca52fc9cdbf55efa4446a4
Size

9.0MB
Sample

240726-a91arayfqg
MD5

caa163258817f1b691f65fd9888ccc8b
SHA1

3c210cbb08b499497edfbb4298ca6b88692640e8
SHA256

c2d4225a8dd180e87aed7489da9f1d2bc6b38f7507ca52fc9cdbf55efa4446a4
SHA512

0925fcadcb42137ccdcc9fc9d6f2eff8b5758ab6902cb73562f83f90e79f684894e3c8dcba4b68da0811d738ca467cb976bee1a01ea4489636e94ccb8e044729
SSDEEP

196608:aKbQTFMROAgwKIBbzal7pqd46/WZPz6xrGF36yhj:aUQBMgJtl7ph6/W5d364j

Score

7^/10

discovery execution

Malware Config

Targets

- Target
  
  c2d4225a8dd180e87aed7489da9f1d2bc6b38f7507ca52fc9cdbf55efa4446a4
- Size
  
  9.0MB
- MD5
  
  caa163258817f1b691f65fd9888ccc8b
- SHA1
  
  3c210cbb08b499497edfbb4298ca6b88692640e8
- SHA256
  
  c2d4225a8dd180e87aed7489da9f1d2bc6b38f7507ca52fc9cdbf55efa4446a4
- SHA512
  
  0925fcadcb42137ccdcc9fc9d6f2eff8b5758ab6902cb73562f83f90e79f684894e3c8dcba4b68da0811d738ca467cb976bee1a01ea4489636e94ccb8e044729
- SSDEEP
  
  196608:aKbQTFMROAgwKIBbzal7pqd46/WZPz6xrGF36yhj:aUQBMgJtl7ph6/W5d364j
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  cff85c549d536f651d4fb8387f1976f2
- SHA1
  
  d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
- SHA256
  
  8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
- SHA512
  
  531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88
- SSDEEP
  
  192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/UserInfo.dll
- Size
  
  4KB
- MD5
  
  2f69afa9d17a5245ec9b5bb03d56f63c
- SHA1
  
  e0a133222136b3d4783e965513a690c23826aec9
- SHA256
  
  e54989d2b83e7282d0bec56b098635146aab5d5a283f1f89486816851ef885a0
- SHA512
  
  bfd4af50e41ebc56e30355c722c2a55540a5bbddb68f1522ef7aabfe4f5f2a20e87fa9677ee3cdb3c0bf5bd3988b89d1224d32c9f23342a16e46c542d8dc0926
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  7KB
- MD5
  
  675c4948e1efc929edcabfe67148eddd
- SHA1
  
  f5bdd2c4329ed2732ecfe3423c3cc482606eb28e
- SHA256
  
  1076ca39c449ed1a968021b76ef31f22a5692dfafeea29460e8d970a63c59906
- SHA512
  
  61737021f86f54279d0a4e35db0d0808e9a55d89784a31d597f2e4b65b7bbeec99aa6c79d65258259130eeda2e5b2820f4f1247777a3010f2dc53e30c612a683
- SSDEEP
  
  96:J9zdzBzMDByZtr/HDQIUIq9m6v6vBckzu9wSBpLEgvElHlernNQaSGYuH2DQ:JykDr/HA5v6G2IElFernNQZGdHW
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  MUDWFP.sys
- Size
  
  31KB
- MD5
  
  1e0a032e103df6965aaf552aeb72011e
- SHA1
  
  ad10d8c15636987aef3c4296b9f3ee1b31ad61cd
- SHA256
  
  d810b9302f17095d1582c9e8188588412e5f330ea9dbe7bde09ecbafb9d8d7fd
- SHA512
  
  d487ea74c3be364e205049cd8337569e138bddc5d2b8c202dbfb0bcd1128746510e729c890496f7b7a05d9eade1e89beddab6076894dedcc7db1ace36b5859dc
- SSDEEP
  
  384:m36x1PaR7Ji5EYqGWaHhgNkWpzd/R9/Ztl/k6h32WLMB+6R9zQnyzfx:mqa7JNhGWaHhGhR9Dlb3nos29zSgf
Score

1^/10
behavioral9
- Target
  
  WdfCoinstaller01011.dll
- Size
  
  1.6MB
- MD5
  
  e4e12fd47db9f790a0b9d57b6fe68d5a
- SHA1
  
  2966b3e5c42d1976841853c8de8cf6e841e37263
- SHA256
  
  11854c840e03404aa5653414068043ba2ffa05ecc8082094cbcc6f9de8b157a5
- SHA512
  
  f36d02dfae643da6a888d63b87d292bec6c9d5a797f3b11e2b84989209c17f9daad21cb4efdb1c68e84e27cb85e2fca046839c09bf2e9cfe1b8bdf79bd5cc1f2
- SSDEEP
  
  49152:8Yedhr1GtpoBkCX5onn5BIFpumu5Oo0hSx8fokJQ:YPrMoCCXG5+M5O7hbLq
Score

3^/10

discovery
behavioral10 behavioral11
- Target
  
  dbghelp.dll
- Size
  
  1.2MB
- MD5
  
  4003e34416ebd25e4c115d49dc15e1a7
- SHA1
  
  faf95ec65cde5bd833ce610bb8523363310ec4ad
- SHA256
  
  c06430b8cb025be506be50a756488e1bcc3827c4f45158d93e4e3eeb98ce1e4f
- SHA512
  
  88f5d417377cd62bde417640a79b6ac493e80f0c8b1f63a99378a2a67695ef8e4a541cedb91acfa296ed608e821fee466983806f0d082ed2e74b0cd93eb4fb84
- SSDEEP
  
  24576:9AkmijauMug/iyFzb2DfsPV8A4C2vNI1cPdf8xZLGNfav9T:9WiOuRg/iyFzb2QN83XfeYaZ
Score

3^/10

discovery
behavioral12 behavioral13
- Target
  
  devcon.exe
- Size
  
  76KB
- MD5
  
  b40fe65431b18a52e6452279b88954af
- SHA1
  
  c25de80f00014e129ff290bf84ddf25a23fdfc30
- SHA256
  
  800e396be60133b5ab7881872a73936e24cbebd7a7953cee1479f077ffcf745e
- SHA512
  
  e58cf187fd71e6f1f5cf7eac347a2682e77bc9a88a64e79a59e1a480cac20b46ad8d0f947dd2cb2840a2e0bb6d3c754f8f26fcf2d55b550eea4f5d7e57a4d91d
- SSDEEP
  
  768:3zrhT5+KybRpnE8K74kca7NerB8iXpYmRRXvdi82BSOe9oKSJ2SLD0BEZWkA:3+KY04RMmSCYmBiF4O7WT
Score

3^/10

discovery
behavioral14 behavioral15
- Target
  
  js/axios.min.js
- Size
  
  13KB
- MD5
  
  d7a175dcf106af47e1c0f608b892a115
- SHA1
  
  2a30207e817e1e8510e710a034c18e990a30aef8
- SHA256
  
  4b52781951c70cc8a2ae2afdaac5d673c656c3be0f1c769fa6c1e9e4f5ed8d3b
- SHA512
  
  6ba05da9c48f27b70a1de5b2d427db7bf84625e69911598f32dcaaa4823d5853b7f4ea868467be3d2d1682d1c9c5dedae2ed2b2d5f533d84a434bb4e97c6f680
- SSDEEP
  
  384:ApI8XyWPbWeAExXfgxH7RqzGbcQdVzCbUm6HwT9eei:MbXdFGbcczC/6QT9e1
Score

3^/10

execution
behavioral16 behavioral17
- Target
  
  js/axios.min.map
- Size
  
  108KB
- MD5
  
  8e223152ccc14e8fd3f6a6a6dac5d307
- SHA1
  
  fe2a07c123a3188e6a57e1eb676b82ea32c31ebe
- SHA256
  
  267fbb2878e9cae46cfea2b323cc63aa533139eb865488feffba9b4107455259
- SHA512
  
  5d8796eaafd0a4cc636b4096509a0dbd8e1ff7627c3492e48dbd7ef323f65bac02e098218bac193168daf8c4e3e2b9cfc6f293eca5cfe105999265cfe784652a
- SSDEEP
  
  1536:P++oer/p1YhmqTvFo9A99xTbBBL/go+AlLhaL:4e8HxoiXxTdBso/dhaL
Score

3^/10

execution
behavioral18 behavioral19
- Target
  
  js/bootstrap-switch.min.js
- Size
  
  15KB
- MD5
  
  76db41e9378af542a464cc0e747428bb
- SHA1
  
  858be63d690c4f345c292ec814a96aabc78ce3ab
- SHA256
  
  23214b7b58edab5c7809fc26f2cfa723750360908f39040088f14c49e2d7a286
- SHA512
  
  fdafe6708828306a1e9b170ec666c62954099cabfd9b18f4e3a15db30cf04c3dbee39bae8ed6dab9e449717ba8ed677f836fd818323176c970d2044bc47afaec
- SSDEEP
  
  96:Ub4y/XHFCUdpE+cXgItVa+ireiWYBLBqALQe+lB2IJ3dktHJURwh+uISAI/Fy/hm:UbvXHZMQGOPi27GyML47ALw
Score

3^/10

execution
behavioral20 behavioral21
- Target
  
  js/bootstrap.min.js
- Size
  
  28KB
- MD5
  
  ba847811448ef90d98d272aeccef2a95
- SHA1
  
  5814e91bb6276f4de8b7951c965f2f190a03978d
- SHA256
  
  898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
- SHA512
  
  bced99d9331614757643273441a2b8921103382949ab0e510f386c453ec2a2359da39680d8a169e6bcbe7531844eaf5f598560f0d133d3fa3a9f6c7502b148df
- SSDEEP
  
  768:jryxMjJYkskKzykVtCb+9C8agZMdyKHfivbOCtFKH:3HbjZC7w
Score

3^/10

execution
behavioral22 behavioral23
- Target
  
  js/codemirror-mode-javascript.min.js
- Size
  
  14KB
- MD5
  
  590ac706742c26478c4bf735e3669388
- SHA1
  
  7a56b16158fa2a178a8d9bcc069c3fc643c1f9df
- SHA256
  
  e510e5c0356ee167f4e0bd6b8057c3088a2f4482fe990c2f5e144ab23026de95
- SHA512
  
  e4054df688e44ca8291bc51eeca2db4477b39f64813fdc1bfa80a864c819b998c4923cfcaba0d0ec9d1e85d09c05d30313fc413691b2fef5d641611ffe2e12d8
- SSDEEP
  
  384:hknPiF/6tE4i9vN6ZP2LG2WUdEiYRCDyE:hknPc6t3iBN6pH2XEiYRC3
Score

3^/10

execution
behavioral24 behavioral25
- Target
  
  js/codemirror.min.js
- Size
  
  162KB
- MD5
  
  239aa3f6014f48da5147eff1de6233a0
- SHA1
  
  90ad6200390c1791ca8ea9ab8ff55f50536653f0
- SHA256
  
  0f0392cb3b9b0d2501b930f966984a2aa42f4a2029ce95621e0bc50087998ca1
- SHA512
  
  3761d357ccd36f9a630e6f231e939c72866129e9acf609d124c4e454a11037821b045d5628ac0f2a4011150d0dc678f02859424db6a78e21701264ec2efe28ff
- SSDEEP
  
  1536:1i0t7f4xtmsMU0hIDPPj7qoDnedt/GSTXSy3kBM8LzcUYU5LVH6SL907sVzSOVPx:1dOaXcne/G/9JzcNUxlZLazELL
Score

3^/10

execution
behavioral26 behavioral27
- Target
  
  js/es6-promise.auto.min.js
- Size
  
  6KB
- MD5
  
  889f6a354b79c38bdf62a8792a65329d
- SHA1
  
  34b3404aee23c330527201dc2c3b6e78a7655f51
- SHA256
  
  5f1addaf2e9f5922aed63d802f2b8afe01c543ed81a7be99ad1e9fdd05c8e3b6
- SHA512
  
  4bf35d2ee9d5e083b5c4f21f6fd213f485e1cce6de320e96471031fbcbce5760ccfa233aaf443a8a2a08c2b628548e6a1c490f54cbf5f66ff4f4d9cb22362e5c
- SSDEEP
  
  96:+0jAZG8kQrNkq5sr9KlGzbGQa5NUufRGorSqiZqW8+R7bBfj3IaJcMN5Mof:+OENx5oOAozG9V3nJ55Nf
Score

3^/10

execution
behavioral28 behavioral29
- Target
  
  js/es6-promise.min.js
- Size
  
  6KB
- MD5
  
  898c9f48be8c5545ccdd50879d3f902a
- SHA1
  
  8c0eeb92561944216667b7fc7bd7e4c9e14a4c77
- SHA256
  
  c54d7286e4a0a52530538bd22385d60e5603a9d327fa321f11bc5a7cb090fc36
- SHA512
  
  24c2bb22609dffd57140cec55af013de78eaa398862a459c39ac7a070ceeab8f31c4577bfe37a429c80dfb9f5947006812966fbfa264c21ddf0c6ac15565f9bc
- SSDEEP
  
  96:+0jAZG8kQr/k0Jsr9wlGzbGQo5NUufRGorSqiZqWW+R7bBfd3IaJKMN5Mov:+OE/7JaOWozG9l3nJL5Nv
Score

3^/10

execution
behavioral30 behavioral31
- Target
  
  js/jquery.min.js
- Size
  
  94KB
- MD5
  
  8fc25e27d42774aeae6edbc0a18b72aa
- SHA1
  
  b66ed708717bf0b4a005a4d0113af8843ef3b8ff
- SHA256
  
  b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
- SHA512
  
  87d90a665c15d71ac872bd8bc003d9863964c7ec7ada6370b902b93c0bbd7770fe25730d946c7c6a465baa95efa74bc0e78af3f83aea615af35060cc8702a6c1
- SSDEEP
  
  1536:EPpEy5BMibZGOj/bEe8v+/UWf4IhvAuCh/jqkODZ2D5N9Rag0MOIdSZAgtgoX5Yn:bIO/e2D5c4LgtImLja98HrK
Score

3^/10

execution
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32