d076a08192d2ca7ec6cbb158c804956ac08d37e17be20d1b37171c87e4c39641 | Triage

Sharing

General

Target

d076a08192d2ca7ec6cbb158c804956ac08d37e17be20d1b37171c87e4c39641
Size

2.4MB
Sample

240726-a995yswcnm
MD5

7a02c92ea66bf1e38db54e9058492a94
SHA1

cdcabf0b53e12e361689f65374ab477fa7ae10bf
SHA256

d076a08192d2ca7ec6cbb158c804956ac08d37e17be20d1b37171c87e4c39641
SHA512

8f423d7c334a74d51f610351674fa784481dae8515a7c1dcbaa8c930eeda64eeab78c0d822bf81c6f33f408d3d016450acd3d136186eaf9f8f0338aa75711f21
SSDEEP

49152:3MkC5MPIcXJUg+dEQWOFL1g+Ye9iaJ/QPna0sliPpj0IJ:3MkC5MwgcUOFjBJ/Q/a0HjDJ

Score

7^/10

discovery upx

Malware Config

Targets

- Target
  
  d076a08192d2ca7ec6cbb158c804956ac08d37e17be20d1b37171c87e4c39641
- Size
  
  2.4MB
- MD5
  
  7a02c92ea66bf1e38db54e9058492a94
- SHA1
  
  cdcabf0b53e12e361689f65374ab477fa7ae10bf
- SHA256
  
  d076a08192d2ca7ec6cbb158c804956ac08d37e17be20d1b37171c87e4c39641
- SHA512
  
  8f423d7c334a74d51f610351674fa784481dae8515a7c1dcbaa8c930eeda64eeab78c0d822bf81c6f33f408d3d016450acd3d136186eaf9f8f0338aa75711f21
- SSDEEP
  
  49152:3MkC5MPIcXJUg+dEQWOFL1g+Ye9iaJ/QPna0sliPpj0IJ:3MkC5MwgcUOFjBJ/Q/a0HjDJ
Score

7^/10

discovery upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/DotNetChecker.dll
- Size
  
  815KB
- MD5
  
  83b493e0bc0cf1105ce25d9bd5d1c2b9
- SHA1
  
  1813bcb2a4384bd2a134bec29bd978f0b5c4e1b4
- SHA256
  
  3f7bed61a1f5ad0c0a468363c4f2974c2674fd018ce2aabd40b5a16604c2d4cd
- SHA512
  
  3aaccda41b5822d8eca0f8fb01c060151a1a19038c35905c937949491edc803ad7399f71ea7d56fded69394e4abb3f6266b3b3a8bcf644ef4bccb3406e3c2769
- SSDEEP
  
  12288:/s3lPW//U+/ViiIuuaOVs51bWMt1wbdKfK3s+TGsNlmH:/O+qsPWMt1wbuKcgNK
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/INetC.dll
- Size
  
  21KB
- MD5
  
  92ec4dd8c0ddd8c4305ae1684ab65fb0
- SHA1
  
  d850013d582a62e502942f0dd282cc0c29c4310e
- SHA256
  
  5520208a33e6409c129b4ea1270771f741d95afe5b048c2a1e6a2cc2ad829934
- SHA512
  
  581351aef694f2489e1a0977ebca55c4d7268ca167127cefb217ed0d2098136c7eb433058469449f75be82b8e5d484c9e7b6cf0b32535063709272d7810ec651
- SSDEEP
  
  384:VpOSdCjDyyvBwRlX+ODbswYM2s74NS0v0Ac9khYLMkIX0+Gzyekx:rdCjW/lX1PfYM2X1
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/KillProc.dll
- Size
  
  24KB
- MD5
  
  6c2b245e89428fb917a5805815a4054e
- SHA1
  
  5bcd987700dd761f02d2d1d024b8f20077985051
- SHA256
  
  0558bbdfe61eefb680e8560a7d4b174447a9516098f9cd8b4c84bf1552cee5c5
- SHA512
  
  ecb3fb77532d6ffa1ca08df05a6a86b18138356e63cb40edf68f97fc7fdf2e781a4ebeb1efdb9f13f947304312dd19ef5c4a78ddc60843f5f726cde69b2c57d4
- SSDEEP
  
  384:DqIKV2NkzYqElRYhENOwN3uCyolsTMY29Goaz+QshqTPZHoErRZGAqcywHTswk4:D3KexROO3uCyow2/RA9VRZtBzLk5
Score

7^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  50016010fb0d8db2bc4cd258ceb43be5
- SHA1
  
  44ba95ee12e69da72478cf358c93533a9c7a01dc
- SHA256
  
  32230128c18574c1e860dfe4b17fe0334f685740e27bc182e0d525a8948c9c2e
- SHA512
  
  ed4cf49f756fbf673449dca20e63dce6d3a612b61f294efc9c3ccebeffa6a1372667932468816d3a7afdb7e5a652760689d8c6d3f331cedee7247404c879a233
- SSDEEP
  
  48:S46+/pTKYKxbWsptIp5tCZ0iVEAWyMEv9v/ft2O2B8m/ofjLl:zbuPbO5tCZBVEAWyMEFv2CmCL
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/NSISdl.dll
- Size
  
  15KB
- MD5
  
  05f72d6a944e701217ef2eb2cc13e0ee
- SHA1
  
  fac99c39150ae484e4b3e0af2f4be86bb1835dde
- SHA256
  
  aab28914794a1cdda4561e9f2af3e006dbed220d9d6bfe049b56d0cb9b783648
- SHA512
  
  c87e783fc169ef01ac0d3ce29fbfbf349a2e22329df9203a1443cc2caebbe7f8282c0754740289ecca534951cb7e574bafef9ccbaa0da7c287109920ec9573eb
- SSDEEP
  
  384:hRy180+1ygVaLfKgcIno1gEBWZwCUKihb:hRy180+HSegEBWyQih
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  4add245d4ba34b04f213409bfe504c07
- SHA1
  
  ef756d6581d70e87d58cc4982e3f4d18e0ea5b09
- SHA256
  
  9111099efe9d5c9b391dc132b2faf0a3851a760d4106d5368e30ac744eb42706
- SHA512
  
  1bd260cabe5ea3cefbbc675162f30092ab157893510f45a1b571489e03ebb2903c55f64f89812754d3fe03c8f10012b8078d1261a7e73ac1f87c82f714bce03d
- SSDEEP
  
  192:VjHcQ0qWTlt7wi5Aj/lM0sEWD/wtYbBjpNQybC7y+XZv0QPi:B/Qlt7wiij/lMRv/9V4bvr
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  1d8f01a83ddd259bc339902c1d33c8f1
- SHA1
  
  9f7806af462c94c39e2ec6cc9c7ad05c44eba04e
- SHA256
  
  4b7d17da290f41ebe244827cc295ce7e580da2f7e9f7cc3efc1abc6898e3c9ed
- SHA512
  
  28bf647374b4b500a0f3dbced70c2b256f93940e2b39160512e6e486ac31d1d90945acecef578f61b0a501f27c7106b6ffc3deab2ec3bfb3d9af24c9449a1567
- SSDEEP
  
  96:o4Ev02zUu56FcS817eTaXx85qHFcUcxSgB5PKtAtoniJninnt3DVEB3YsNqkzfFc:o4EvCu5e81785qHFcU0PuAw0uyGIFc
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  Ionic.Zip.dll
- Size
  
  451KB
- MD5
  
  6ded8fcbf5f1d9e422b327ca51625e24
- SHA1
  
  8a1140cebc39f6994eef7e8de4627fb7b72a2dd9
- SHA256
  
  3b3e541682e48f3fd2872f85a06278da2f3e7877ee956da89b90d732a1eaa0bd
- SHA512
  
  bda3a65133b7b1e2765c7d07c7da5103292b3c4c2f0673640428b3e7e8637b11539f06c330ab5d0ba6e2274bd2dcd2c50312be6579e75c4008ff5ae7dae34ce4
- SSDEEP
  
  6144:leSYvQAd10GtSV41OJDsTDDVUMle6ZjxLV/rHo0Oaaz2R9IY:oJBdBS4msNUCe65frHMnz2R9
Score

1^/10
behavioral17 behavioral18
- Target
  
  Microsoft.Scripting.Core.dll
- Size
  
  374KB
- MD5
  
  e00a3c7dacdc2486b335d7a10013ed49
- SHA1
  
  870d1ba6893de6818851821dbde07637454775c2
- SHA256
  
  fdcb498ed28890d398a3e862f1e0b6f092d5146df32706141c2c6649060c76b2
- SHA512
  
  ea252e8c66fcc5fea287c3aceb02e015e6e438a00336c85a5e2aeb82d568a5a00991d071d4c65c2b03a90e68776aa225dc7b6ec65f61d33d97ff4b02fa3f0d07
- SSDEEP
  
  6144:8433AjtJhzuGkNXHwHgk/sZpGVL3Go/b0CAiyRe+yOxS1cVU:pimNA3Gyb0Gyzyh
Score

1^/10
behavioral19 behavioral20
- Target
  
  Microsoft.Scripting.dll
- Size
  
  139KB
- MD5
  
  372e8b9b4797773f19ba051feb12fc17
- SHA1
  
  0f3cea35dd53ae809a3b190374c587c09b79d7e3
- SHA256
  
  0a628bfc0b3dc1966b7d25c9a0b497dae617b382008935449e92ab7aaf01fbed
- SHA512
  
  04a3cf4a25d07ceab29476022c292d999ea0a6ff13038dd4e69c5c9d1a3e2c29b587484877e2b2b89f9660d01c66188f5fd5d1d8119d9bdfcdb47f2e1710e8ff
- SSDEEP
  
  3072:fI7HoovLqb8EBfw4ag0wEgle+bbTJMZBDYzdRq2RLB:mG0wpI+vAs79
Score

1^/10
behavioral21 behavioral22
- Target
  
  Microsoft.Xades.dll
- Size
  
  152KB
- MD5
  
  23052bf33a1f034543597dba37d8cc63
- SHA1
  
  8b561169d5db921d95c8b972594fdf10883fb756
- SHA256
  
  14029e133ab560fef4ed0f657263fb2a2e3c7e52e3ed5809e3b74c06f00be58b
- SHA512
  
  4f5f56988b7fb86571c7eb6ecf6f5b3ebeace0ec9c4044300bef4d4ec3786a21d2feae6d9803e0bf53722e36f00186c16c3d5e22defd7dd4fe9173e9e3af6108
- SSDEEP
  
  1536:VuFXeYoVXNHvZHKoCEnK8iGYsz89MNrIapQy//hNRkPxVrJGUBZaX0/bMlm9doQL:VUX03KPkK8HFR//X63ZaX0/bMlm9dB3
Score

1^/10
behavioral23 behavioral24
- Target
  
  Newtonsoft.Json.dll
- Size
  
  695KB
- MD5
  
  195ffb7167db3219b217c4fd439eedd6
- SHA1
  
  1e76e6099570ede620b76ed47cf8d03a936d49f8
- SHA256
  
  e1e27af7b07eeedf5ce71a9255f0422816a6fc5849a483c6714e1b472044fa9d
- SHA512
  
  56eb7f070929b239642dab729537dde2c2287bdb852ad9e80b5358c74b14bc2b2dded910d0e3b6304ea27eb587e5f19db0a92e1cbae6a70fb20b4ef05057e4ac
- SSDEEP
  
  12288:GBja5bBvR8Q0TE2HB0WLmvXbsVG1Gw03RzxNHgKhwFBkjSHXP36RMGy1NqTUO:GBjk38WuBcAbwoA/BkjSHXP36RMG/
Score

1^/10
behavioral25 behavioral26
- Target
  
  SuperSocket.Common.dll
- Size
  
  39KB
- MD5
  
  11253e8b535e08dcbadfda1299ab0375
- SHA1
  
  c858cf2d7505611dffe415c4c3ffb90236e54e2b
- SHA256
  
  0037692d42fedaf185cb975fe260cba4f07cdb96f6d4271ac25165e0c3aad561
- SHA512
  
  7b8aca90f33d7baddb53d7c10ab81286fdbe1f76b1dbb489ee6fd375076b200b85d88639d2b30621b92ef65cc9c6743719c690c5a858bc94d0133fd4931a6e6d
- SSDEEP
  
  768:5dE2GlppKE/qnHBxx985qkuzI0+STV5gqw2qwBo724D3SV00LmlA:5i2g+HD6qkcI0tV5e2qwBo7ZjlA
Score

1^/10
behavioral27 behavioral28
- Target
  
  SuperSocket.Dlr.dll
- Size
  
  15KB
- MD5
  
  035c74a55831987e28a6b71bc2c8e9aa
- SHA1
  
  3209d35a85302cd5d23985c8221526d267e288df
- SHA256
  
  dbf84d1d22d600e3aa65c53c9007793312c207aacca3255e5174e72289e14f1e
- SHA512
  
  01c086840173b7775f950988732163bd92c5aeea15da2c2e3c25c181ddd975b2813111ef1e9265bd9af22161d43e8989aa583fcf9f2da34cba66fe930c8a04f5
- SSDEEP
  
  384:i6ndgvNVTWkY00bYq9OX3sWN5GkGXfGByve04HZzK:isdgvNVy22e5zK
Score

1^/10
behavioral29 behavioral30
- Target
  
  SuperSocket.Facility.dll
- Size
  
  18KB
- MD5
  
  42815fc862ca88b81e7be74a19b23398
- SHA1
  
  b7be4507488bbc673399a92f92a5887040c9c3f6
- SHA256
  
  ae4c8d740ed8b153f9e404d718a01474b790a10e1013bb9ce0d065f599ab1380
- SHA512
  
  75074d77612fb7aa36766fd2b6734021e8266016f5de881cdb871da39112040da4e63f8d32e13d73e5e86931f1f7c059bb3e6adabef1f39dc0795e7c1bd04d1b
- SSDEEP
  
  384:vY9LrfBnZlhtkjPVL8lXRY+IKKOl98mlpCvi87M25bQkicvaCH4o5cYehuQN:+rJnjQLyCvv7H5bQkino4vYmN
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32