96a126e677b6d6f51b7d1407aa159b04e31d6dcf8b9d9dda49d0f00976e872ef

Sharing

Copy URL

Twitter E-mail

General

Target

EqualizerAPO64-1.3.2.exe
Size

8.3MB
Sample

240802-p3pyrswhrm
MD5

e70f8f0ca12897cdabefe6f792eca86e
SHA1

507678c52a3f822d109b19089f0129df5e8f0af1
SHA256

96a126e677b6d6f51b7d1407aa159b04e31d6dcf8b9d9dda49d0f00976e872ef
SHA512

09b75a3d8d8bc13bc98e536d6469e0784895f1034264555c42cdcbe6b136af97d5c70ed624330483915c3a826a15ed49a6699d2d1e566181889bc2cd1df03dfd
SSDEEP

196608:DS/JNM5oABvx6GIkIuyXa2KVyryjo7IntoQr1ufNlD:uNcHx6GIkwk081Ul5

Score

7^/10

Malware Config

Targets

- Target
  
  EqualizerAPO64-1.3.2.exe
- Size
  
  8.3MB
- MD5
  
  e70f8f0ca12897cdabefe6f792eca86e
- SHA1
  
  507678c52a3f822d109b19089f0129df5e8f0af1
- SHA256
  
  96a126e677b6d6f51b7d1407aa159b04e31d6dcf8b9d9dda49d0f00976e872ef
- SHA512
  
  09b75a3d8d8bc13bc98e536d6469e0784895f1034264555c42cdcbe6b136af97d5c70ed624330483915c3a826a15ed49a6699d2d1e566181889bc2cd1df03dfd
- SSDEEP
  
  196608:DS/JNM5oABvx6GIkIuyXa2KVyryjo7IntoQr1ufNlD:uNcHx6GIkwk081Ul5
Score

7^/10

discovery
- Loads dropped DLL
behavioral1
- Target
  
  $PLUGINSDIR/AccessControl.dll
- Size
  
  13KB
- MD5
  
  28c87a09fdb49060aa4ab558a2832109
- SHA1
  
  9213a24964cd479eac91d01ad54190f9c11d0c75
- SHA256
  
  933cadcd3a463484bbb3c45077afda0edbb539dfbe988efad79a88cae63bf95f
- SHA512
  
  413b3afe5a3b139a199f2a6954edc055eee3b312c3dffd568cfdbe1f740f07a7c27fbf7b2a0b6e3c3dd6ee358ce96cc1ca821883f055bf63ddebda854384700d
- SSDEEP
  
  192:V26NwF1FF1bl9UsZBpDOjH3RGz47gnrVsybWZeAW4MwNR5yRR4XLLF/NTNIXoslk:T+1bYsZBwWsySZeIBZdP40l
Score

3^/10

discovery
behavioral2
- Target
  
  $PLUGINSDIR/NSISpcre.dll
- Size
  
  164KB
- MD5
  
  bfe060c22b44914e05d3f5367de6c9fe
- SHA1
  
  24c72b0b57b0066a5e8b235104a0502400e44b9a
- SHA256
  
  43041f8540dccbc33268bfbef53037d17170b037f6393e77c21429f303ae828f
- SHA512
  
  ad3a23edd8d62b198e4a2ccf03f6d607dee41fa23fd6f9dfabdc5ee424b5e22a6e00b8a28e50fe177829a2cc25ce05484423e97c682036fc5146e2adf560bc44
- SSDEEP
  
  3072:5YFyk+vtvpoYYPkoYMtXTP5V+4Km//sbJVlseEOb+Y+UT:KFyznYntXL5XKCk9MeEm7
Score

3^/10

discovery
behavioral3
- Target
  
  $PLUGINSDIR/StartMenu.dll
- Size
  
  7KB
- MD5
  
  26836307758e048d1ce0afe754d6a972
- SHA1
  
  23a8f45cf5e2ad78add3c4dd3b3cf15fffced2cc
- SHA256
  
  a6919f5f3b53a9c8c015413babe7a9872491a2583e49bb3c261e60785c3c3534
- SHA512
  
  aaf7cfbb9c6951b65bd377db401617812f1d47960a01ae99164183c642fbd8f1ce08720bc92d26b642da5433b80720dfcd96280a162decf678139966be132746
- SSDEEP
  
  96:IgiqVPb3X8K8Kdr3gEq6nNdMk6Qiw290+q6LDtJ1tk3hhEl7y:IgiqVPgK8K9eIdE9B/t8hg7
Score

3^/10

discovery
behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  fccff8cb7a1067e23fd2e2b63971a8e1
- SHA1
  
  30e2a9e137c1223a78a0f7b0bf96a1c361976d91
- SHA256
  
  6fcea34c8666b06368379c6c402b5321202c11b00889401c743fb96c516c679e
- SHA512
  
  f4335e84e6f8d70e462a22f1c93d2998673a7616c868177cac3e8784a3be1d7d0bb96f2583fa0ed82f4f2b6b8f5d9b33521c279a42e055d80a94b4f3f1791e0c
- SSDEEP
  
  192:xPtkiQJr7V9r3HcU17S8g1w5xzWxy6j2V7i77blbTc4v:g7VpNo8gmOyRsVc4
Score

3^/10

discovery
behavioral5
- Target
  
  $PLUGINSDIR/nsArray.dll
- Size
  
  12KB
- MD5
  
  0917ee492308b691326e6581e8c793c9
- SHA1
  
  ff689c8051ffca7657461ac828bc46e303ab8e59
- SHA256
  
  81745087f193b6fa131189f4b3ee9caa93e9692e408d3955fbcb9a4ec8516e2f
- SHA512
  
  2a4ae4b93b0eac113a0e65f459798466120f1af4605a82a11f9022d790fe0b4f7d368b312f8a073b1dcfe8760e529ea56a5b5d4289321dc9f2fc8a22691b42b5
- SSDEEP
  
  192:L+QMtjhIz23Tv7QpAXXcxwtXexpnGOO81h2xXP:SQ6nDv70AXXcWtXexpnGIhW
Score

3^/10

discovery
behavioral6
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  1c8b2b40c642e8b5a5b3ff102796fb37
- SHA1
  
  3245f55afac50f775eb53fd6d14abb7fe523393d
- SHA256
  
  8780095aa2f49725388cddf00d79a74e85c9c4863b366f55c39c606a5fb8440c
- SHA512
  
  4ff2dc83f640933162ec8818bb1bf3b3be1183264750946a3d949d2e7068ee606277b6c840193ef2b4663952387f07f6ab12c84c4a11cae9a8de7bd4e7971c57
- SSDEEP
  
  96:o2DlD3cd51V1zL7xqEscxM2DjDf3GEst+Nt+jvcx4T8qndYv0PLE:o2p34z/x3sREskpx4dO0PLE
Score

3^/10

discovery
behavioral7
- Target
  
  Benchmark.exe
- Size
  
  597KB
- MD5
  
  fe2996dba5e8050d05893dc7eb1448c7
- SHA1
  
  0b789ea778aefe62ce7fe3070ff3781b1d4616e4
- SHA256
  
  52d18a1195db34f2a4e23287e554162efd9c6da8d380b06a9819d3ba3c24a6cf
- SHA512
  
  5a6913d82c32ed3e9b14ed78a8298e69517d1df6a85e53f867f89742e46eef6040464fe3f36cb3b9862dc72005398fc11e009b94b2721ba2aea9cd35881b41c0
- SSDEEP
  
  12288:OOt3qCbncqbUqafLSUYgQ8mVwWtuMTuw7Ynraw2:OOt3qCbcqMWh614jTV+aw2
Score

1^/10
behavioral8
- Target
  
  Configuration reference (online).url
- Size
  
  167B
- MD5
  
  b8ae8a09625a36105f78272736bf5e3d
- SHA1
  
  51fefd1bb3076c704b8d07186e4580cc940c15f6
- SHA256
  
  0386aba953d745c338636da1acba1941be7a5e18042ba74b63c6c047d17e75a2
- SHA512
  
  ddb257bfdc1223e4cf92c1dc06b643bfa228ac4fcd114e53aeb6303d462594afbcf9b8248d4668c6d8ac626dc36dc5c60e24e3edca6633ed943ba0b8ffe8da22
Score

1^/10
behavioral9
- Target
  
  Configuration tutorial (online).url
- Size
  
  169B
- MD5
  
  1e1d7502498c8afeb73241afc10c629a
- SHA1
  
  e68df70b786feb6927c21a576b8617eefa53e778
- SHA256
  
  f655030c56476500551b41bf2afd2545e728aa8674fd254700beeb0a21f1bb19
- SHA512
  
  59f198dcdc8b180be0a9dc50d83c004dcd1b5ec0013951faa451f64454c620f74da9fa675a98ccae713d69bbb2ff2727c66ce862933878b96d0c2596c9ac5bd2
Score

1^/10
behavioral10
- Target
  
  Configurator.exe
- Size
  
  209KB
- MD5
  
  ba3612cdc39e1a84d48301c19fd8d18a
- SHA1
  
  4f4cec3ea98d0faf5fa0bce8adac1737c4c0cebd
- SHA256
  
  8e51a516783e89fd550082be2bcf10ae6171c6a1cdde6f870bbaf02085e830e5
- SHA512
  
  3c1a3d2ad25dfca83ac6ba56a2ead688c29546c310b98b0ec0461b56c2f9960f7cd65ba316af2f82b39bc8fdce0cc8174408246c7cdf83ede41da7e6c8a5236c
- SSDEEP
  
  3072:1BVXhG6RClO2nh7JViRpCa+uKTb+TbYclCMUrlXTnmMSzdjMvS:18/42nbViSa+usUYFXTnkz
Score

7^/10

persistence privilege_escalation
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
behavioral11
- Target
  
  Editor.exe
- Size
  
  1.4MB
- MD5
  
  25f1266a44e621702190a8edbb52dc8e
- SHA1
  
  d33fd63379ad05e00822eb3e02e0524cb2837715
- SHA256
  
  69354ef5071cab321430fd0cb2c3724f126ca45613af6b84056da1399119cb50
- SHA512
  
  42672c287bc48244971baeeffb410d6643a0b038f10ec4f112438a30059f9527935cc7146488ba59d41cab8de51b85063caa8ee7c8fb3fe4ee604935cca7754a
- SSDEEP
  
  24576:R0H8j9Y/kjQQsJ+p9VkryvE9MF7GiZEcpkeH6wW3v7Z3aj:GgE8vswV1vE9MFxpkeVIZ
Score

1^/10
behavioral12
- Target
  
  EqualizerAPO.dll
- Size
  
  599KB
- MD5
  
  83a561caaff42103c1a5b3010f6c42c1
- SHA1
  
  cf611472169125ac8cc1a5811a5d5186633b2a36
- SHA256
  
  d403076a0e3ea500e83228bb8390aea052ee5bb5eeec40ace96b7537bc5e8744
- SHA512
  
  142f30206ec36a4897641bd3dd5e7253cdaa6d107f53ebcc787617e3d949c9e70ba91a9035743a619ea7ed09c12694626d946f72ec1d270e83dab50cd49379a5
- SSDEEP
  
  12288:ntffJWs//v9oNPupTvTzkeRo8FATDDpTiaNhTk:ntffJx//A2r/VFATZTiaN6
Score

7^/10

persistence privilege_escalation
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
behavioral13
- Target
  
  Qt5Core.dll
- Size
  
  5.7MB
- MD5
  
  2f187bf96f7900698d8be13f55b295c9
- SHA1
  
  8fda0e7b9e9d5eff146477f47c7e0fcc9c18d24e
- SHA256
  
  872a148e5fecf7df77231f68ad10d739cfc7c06cc2c04666b641529750dde991
- SHA512
  
  f78d34aa2ee638025b7dd9fb14cb6f275bbeb9225915954b0c0d50dd7c59dd19841fffabd3de879c4b8e5b6ef4892a25a9558773e4b98b73d52af2d43ccfce38
- SSDEEP
  
  98304:Fh2mYpTb+mDZZKQkJsv6tWKFdu9C2idxqf/gw:z2mYpTb+mDbhkJsv6tWKFdu9C2Mxqf/F
Score

1^/10
behavioral14
- Target
  
  Qt5Gui.dll
- Size
  
  4.6MB
- MD5
  
  a3fc193d4728d499b5861e6ff5cabcae
- SHA1
  
  b4f740c0efad050a53c502ef8d461f6440ea8002
- SHA256
  
  01d9d649c1722e117fda8b53862685cd656eb30d7e8adebc182b41374ad17413
- SHA512
  
  0cf6dedf148af91a6f1ee2af96c47824bdcdbef584bbb4e07f0644cf9fec8f79f2210ff61f2a49e561df98804db794fc6a5b20318277fc987b86b785e1033363
- SSDEEP
  
  49152:rcMX8P+SgcN6Vk+KeIoRg0gnPe992o2sfjgklTAKMLYFOo1DNTjMR2dK+Re+uR1C:BX8G6LT0mKzDDhe1TkGmwEo
Score

1^/10
behavioral15
- Target
  
  Qt5Widgets.dll
- Size
  
  5.2MB
- MD5
  
  3f28d40bad8a94509bbb74a4f07fee39
- SHA1
  
  a8fb80d903f26d61d7e051b7121d9e2e3e9b15b9
- SHA256
  
  8c1a14249d80d80945ce96c93b43057d0450ea03954d9e27631a462a321d6fb4
- SHA512
  
  4bd9462b22c4ff804942e0c1850cd8e0acac99db59f55d14abb33294134acb69ed0ac7a9120637d8d5e378721b0257c733e16abbc549e2b35282a10ab6142578
- SSDEEP
  
  49152:LcGpAdfzkkaEKZ8mipdOCxq34dhH7xXHSbRIlBTRQbuJiksO4FoWVKEGjJVNazKt:QLJdxtV4Qa+iksO4FoWVEH2S
Score

1^/10
behavioral16
- Target
  
  Uninstall.exe
- Size
  
  67KB
- MD5
  
  61949f12dcf93fd468738b693a46d600
- SHA1
  
  4279e7eb250d1453be809341458244271b6f9d62
- SHA256
  
  761cd3d5d2a348fff336ec07e2ca05548b37b812afa5f2bf78b14626ea034924
- SHA512
  
  f2efd4618742c89023ba086917ee6f84f23262a12c16ba37aeaf43e2f1492389a9ae1098e7eea54c2098cffef22153b593eb11dc40c3c8ffcc0c6268a442137e
- SSDEEP
  
  1536:UErU9XLGOA9yMHI7jsOzDcpgdLeAyN4P+TYquXJ5pse:UEre7GjyCaFvcpceA70Yq6Ge
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral17
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  fccff8cb7a1067e23fd2e2b63971a8e1
- SHA1
  
  30e2a9e137c1223a78a0f7b0bf96a1c361976d91
- SHA256
  
  6fcea34c8666b06368379c6c402b5321202c11b00889401c743fb96c516c679e
- SHA512
  
  f4335e84e6f8d70e462a22f1c93d2998673a7616c868177cac3e8784a3be1d7d0bb96f2583fa0ed82f4f2b6b8f5d9b33521c279a42e055d80a94b4f3f1791e0c
- SSDEEP
  
  192:xPtkiQJr7V9r3HcU17S8g1w5xzWxy6j2V7i77blbTc4v:g7VpNo8gmOyRsVc4
Score

3^/10

discovery
behavioral18
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  1c8b2b40c642e8b5a5b3ff102796fb37
- SHA1
  
  3245f55afac50f775eb53fd6d14abb7fe523393d
- SHA256
  
  8780095aa2f49725388cddf00d79a74e85c9c4863b366f55c39c606a5fb8440c
- SHA512
  
  4ff2dc83f640933162ec8818bb1bf3b3be1183264750946a3d949d2e7068ee606277b6c840193ef2b4663952387f07f6ab12c84c4a11cae9a8de7bd4e7971c57
- SSDEEP
  
  96:o2DlD3cd51V1zL7xqEscxM2DjDf3GEst+Nt+jvcx4T8qndYv0PLE:o2p34z/x3sREskpx4dO0PLE
Score

3^/10

discovery
behavioral19
- Target
  
  VoicemeeterClient.exe
- Size
  
  529KB
- MD5
  
  02ff40fa4bf4cefac9c7781eeeed79d9
- SHA1
  
  31119dea1ac5949083ec3e5f6d6d09f6962eb4a3
- SHA256
  
  51653d1fe35cc76a6753abd686ec9b1123ce1576fd63db4ed828a31d606ecac7
- SHA512
  
  45cafd426bb6ae3fb52d93ad0d0922ceefc8f5dc7bb535f4ffd239730bfb7dcee7ef606714c83524a33d24dcf0be523aac403a46f4fc262c856f1c7bde35222a
- SSDEEP
  
  6144:5vaNHJSlM8rtbvlgXJxg/Ziv847GUi4pgn/tiagdCN2Si6FQ9EWah4HZb:5SNpSlM8JlgXJxm4D7+2FcU195ah
Score

1^/10
behavioral20
- Target
  
  libfftw3f-3.dll
- Size
  
  2.6MB
- MD5
  
  9bc1a19ef7fafb31b43a964895ed9dcb
- SHA1
  
  4e9eccb805eb876177a6b3a42f912ac52e9f20d2
- SHA256
  
  42ca18fff35dd12890e04478bc990005b3969cb744f6843976bd436ccd7f0a4c
- SHA512
  
  72c5bc879c8869f0d3c00dc32f9187b267969948e5b578ac1a86af8c83d7126297eb9a7958d6da156a5f348aaca60bee0822c5416c17240cc8850dc2cadc2d8e
- SSDEEP
  
  49152:ZbVolI4xMje7CLVUnHQl1Wv+sKwh14RT9Z04TMzYr1ZBXwD2idL:3o+0ae7GQ+5XZidL
Score

1^/10
behavioral21
- Target
  
  libsndfile-1.dll
- Size
  
  1.7MB
- MD5
  
  ab078f3f6241fddfd39637d7b9358834
- SHA1
  
  c895b2555e99a34bed57ecaa328c56bda4481b3b
- SHA256
  
  740dc79589813c83f5a6b8ea214b5c1031041881b4dc96703e295a7c04d09f5b
- SHA512
  
  f5646ce0255ae551308c6861447c39deade07f775ff33526bdc58e22a90132cae86ac44767b2b83c07633f54f8b516e06e2efdce75de98d9a0fa530d6e581d78
- SSDEEP
  
  49152:gmYf13JE1o6kK5eQnahfzNqTBboLTfKIK15sRcRcQQQkixzjYz:gNJELapfJq6b
Score

1^/10
behavioral22
- Target
  
  msvcp140.dll
- Size
  
  552KB
- MD5
  
  111e00ce3412a863ddf3db65f237d62b
- SHA1
  
  58503f051d650d0d95ea36515682afce18f504af
- SHA256
  
  256492fbbcf3dc63987318f83e5f49eaacdbb6a9a5be54e403f0ddb437582881
- SHA512
  
  d586b8c2ee928aeed5e1e9f771dea24d209e09a47c8e84821ad0a5976e5fa16b77a04294100555f553aea85c5acdcfe49ad3aff6f645b5618fa8f482fcdb959b
- SSDEEP
  
  12288:F/Wn7JnU0QUgqtLe1fqSKnqEXG6IOaaal7wC/QaDWxncycIW6zNyVQEKZm+jWodm:ZN59IW6zN+QEKZm+jWodEEY
Score

1^/10
behavioral23
- Target
  
  msvcp140_1.dll
- Size
  
  23KB
- MD5
  
  6d0a35401a239a046dc2a43777b01a30
- SHA1
  
  0d7070f9abaa911f636cad4f0d5bf8a3445a9e6e
- SHA256
  
  2c03cf78553689ca0523a3ef7c3161939b8f4a2fe246d9e90efa9cfef95c59a7
- SHA512
  
  9554ffb6d87aa25bc80bc56ddc46a5f310fe0cdbd4dd1ba412c58c4f103be55bd96dc76652c39865f662118df5853fc3d2886a7c02b4e156eb31d5abd7f1cc59
- SSDEEP
  
  384:IXt9apR9zFzN2WWcZ5gWc/14gHRN7eDH24rlGs8:IXK79zFzEqQeT6
Score

1^/10
behavioral24
- Target
  
  qt/imageformats/qgif.dll
- Size
  
  31KB
- MD5
  
  8df7ff21ccea87671bbb1ae6f4e0e0ec
- SHA1
  
  33f4a4cc933327b0e48f4d86096df1f91b19a054
- SHA256
  
  ae6f99e0f508cfdb18d1d764ca0b1f361ca6661318fd606f9e5477150be63099
- SHA512
  
  1a25a62f5c8352d05eba8da7616c88e14b5a632ff1bd835403d251e77d0e023362ae6e260cdd179bfbef7d0cfb0f465175cc569f530264f8307f962d4cafe1a1
- SSDEEP
  
  384:QBegQG0lWxUwIos5k3XjMzvb9gFNRysTAXRiRDPyQzii6ly/3klR24YZ+DlTUnh:16UwIBk3XjevqF8XqWO/ERYZYVUnh
Score

1^/10
behavioral25
- Target
  
  qt/imageformats/qico.dll
- Size
  
  30KB
- MD5
  
  eae48c828b2b5c283b8aafcd03d85e50
- SHA1
  
  3e328ab039221615a47df9907931913182973a27
- SHA256
  
  0c37d215dc0c96577d75f8583f5a9b958287223425133b57cf69eec1abedf807
- SHA512
  
  6635c8c3e026ff0dc4980a9ac3106aac3ed9e45893807e9cb6a4f15b4299ea4798e52f84aee82b3268999d4370e3564c8b3ff5a62768893e99c3e5c08d470431
- SSDEEP
  
  384:uAaeIzlOfViBouEqWrWDHK0kSBzlNjiw1YSDSfBEV+JioO2MTruCWXLCns:uBXBOfQouMrWFkKxiwX6tJipTrxns
Score

1^/10
behavioral26
- Target
  
  qt/imageformats/qjpeg.dll
- Size
  
  404KB
- MD5
  
  c5c6a195948b0a3f5682c7395901a2ae
- SHA1
  
  f795dae366cf750b2a52b4f6f4a1aecefede25e7
- SHA256
  
  d05902d39d5c773f016e858a6469796efec763c445779aa6131af851bfd39219
- SHA512
  
  5a0eecbb38bb21742ab55064d6d77fe18b54e6d86c406528ccf86f5b568a721ec730971e1fd6df32a83b6380a20f94b5c27b22d7319529f4ec18b10415a5476c
- SSDEEP
  
  6144:fKTN351qcwMW3Kih6XQ1/6jvmG0yOtxhf8dl24whkhne7kh:Sods86jIe6g
Score

1^/10
behavioral27
- Target
  
  qt/platforms/qwindows.dll
- Size
  
  1.3MB
- MD5
  
  679334394f9787e7d59f1589055738f4
- SHA1
  
  b34039f64d039cee7f0420d6f0be0d415e42b8ec
- SHA256
  
  af7ba939552780e0e19b23fe52a6b033037d403254f2e4acdbc9bb8ad07d963b
- SHA512
  
  735d1df3528c09e7c45439fabd94ac9ac6ff7c048cab7d9bd02fe9c517ee086a2ff8041163d8335ae8dde4bc62801ed84e8aee10e066814330d4b414e0b420ca
- SSDEEP
  
  24576:Xy6OLvfihuIXRaVoJl4vPTH8GO4j+kMC8Q/rf+ZPoS:XsLvfi0+RaVoJ+bH834wCxDb
Score

1^/10
behavioral28
- Target
  
  qt/styles/qwindowsvistastyle.dll
- Size
  
  134KB
- MD5
  
  b6533bea23d009cff36463a83b201d82
- SHA1
  
  99ac78f851bfc624ff5e391238c9ef554c4725d8
- SHA256
  
  8e574dc1db89d0e354b59ba2d56113e95d512449778edffa351bcf200b188d70
- SHA512
  
  7da3b6f43d9133ba75b528bce05164187e002bbc6de67dda1563e23680b30d9a256a973899e300c55cf48e9046c9b346054072b7f7f5025bac6f7a288b509d8d
- SSDEEP
  
  3072:gCXE/HJPvLaGzm72qVswREkpU6wUV9L/IiwtT0NFv87:hi1zgb79L/IiwtT0NFv
Score

1^/10
behavioral29
- Target
  
  vcruntime140.dll
- Size
  
  94KB
- MD5
  
  5797d2a762227f35cdd581ec648693a8
- SHA1
  
  e587b804db5e95833cbd2229af54c755ee0393b9
- SHA256
  
  c51c64dfb7c445ecf0001f69c27e13299ddcfba0780efa72b866a7487b7491c7
- SHA512
  
  5c4de4f65c0338f9a63b853db356175cae15c2ddc6b727f473726d69ee0d07545ac64b313c380548211216ea667caf32c5a0fd86f7abe75fc60086822bc4c92e
- SSDEEP
  
  1536:yOHL+4KsAzAfadZw+1Hcx8uIYNU5U9H0Q8ecbjt1lLN:yOr/Z+jPYNV9H0Q8ecbjt1j
Score

1^/10
behavioral30
- Target
  
  vcruntime140_1.dll
- Size
  
  36KB
- MD5
  
  63c1c3adf9da49ad6ae2e90fcdcb841e
- SHA1
  
  8022c1fb0ab11781cd93d4524b5245a156d219e4
- SHA256
  
  0d719fbe25194e3faa037bd736e07ec9184ab68e521ebbd72c2b13aed89b47a9
- SHA512
  
  36f4bba6a43fef4f0100a3bd40bd1061cf786852e332ef56e365d2d622f99941040e0961137bf8014aef4b3584e7a89ed0b328867412971520c176c0d09a65af
- SSDEEP
  
  384:5qnvMCmWEKhUcSLt5a9k6KrOE5fY/ntz5txWE6Wc+XfJduncS7IOdWrjKWd14gH8:nCm5KhUcwrHY/ntTxT6ov072fDV7aJG
Score

1^/10
behavioral31

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

T1546

Component Object Model Hijacking

T1546.015

Privilege Escalation

Event Triggered Execution

T1546

Component Object Model Hijacking

T1546.015

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Checks computer location settings

Event Triggered Execution: Component Object Model Hijacking

Event Triggered Execution: Component Object Model Hijacking

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31