64f1e2cddd0c82d87e95ba91cc9971db3653fb22bc1aa094934731e28bceb125

Sharing

Copy URL

Twitter E-mail

General

Target

Blockbench_4.10.4_portable.exe
Size

71.5MB
Sample

240802-x2xk8awgnn
MD5

496df4b1f7a07dc4fd04a8a4314ade96
SHA1

33f9c2741d0059d9e00e7c2d712b335171c47514
SHA256

64f1e2cddd0c82d87e95ba91cc9971db3653fb22bc1aa094934731e28bceb125
SHA512

0c438b067cff8b86eeb527b254402533dbccd391bc8255b8255cc7d30cf7fa1f0489123f9115469106e0919b2c9a3168d2b27e03977e828b4955755744744a63
SSDEEP

1572864:DUmwDpaAd8sy+sSqmRbNbz2VaXzoeggUt8QTpA2cqYd3ZGZQARZ5T7W:QdD9Fy+sSqmzn2Va8HgU+0G9LcJT6

Score

5^/10

discovery execution

Malware Config

Targets

- Target
  
  Blockbench_4.10.4_portable.exe
- Size
  
  71.5MB
- MD5
  
  496df4b1f7a07dc4fd04a8a4314ade96
- SHA1
  
  33f9c2741d0059d9e00e7c2d712b335171c47514
- SHA256
  
  64f1e2cddd0c82d87e95ba91cc9971db3653fb22bc1aa094934731e28bceb125
- SHA512
  
  0c438b067cff8b86eeb527b254402533dbccd391bc8255b8255cc7d30cf7fa1f0489123f9115469106e0919b2c9a3168d2b27e03977e828b4955755744744a63
- SSDEEP
  
  1572864:DUmwDpaAd8sy+sSqmRbNbz2VaXzoeggUt8QTpA2cqYd3ZGZQARZ5T7W:QdD9Fy+sSqmzn2Va8HgU+0G9LcJT6
Score

5^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1
- Target
  
  $PLUGINSDIR/StdUtils.dll
- Size
  
  100KB
- MD5
  
  c6a6e03f77c313b267498515488c5740
- SHA1
  
  3d49fc2784b9450962ed6b82b46e9c3c957d7c15
- SHA256
  
  b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e
- SHA512
  
  9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803
- SSDEEP
  
  3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v
Score

3^/10

discovery
behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  0d7ad4f45dc6f5aa87f606d0331c6901
- SHA1
  
  48df0911f0484cbe2a8cdd5362140b63c41ee457
- SHA256
  
  3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca
- SHA512
  
  c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9
- SSDEEP
  
  192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6
Score

3^/10

discovery
behavioral3
- Target
  
  Blockbench.exe
- Size
  
  169.1MB
- MD5
  
  6359a7457503b32a74d50cf6f4607900
- SHA1
  
  94f63debed23d5f910994c6c0f318a2f140afd05
- SHA256
  
  3b5ca2d745228cf592eeb7c277c5d59f08fc655655584345d7f24a7bf5e1e6b4
- SHA512
  
  0ac7be6375fc6334660886034df7c64f6be46a427779b3aa322983641ebd496f6e360351dc9c94464b0b13ca6f53deed440ed04317cd140bc825bcc538516a70
- SSDEEP
  
  1572864:hKrstWwz6PqazPK3qyBcr35JBNLDD/FaCA7pmLMzCOtoAJnn/N0wIbyraIjR:DW0qr26byra
Score

5^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral4
- Target
  
  LICENSES.chromium.html
- Size
  
  9.8MB
- MD5
  
  b620990ddbd932d6475152e5a833860e
- SHA1
  
  70de0b3d7ffa77900f685c1788b32997a61ec386
- SHA256
  
  921452a09f92f10da4cfef0521acd6ee6c689c630661ed35189e793de2c99fc5
- SHA512
  
  ba84b5e6281dd64d5da41d0db35942b6c0b1ee6b47d24dedd5006be40b2d22d90f58dc653e17893347900fb1bfcd37b0f2fff5b532175ccacc3b63d98fe42ac7
- SSDEEP
  
  24576:K+QQM6Ms6x5d1n+wRhXe1BmfEl6k6T6W6b6f6V6GeGj/3BIpx:LUcBeGdY
Score

3^/10

discovery
behavioral5
- Target
  
  d3dcompiler_47.dll
- Size
  
  4.7MB
- MD5
  
  a7b7470c347f84365ffe1b2072b4f95c
- SHA1
  
  57a96f6fb326ba65b7f7016242132b3f9464c7a3
- SHA256
  
  af7b99be1b8770c0e4d18e43b04e81d11bdeb667fa6b07ade7a88f4c5676bf9a
- SHA512
  
  83391a219631f750499fd9642d59ec80fb377c378997b302d10762e83325551bb97c1086b181fff0521b1ca933e518eab71a44a3578a23691f215ebb1dce463d
- SSDEEP
  
  49152:hCZnRO4XyM53Rkq4ypQqdoRpmruVNYvkaRwvdiD0N+YEzI4og/RfzHLeHTRhFRN1:oG2QCwmHjnog/pzHAo/Ayc
Score

1^/10
behavioral6
- Target
  
  ffmpeg.dll
- Size
  
  2.6MB
- MD5
  
  d58b365e329560098328860fe4f34507
- SHA1
  
  4ddac44fac5fbadc47ae7dfde2fdf76241e1b691
- SHA256
  
  dd42cbda8d0e5a001c44b2113c9cb133ccc41e1c039a4d4adf9379ee5e657d57
- SHA512
  
  8fb31668d684cfa251fe42f8a12e953345e496f4bd15eac6175b91e092014c385f923b96e1b4210b68602a5dc876d382aa93e6657e0a4426a8be7ae3fec771da
- SSDEEP
  
  49152:rC8lp7/1UNZrhOP9YJQHUOWwGen6yfW0OfShPdb5x:EhOVYJiUOWwQaPB
Score

1^/10
behavioral7
- Target
  
  libEGL.dll
- Size
  
  469KB
- MD5
  
  45dffa2e9952dd2a16d469f18a537fcc
- SHA1
  
  505c6aedad53ddb0aa4cfb67db52f002451af744
- SHA256
  
  43a699c4755587ae83367c3e68c3887b7ba5ea0dbca35b097ce83be0b9b9b778
- SHA512
  
  61be64013aa295aa732b954b45f61105924a75928f260ddc6cb2e95bf36bd9e724523775b58f5922820e953b56d2a40c41e1f677b30561515193ed12dc7604a1
- SSDEEP
  
  6144:RmfOX/zRR8yWTDLMoqbAIbqkpXy0/KQPJrIJAG:cczRSyWTDY6IlpXy0/3h2H
Score

1^/10
behavioral8
- Target
  
  libGLESv2.dll
- Size
  
  7.6MB
- MD5
  
  12b856d52c4fa5ef56d3c45659494995
- SHA1
  
  4508c0b4945803fa692263b3f7618b3717fd970b
- SHA256
  
  6d291deea8d51c56df9b62770fb8a9945581c033495e6d906b43aafa6e059db4
- SHA512
  
  5f7b19e7bc12024a96ca441e908ee8950a0a858f10983e0e9590e3acba6a1246edf4ed3b7e2792a27e0794228613759e45188a3c422344eda09c0a9cdcb8981a
- SSDEEP
  
  98304:4laVNd6hP9OPvwfWm6sGnoDgCXm3o7KXs:jClGwpvGngCuK
Score

1^/10
behavioral9
- Target
  
  resources/app.asar.unpacked/node_modules/electron-color-picker/library/darwin/ColorPicker
- Size
  
  185KB
- MD5
  
  5e35d377794221cd4e1b38584624aa4e
- SHA1
  
  640e94cad0c164cc2b34851336f8089d1d2b4aa5
- SHA256
  
  7d1289cab98403b9b6b490bcd969a455cdfe9a6d0f0cc82409c0ed35da6a0f75
- SHA512
  
  6e901c69676052cd0e2bef8ff22ef78d92c6523861466fc55e9e1c6097570bdbc58c30bb10e0379a74ed784cf72e236f82fb54a1b33d09a93641692b46955f03
- SSDEEP
  
  3072:ZsoH7CbTKK6rBJ06x0o9pSCl92XcFv1OrAaxrvUmlyWxTGTjITHjYTLylSVJTGTS:xOo0aQCycF9OAapUmlyia0ULylSraSio
Score

1^/10
behavioral10
- Target
  
  resources/app.asar.unpacked/node_modules/electron-color-picker/library/darwin/darwinMainBundleIdHack.js
- Size
  
  939B
- MD5
  
  4c81b181a9d08ed7926a33dac47e8ae4
- SHA1
  
  6efd5ccbbd9755832e451d9551d1371d56c0a01c
- SHA256
  
  534be9d9b972bbbe2039014645622a2016ed91fbad367bf71d501f217cf9cb7b
- SHA512
  
  9f30ed52fbc533ee60d99496741f837a657ad46145cd0484aa8393ddf86adb7fded6356be02d400a36c15e31fd6acfede8b798104efdea0b32e1b8e220aae637
Score

3^/10

execution
behavioral11
- Target
  
  resources/app.asar.unpacked/node_modules/electron-color-picker/library/darwin/index.js
- Size
  
  978B
- MD5
  
  fa8a72d3c200b8a1d35aa0f899c96fff
- SHA1
  
  6faf257b03d8d6e62ad76d96d69a652223115dbf
- SHA256
  
  80d1641de5178ec17773f42fba0d9690f4b10b9d5f2243ca9607b3ce4bc3e4d7
- SHA512
  
  8a1c13a12520a8f3b94a52e14196964d9c7c4337e86c2f404603ae08e134e65ea84241ea7006c08db132c9e8db1dca12d8b258f5d0ed4ec8a3f423b5c403c0b2
Score

3^/10

execution
behavioral12
- Target
  
  resources/app.asar.unpacked/node_modules/electron-color-picker/library/index.js
- Size
  
  928B
- MD5
  
  b47b6275f2c2e92fdcd92da075ea95f7
- SHA1
  
  dfc5948e5313f5f57e39b9ca68153322d2a5e942
- SHA256
  
  4d796dff507a477ebfc56b6442f41a357690e1f4af5294d1c446a0e975a30370
- SHA512
  
  ae8d144aeebc50f9d9215361f467b78f420ca6052728ea1726a065a3c6de5230704874b2c0be1121b7f9864e4607122115d8e0a0491354479466764fce602e7c
Score

3^/10

execution
behavioral13
- Target
  
  resources/app.asar.unpacked/node_modules/electron-color-picker/library/linux/index.js
- Size
  
  1KB
- MD5
  
  7b874e3e643065f198ba99785247e690
- SHA1
  
  d18dad8c9f04552aaab800f10fe91370072ad680
- SHA256
  
  dfddb700a35883ab2ebfd85501dc5169b902c189dac65fca49a1d3a0fae37112
- SHA512
  
  a5bfbc689d4057cc5a811afef47a31494d9847fe0c8161f55cd965a357348af92b09780501875ca37fd9460cf28d546dc73ccc03913ffea92d12f91c4ca85a4d
Score

3^/10

execution
behavioral14
- Target
  
  resources/app.asar.unpacked/node_modules/electron-color-picker/library/linux/linux-scrot/index.js
- Size
  
  278B
- MD5
  
  c7bc5544b48aaede9bace7ea2101c125
- SHA1
  
  4408babcd808c7609f82fe1aa4255a44537b21b4
- SHA256
  
  80e04224e13e4d08b8c88e576b5864b1c0175f4ef55e86660b3070f28f36df49
- SHA512
  
  da5e083146782e7a2b0278dd94fe9126c7139f5d8bc706c9e781f74ea7f2ee0e3e3517694892ca8b8471fa4b805ce1be341a4cae0e3214afaee09cc2de0eb796
Score

3^/10

execution
behavioral15
- Target
  
  resources/app.asar.unpacked/node_modules/electron-color-picker/library/linux/linux-scrot/scrot
- Size
  
  27KB
- MD5
  
  81ab56cf3fc7cf0e66f4f8f7864843c4
- SHA1
  
  0ae3d7ab62115559f7bd4499c0eacba93e765edc
- SHA256
  
  fac7181d0bfed0592bf486c599a603676d63fa5a398bc4507c684d855e452451
- SHA512
  
  17059bca80a164d82e37ae626e018f271b33cee9c581e6e30504c0f986436bfe1031cac319177b12a1a34cb139923649c9921ca01b69e024d58df3f27c856495
- SSDEEP
  
  384:6mQtqfRIf/bLhBvp6nH4AVj8ELAjA5L3v3aWvV4FE:6mhRIfjLhdYHj8bjA5L3v3am4
Score

1^/10
behavioral16
- Target
  
  resources/app.asar.unpacked/node_modules/electron-color-picker/library/linux/pick-color.html
- Size
  
  985B
- MD5
  
  3107598e7e9129a7be19ced87059488e
- SHA1
  
  341e293ce4e3fdfe2f20db54b62e7902227df424
- SHA256
  
  d159c258889d51976b52a5b5866118ab6b2a91110dc73e50e2a272951e41418b
- SHA512
  
  367aff8895171f6e4007197810c42eb1a9853f0d322d908cefc8938941eaf789f1a4d22f0749995f4c9051a88f38a6d7820e3e802edf885f2193be4486d7adbf
Score

3^/10

discovery
behavioral17
- Target
  
  resources/app.asar.unpacked/node_modules/electron-color-picker/library/linux/pick-color.js
- Size
  
  3KB
- MD5
  
  d2404733f4e3fa4f0ec57f4252126d4b
- SHA1
  
  499b6b22d9fd992d3c7270ea162d1ea4457a7324
- SHA256
  
  6706829bf49c20f5a2267658006cd6cca6f87e7afe7f54b9d10a62cb44449abe
- SHA512
  
  7618730c70ca15f76629d4636f72c68a51dfb5ce640580e3129b31e2f6912e790c1dd3495ea70e32dd41eca65daa8fe6e401f5de65a477402fad8598f8307b20
Score

3^/10

execution
behavioral18
- Target
  
  resources/app.asar.unpacked/node_modules/electron-color-picker/library/win32/index.js
- Size
  
  230B
- MD5
  
  fb017620338f5f13e16c2b6a53815ff4
- SHA1
  
  91e47d5a85f59348bb78197b7871f682394f196e
- SHA256
  
  c90001421bc0729844528153ebe53ac6d43796575beaa1af91f9b5740f3d7db4
- SHA512
  
  fe4f7ed4cbcdd25b94ed3933c30131bfb73e3371fa18606bb3fde5f7b72bbb036aa2c55ade4f397828bf04cefd98c3811c6368ebd3e66a90d9b5c96a5c05d893
Score

3^/10

execution
behavioral19
- Target
  
  resources/app.asar.unpacked/node_modules/electron-color-picker/library/win32/mockingbot-color-picker-ia32.exe
- Size
  
  247KB
- MD5
  
  6089dc6592a07d77b0adad27066bf5b0
- SHA1
  
  e2f939e023a3f3e75c291d2f992f819278cc4913
- SHA256
  
  a3bacb9d95ad1c3846016737ec5ba80b14544c8ff154c904364fd92da285deea
- SHA512
  
  433150a24a71790f597a9a40a35c21053791f94a76f1d85a466b217ef48fa4202b91811aef62018962e8245284104c248b254dc082f56474e59ac62897030ddb
- SSDEEP
  
  6144:PSfPjqZp57cENm2eK7mnoUSgpAY8ODcDcm7cIskt44F0T6mkk9ABAO2VaTZ0ZOK:PSfPjqjrt44F+L9wzVsO
Score

3^/10

discovery
behavioral20
- Target
  
  resources/elevate.exe
- Size
  
  127KB
- MD5
  
  74a991fb6e5d52619d2b7051af392e89
- SHA1
  
  326a169be499dcfba08e70291d5203ff302d6b6f
- SHA256
  
  8a6f7ccd42c2a6110515f172450b3d324d6727367017fe9734b92c5e9cf6815b
- SHA512
  
  937d67767369acca5d6dd1b164f92d97918ba64d063d9556100338bcb7ced510083a2189759bdb21d5cdac9b39508498658a5e5a9f6c0fd1af74b5e973164c81
- SSDEEP
  
  3072:ZtbLnrwQoRDtdMMgSXiFJWcIgUVCfRjV/GrWlzZJZ2f:7PrwRhte1XsE1lzZJZ2f
Score

3^/10

discovery
behavioral21
- Target
  
  vk_swiftshader.dll
- Size
  
  5.1MB
- MD5
  
  58a2d80f6b4745bc89ab1c23ca5d0217
- SHA1
  
  8e09ddf7a2e914af80e610a75f8da181c5559325
- SHA256
  
  f3f1f083e6478efde3ff702ba556aecab26e7b862971b2691eee3aeb44937d18
- SHA512
  
  5fa448859483522793c802bedc21ee02ec2b797e700f4f1c27539c78dbe4c7be2fbf5b391a477af4a7ae37f275b5e062ebef70e971a180837576fa14b752f5de
- SSDEEP
  
  49152:UoaTaX1+4J7dN1uB/t4ABL5V1v+3+mFcpZBqtpM5KZwFlox0ikAiJb1XQGBliYDW:GeX1+qULMSx17nb24
Score

1^/10
behavioral22
- Target
  
  vulkan-1.dll
- Size
  
  935KB
- MD5
  
  f1b1c045e7dd29b1431a9354406b4dc2
- SHA1
  
  8237b0e2a959972f191f606e5f78a6ece3b28dfa
- SHA256
  
  1a09902ca051e1e11aede9832bd1103228fc2ce3381391f01b12956a7216750b
- SHA512
  
  8964769f906bb0101473324c2b1c6ea708533c76583045ad8975f3e027465c16e8f96aea09c4fa76f37cf49e2aaea9a63f6d4b61d5a28b7f4eb22bd36f9fb77e
- SSDEEP
  
  24576:P7t2bkeR6V9+8T28zEQ6Z5W1DYsHq6g3P0zAk7mN4b:PYAeR6VY868zEQ6Z5W1DYsHq6g3P0zAI
Score

1^/10
behavioral23
- Target
  
  $PLUGINSDIR/nsis7z.dll
- Size
  
  424KB
- MD5
  
  80e44ce4895304c6a3a831310fbf8cd0
- SHA1
  
  36bd49ae21c460be5753a904b4501f1abca53508
- SHA256
  
  b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592
- SHA512
  
  c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df
- SSDEEP
  
  6144:aUWQQ5O3fz0NG3ucDaEUTWfk+ZA0NrCL/k+uyoyBOX1okfW7w+Pfzqibckl:an5QEG39fPAkrE4yrBOXDfaNbck
Score

3^/10

discovery
behavioral24

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24