aa3c568c88329c4dd471492c0db25a6c299b4346562d63e850e3064902d86d69

Sharing

Copy URL

Twitter E-mail

General

Target

PrismLauncher-Windows-MSVC-Setup-8.2.exe
Size

18.1MB
Sample

240803-gcdh2svdmm
MD5

242927c23fc9b6ff5efaa51aaf5eda58
SHA1

53e851f8a136ae29aeb0159d9fa221b5e37a8b4c
SHA256

aa3c568c88329c4dd471492c0db25a6c299b4346562d63e850e3064902d86d69
SHA512

cda01dc9762a02d47829cadb0678fcf0b361d6ce4a9b3ddffa5bb7636487bd16446076274ac5a4ad015cb4d52fff4cccbb49b472ed031616fccc1826b748ce17
SSDEEP

393216:CMU77hg6HfhIjEYqNPPoDlXsLAmCrQ7cAIYE9rpyTXuEz18Tcso:CMUhHfhIgTkX3mwQ7cAo9+Pyo

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  PrismLauncher-Windows-MSVC-Setup-8.2.exe
- Size
  
  18.1MB
- MD5
  
  242927c23fc9b6ff5efaa51aaf5eda58
- SHA1
  
  53e851f8a136ae29aeb0159d9fa221b5e37a8b4c
- SHA256
  
  aa3c568c88329c4dd471492c0db25a6c299b4346562d63e850e3064902d86d69
- SHA512
  
  cda01dc9762a02d47829cadb0678fcf0b361d6ce4a9b3ddffa5bb7636487bd16446076274ac5a4ad015cb4d52fff4cccbb49b472ed031616fccc1826b748ce17
- SSDEEP
  
  393216:CMU77hg6HfhIjEYqNPPoDlXsLAmCrQ7cAIYE9rpyTXuEz18Tcso:CMUhHfhIgTkX3mwQ7cAo9+Pyo
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  4add245d4ba34b04f213409bfe504c07
- SHA1
  
  ef756d6581d70e87d58cc4982e3f4d18e0ea5b09
- SHA256
  
  9111099efe9d5c9b391dc132b2faf0a3851a760d4106d5368e30ac744eb42706
- SHA512
  
  1bd260cabe5ea3cefbbc675162f30092ab157893510f45a1b571489e03ebb2903c55f64f89812754d3fe03c8f10012b8078d1261a7e73ac1f87c82f714bce03d
- SSDEEP
  
  192:VjHcQ0qWTlt7wi5Aj/lM0sEWD/wtYbBjpNQybC7y+XZv0QPi:B/Qlt7wiij/lMRv/9V4bvr
Score

3^/10

discovery
behavioral2
- Target
  
  $PLUGINSDIR/modern-wizard.bmp
- Size
  
  25KB
- MD5
  
  cbe40fd2b1ec96daedc65da172d90022
- SHA1
  
  366c216220aa4329dff6c485fd0e9b0f4f0a7944
- SHA256
  
  3ad2dc318056d0a2024af1804ea741146cfc18cc404649a44610cbf8b2056cf2
- SHA512
  
  62990cb16e37b6b4eff6ab03571c3a82dcaa21a1d393c3cb01d81f62287777fb0b4b27f8852b5fa71bc975feab5baa486d33f2c58660210e115de7e2bd34ea63
- SSDEEP
  
  24:Qwika6aSaaDaVYoG6abuJsnZs5GhI11BayNXPcDrSsUWcSphsWwlEWqCl6aHAX2x:Qoi47a5G8SddzKFIcsOz3Xz
Score

3^/10
behavioral3
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  1d8f01a83ddd259bc339902c1d33c8f1
- SHA1
  
  9f7806af462c94c39e2ec6cc9c7ad05c44eba04e
- SHA256
  
  4b7d17da290f41ebe244827cc295ce7e580da2f7e9f7cc3efc1abc6898e3c9ed
- SHA512
  
  28bf647374b4b500a0f3dbced70c2b256f93940e2b39160512e6e486ac31d1d90945acecef578f61b0a501f27c7106b6ffc3deab2ec3bfb3d9af24c9449a1567
- SSDEEP
  
  96:o4Ev02zUu56FcS817eTaXx85qHFcUcxSgB5PKtAtoniJninnt3DVEB3YsNqkzfFc:o4EvCu5e81785qHFcU0PuAw0uyGIFc
Score

3^/10

discovery
behavioral4
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  7KB
- MD5
  
  b4579bc396ace8cafd9e825ff63fe244
- SHA1
  
  32a87ed28a510e3b3c06a451d1f3d0ba9faf8d9c
- SHA256
  
  01e72332362345c415a7edcb366d6a1b52be9ac6e946fb9da49785c140ba1a4b
- SHA512
  
  3a76e0e259a0ca12275fed922ce6e01bdfd9e33ba85973e80101b8025ef9243f5e32461a113bbcc6aa75e40894bb5d3a42d6b21045517b6b3cf12d76b4cfa36a
- SSDEEP
  
  96:JwzdzBzMDhOZZDbXf5GsWvSv1ckne94SDbYkvML1HT1fUNQaSGYuH0DQ:JTQHDb2vSuOc41ZfUNQZGdHM
Score

3^/10

discovery
behavioral5
- Target
  
  Qt6Core.dll
- Size
  
  6.0MB
- MD5
  
  4b109b08ab6ae8b532ba254722b83a67
- SHA1
  
  59b7477ef8084b6858d44d7a8ebd78f9dd09cba7
- SHA256
  
  b3fe8c06f5ff686eab4a5784a9c36213d341809d982bf81570909fec262907cd
- SHA512
  
  482a7399f541806fc64bbc5924e3e55f24c86713daf959c421a40aa2aa76f256ac790e105eff4f60cd6b4299465a039505406091988de9265279103a296bd47f
- SSDEEP
  
  49152:ry2Gz+89rCG9TDJiPUQbRrEDLVo/9agt5F7r42jfMjYj0Q3b21ckw8eMSDz0QupE:FGzvvE+BCwI2zKFdu9CwJsv6toa/3tV+
Score

1^/10
behavioral6
- Target
  
  Qt6Core5Compat.dll
- Size
  
  851KB
- MD5
  
  b3fe7fde16dea4e4a4b2f5b9d9d04490
- SHA1
  
  010c2c0f4fcf7d01bf0403692d66bbec86a8f3f0
- SHA256
  
  91c5d1788a31e2ae195754b76b00e05bc1ed28042570f78f4de2c34de3d1f9a7
- SHA512
  
  5bd0bd5aeb4428d52d0e1307e125bf047ab90731689b24579972e1d6fef3dc55efd4089c351b4bfd63b12cfe3c9140dbbfa05b3020b9c8381c2bf3b54ae7e6d0
- SSDEEP
  
  12288:CbqiBp2WMX7t4i8ZOOSD5RC940wGBPGE/4717VKIyBDPzHkSDGGJf6bfKgQyR0DO:+eWe7t43veC9UGZG7VeDPTMTfJRi6uc
Score

1^/10
behavioral7
- Target
  
  Qt6Gui.dll
- Size
  
  8.5MB
- MD5
  
  4d427578ce80d21926239bde77859cbc
- SHA1
  
  ac7c9d7b8f2991a34f6368ebc098e369360e30ab
- SHA256
  
  1158536c723cfbcbf24f6f3443b16e42fc5473d8b1309040aa300a03408b5979
- SHA512
  
  4364dd317ebe3f54c33bb9af8e56ba45762882c74b18e336134f2904cb494cd15bbb94dd603e00b3ffb18c67f928dccf87b05feaa208bbd0ccade71d4ca29965
- SSDEEP
  
  98304:fEhGeAcxKT/pR9mRhGHyxy3V+/SVFkTN+DSsv5UkL:fDMapRghGHyWV+/cFkVsl
Score

1^/10
behavioral8
- Target
  
  Qt6Network.dll
- Size
  
  1.4MB
- MD5
  
  4812b1ba9956b935d541628ff79c83b9
- SHA1
  
  d4c98dfbede38472ad486ee5a050c8d0633636bb
- SHA256
  
  f2400ff51c603d8f518f069d90d9b88823192e6cad1695d64083fe26377682ed
- SHA512
  
  02a5ac6c4f78efc06333123395103d3dc282fb9d175ffe3184252f48bf69f5bce382efa9f633ed6a37efd8963faec5e74069273fe632d9cf2ab2338189a0a845
- SSDEEP
  
  12288:pw8ph+nReire/Zf5W/A8dtjFrLr4vXEMc+8yQUU3xNaFz8TjqX:pLj+nRe9/Zf5W/Jtj1kNcYdMaGXC
Score

1^/10
behavioral9
- Target
  
  Qt6Svg.dll
- Size
  
  376KB
- MD5
  
  95d3ccbe447f7bfdb78fe4bf483d7f44
- SHA1
  
  1d840c89a1000ba6fb522b7ff549fb251ee8abf1
- SHA256
  
  4a88dbb02144e4ffe399a5e25ff37454590cc58804f731bf65672c4371ba12d9
- SHA512
  
  e586e9ad0fad20faf2c9e946adcc32559931ac6834039aab3a5b5eb48141ccf52615847ccdd268dea8c08e5000ad5a08e342495eb9b28ee47f0bab5cec2d0881
- SSDEEP
  
  6144:xfmQ9jfqGt5Q5jL7sqSsf5gK817EzxJF210+nkpiFIWffG:xf3ijgQ5gK81qJF0G
Score

1^/10
behavioral10
- Target
  
  Qt6Widgets.dll
- Size
  
  6.2MB
- MD5
  
  c22c19fae4dfb264296ffa339795c37b
- SHA1
  
  38f6d382208081904e8c6c2d0fb09f52b39c388f
- SHA256
  
  9761e3b306d52403f1f190abcb2ccacd01630cfae053457028d9b6e8d91d3adf
- SHA512
  
  1b7ae36117b7c266cdb833e232b9bf90e3fbae0b316f4ed5c5b45de7c81407778cf4df906df34d4339ebb232d0e569125b6f9788f68e78a17f5887d50f51c1fc
- SSDEEP
  
  98304:/PfkAUbOJrZlGDeiUnsG5P1kS39rHaIwei:/PfkAUbGllGDeiUn556S3p6x
Score

1^/10
behavioral11
- Target
  
  Qt6Xml.dll
- Size
  
  151KB
- MD5
  
  2dac5315f7c6850c5de1c033f7b685a7
- SHA1
  
  d79133b56bdaff0677dedf150aee234aa5d800a9
- SHA256
  
  ef1f550bed5d78b417b560a99518d2ca30b6b9b8a1af621fb5421b7d1c01837d
- SHA512
  
  ada63250ba623a2960345406c31adf797b5c29e7715fd789c20948bc0cffa289b3be4d190572608376ce163d5ee2a4dd33ccdf74dfba765fbd0a1ef0067dc09c
- SSDEEP
  
  1536:nw3h1GaAltlF4wgXdYKQfKOxQYifGBWqmF9ys8QzTNE6AgqDixbabYTOj9FE6AgK:O1VAlbEtY7KtYgcmFT8QXCiofvd2KM
Score

1^/10
behavioral12
- Target
  
  iconengines/qsvgicon.dll
- Size
  
  69KB
- MD5
  
  f1a683ba6f78a0c6e2390666d52b35ee
- SHA1
  
  e311e92df3a63b8ccd2fab9e7965f6c66059000e
- SHA256
  
  9469059fecff193e4628847a14b4b6c7e7c4a4d4489f8ea4e1e98b19b9b7229e
- SHA512
  
  0633147d113bab073f83dffb13718f9c9a800ce41dc5a1207ce51c6843e682e603f0c55c25f675ae1fb12e5ac2764a5ea1da8de869cc35ed02f7e93aad001740
- SSDEEP
  
  1536:ezibTbDQn6wcma+mHKT6IQubV5awFpBnxxtyq8IyojRT9WkhgKxngeJ:eObTzq6IQubV5awFpBnxxtyqeojRv+Kl
Score

1^/10
behavioral13
- Target
  
  imageformats/qico.dll
- Size
  
  46KB
- MD5
  
  9e3a5b84ac8917de7fcfb0e346611ac5
- SHA1
  
  5f2d6528d7f40559418f02663a5eb02bf37e2975
- SHA256
  
  a23e5d3ce334a706eb86bb06fe1dcd01a52954611cdc792eaaa4e0afc3a49a91
- SHA512
  
  27095ab7a561151a93f5a2690e202e2594160a21c0e8ae8156ab7a8b4d0b4c73c42bdcb468878867a6f24c00b3d8a2617d4507c6c2447feffe6d0c0fd2887b57
- SSDEEP
  
  768:f0QehXuIBpyp7dJ/+n9zQTR8VyJuFbgKxnVbGYJljnyN7:cZDBp87dJ29zQTR8VyJuFbgKxngeja
Score

1^/10
behavioral14
- Target
  
  imageformats/qjpeg.dll
- Size
  
  552KB
- MD5
  
  74f6e710318bc4874a1c9b229c19f0ba
- SHA1
  
  bab59e9e0cfc4fe8fe81a9e65f407b4a7ad82b98
- SHA256
  
  53d76435beeb8374c7553e6944754a57f1cacb97270db52b3d7144d1b1470a03
- SHA512
  
  9f7ba09d0af791efdce7072dead650ec1e8c13d686a4526366acb38e2628373052da94d461895c2aeadba8c7d3b1da85f98ff56e261e0366e2e7dc1ada39b723
- SSDEEP
  
  6144:yIrdnEH48pRZgGBj+3H2WR8Po8M7Kbm7/1HLh6pkUj01SwbnyEPz/cN4XA11CUBw:jRGZhkUuSeFZ6464gJdPo
Score

1^/10
behavioral15
- Target
  
  imageformats/qsvg.dll
- Size
  
  39KB
- MD5
  
  48d268d4c06134ba2fe044c0d575f3f5
- SHA1
  
  9ba00e57924ce0d346c85dcd4b77ac6f13748def
- SHA256
  
  4d0243ac9ba6aa1b8985176d001d8c508279ab021bedabb9f6555dbb1f417923
- SHA512
  
  eed8bd0436aaae3d6db3cbc62205728954126137933c607d445c66495fc3f4730277bb0f6ee2789a3c33aae10aeadcb1b6082743e9eac043d8c3520afb699a89
- SSDEEP
  
  768:fjnLIUmgd9oP+KUkg+UDqVuMgKxnVbGYJlcNi:AUmgd9yTUkg+UDqVuMgKxngeP
Score

1^/10
behavioral16
- Target
  
  imageformats/qwbmp.dll
- Size
  
  37KB
- MD5
  
  ffadea63b292a4b9c6d098e5a1500969
- SHA1
  
  04b3cb48edb4f5917fc43937f5763854773740ae
- SHA256
  
  97f108d93f5d94efb8c44097be009feed434873d25a598b366e2874dbb126717
- SHA512
  
  59f33ed62ffb41d57c28f8fae627200ed8ce82ca876f7fb5487bae87b90acba02e81e28c872326f74929c5a68cec8cad89e9d13d1a3e7c67a9d04c89454487e8
- SSDEEP
  
  768:DktuZOmR3PXYX2BE75hIyOrH8igKxnVbGYJlj1NvH:9OGPoX2BE75hIyOrH8igKxngejz
Score

1^/10
behavioral17
- Target
  
  imageformats/qwebp.dll
- Size
  
  527KB
- MD5
  
  8f9b6aa0d2ab07e9f01c704617d1655b
- SHA1
  
  57b1abe27a19f7ad8dff18556ac40bffe894628e
- SHA256
  
  a2bcc135d0e45b1051e6bb287156c44bd452680d23653cdb1d7341c0fd0ab39c
- SHA512
  
  3a6cde6a9c8d115882880b253ebea29cdea6736023b3fdd9d6ff569e034528e914614fec51035978ecf92c14be18fe94c0b87cda93dfca526baead958a39805d
- SSDEEP
  
  12288:CzaweeWDsi1cALrLrLrLwc/EMOTmUZxx2EoQ8DRH/:aaZpqALrLrLrLwc/EMOTmex2E2/
Score

1^/10
behavioral18
- Target
  
  jars/JavaCheck.jar
- Size
  
  1KB
- MD5
  
  b7b48051f47b0f34db559d90de94815c
- SHA1
  
  1c663d7bf62ca5e56206426874c39e0179a1bc50
- SHA256
  
  01bfea23e2c9fb63d14c60eac452ffe1426d6265beb0478e4d5b539c0f03da98
- SHA512
  
  7d0d45d523e202dbf236a9fd84241fffec09e7be3a1e40ebff9efe4f8bcd1fa9cde6b843c68a65bf536bfc5b44a6354c8736a67e66d5007223d6bfad7152f752
Score

1^/10
behavioral19
- Target
  
  jars/NewLaunch.jar
- Size
  
  13KB
- MD5
  
  53cc35c5bfd48a9b3e24fa3e4ed08782
- SHA1
  
  b65db5d8bffd2d568febbcdfcffa1d2484fbc478
- SHA256
  
  aaed45f1525c6a7d975499286a3734942ce55bcfbe02af9066c8b2aec65fbf22
- SHA512
  
  40ea51c9cdb9819a3ad14d42d8e80f263f97d4131d4c2332df7ce397d2a8df5caebdb8fd53a328cd2707a8014a6b5989380ff76186e167582d7317e7a75d73aa
- SSDEEP
  
  192:dIWK8KoDNpA0Tr5uKqlT4nlT1qV1ZdXRxXyZjjFufBeGnhXXP/Lf:GWK8/JpAUrTF1a1ZEWBeGxf
Score

1^/10
behavioral20
- Target
  
  jars/NewLaunchLegacy.jar
- Size
  
  23KB
- MD5
  
  b8e412180e698ecb3757a09c134191cc
- SHA1
  
  cb74a42d73f11c05a58d4bbe99666195741a6075
- SHA256
  
  149f50cc64844459322a8da8c62b3b97597d2302deb46a97be0279a8327382b8
- SHA512
  
  727d8b48a34ce083c26ec3b0622a23f0d15f44deea2e19af7d643a390dcd6d6b1ff2e08134d2a87175ca86fdb6436c1eb8ba5072cf52d1f674c779bf53a48cde
- SSDEEP
  
  384:MVVL1jDPUfYnONklSEaxh1jp8Buc6gd9rFXTbHD/8SkWlwP5:MVVP1lGh1j+Gy9RXTjD/8Sk2wP5
Score

1^/10
behavioral21
- Target
  
  platforms/qdirect2d.dll
- Size
  
  939KB
- MD5
  
  a409c1a09f4c2e28736b8ec779d5bb60
- SHA1
  
  9d6802dbc1a64a6db17e3f952230448684c99ecf
- SHA256
  
  7aaedb90f494c3934e3d478abd64163062cdc9b88d6f604c0dec669ae50298df
- SHA512
  
  6f29a9d123d5ae9310ca62b8aeb7fbb9c4a4b7ec7631f32a8ede114ce3ce0cfd2476cab57e0fca575527a0d43e60ad808a6b3780da9fe0285340ce84b1e468dd
- SSDEEP
  
  24576:61sGTMV0hGCjcFjFsNha2e4YTF60EE4ZC1EWK:61sDV0hGCjcFj2NhA60EE4ZCs
Score

1^/10
behavioral22
- Target
  
  platforms/qwindows.dll
- Size
  
  869KB
- MD5
  
  708b9fd13b3f558fea05c5ce9d81f180
- SHA1
  
  fea63d9d89ead4ee00e2c7cc73f3695646a635c9
- SHA256
  
  01a1e86174c7630be10677437343cd8c693ff1fee0787f0cdef67e7a7f9a162a
- SHA512
  
  e6139276c266bca9e9991b1cd25b8da66b50692fc312fb989ee3ce44d99b0fdf3520eaa531bdbfce85d74f01f234b6eb17d06471f211f21509c244522eaaafbb
- SSDEEP
  
  12288:jc4xV8/xnBIuZ96BFUY1r8gNz7eF95y1V19ssbsJj:jc4xSxnBIuZ96BFUer8M7evI1V14Jj
Score

1^/10
behavioral23
- Target
  
  prismlauncher.exe
- Size
  
  9.7MB
- MD5
  
  337e87e1117573b52d7a069a2bec9935
- SHA1
  
  52060abc875a8cb7aa08076b503f2aeaf3dd4d89
- SHA256
  
  6651a644ecbfa74355c25036986efe7ac48002c7d6d54b9ff1eb2db5f7fd8bf3
- SHA512
  
  638312070c05b33c979e95264f07168e494a854068172c414d2066e9dc7fe766a27d9fae7437060cf5d8c25dfd587d7b066d88a09d6dd32f68b8bd2fc88b6aa7
- SSDEEP
  
  98304:zpPOVXkPVGiWnYmryIHDno6TRlUNxOKsgCfVT:z1Gi0h06gxyhVT
Score

1^/10
behavioral24
- Target
  
  prismlauncher_filelink.exe
- Size
  
  98KB
- MD5
  
  f0b20022ed4f917f2d8b25334372a228
- SHA1
  
  c06f6dfbdd77272c4aecc440afee2b80ddd3ff33
- SHA256
  
  c491709dfc8bef51f9f04ed0c67b9ae8f606a4a57ac882f78ec6bd6054a5c4d5
- SHA512
  
  4919882ac25a7bd69fe8a0207353d3d20ab1709996cbbed9b42075442c54a334e224ca41d72576011a53d4f17bc3f684a7cb21cd43fdddfa0b8f3ec8749a7ca9
- SSDEEP
  
  1536:AZlxvqV35IlSNDv0BfI1zH200xVkG+HeC/xdpvW14Tt5h/3Yr:aTyIlSNT0ZIJH2FxVkdHpvP
Score

1^/10
behavioral25
- Target
  
  prismlauncher_updater.exe
- Size
  
  719KB
- MD5
  
  e0bad364bcd82a859df7855d0bac1811
- SHA1
  
  e87fbff416cf3fb667345c5e8ef49abf3bd5da24
- SHA256
  
  da9b8dee843e3448dee6ea5efe045f3bab5f12beea77269f1132de57e2dbbbd9
- SHA512
  
  528143ae7b50d5cad16d6f458f4cf60e639ee30b8c7924fdb33200f48d30a1bb4524927f2cd338f5a48fde636d6db4ed41b2b8c9ff7f977f51404494735961d3
- SSDEEP
  
  12288:lah1mPo7YtzgqXhKRts8BrRDTvXOY71+14K597dn/MopZmH8GV7zv4injV4uL:2wPo7Y9gqRinBrtrjkcjVr
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral26
- Target
  
  qt.conf
- Size
  
  1B
- MD5
  
  7215ee9c7d9dc229d2921a40e899ec5f
- SHA1
  
  b858cb282617fb0956d960215c8e84d1ccf909c6
- SHA256
  
  36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
- SHA512
  
  f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768
Score

3^/10
behavioral27
- Target
  
  qtlogging.ini
- Size
  
  534B
- MD5
  
  4995c4ae4070a861669fd6e997d815be
- SHA1
  
  aa42f6bbab438d303e6e74172eca6a0673239e2d
- SHA256
  
  fa8b3d64121cc915337b69756bd87597f4f557a802a95e953e2dfe33e40a52ff
- SHA512
  
  96a0cee7c45fb86deb02286f6994a7aa1979e69e6e0bd3014a9ed897e6695d2fa586434fc3ea9c083118f1440bfcbacb9d4bba55cbe6ab14fdb92424b31a315e
Score

3^/10
behavioral28
- Target
  
  styles/qwindowsvistastyle.dll
- Size
  
  140KB
- MD5
  
  6c409b308fe4445f959e0df592960903
- SHA1
  
  6f4c938e0e892e478e9bd98a408d40f32dd283bb
- SHA256
  
  b68d5ec0167ea43fb6d86f714906ac1fd9b6a64da963f445442636d9e193fb16
- SHA512
  
  7e4a6335adaf7cb19eecd79241fafe689a644c1edc4ef74dba0c3533dad03c9e9ffceecd1efe472015d3d5f0c3fb9221364a80425bf7e593f198ef51de913238
- SSDEEP
  
  3072:WzlYfzLGP7tKAYBxDwZ89kLUClrCpHlPmVrUcHzpgU03iunzOFNEKQ2:alYf3EIfDDzrurUcTpgh3iunzCj
Score

1^/10
behavioral29
- Target
  
  tls/qschannelbackend.dll
- Size
  
  229KB
- MD5
  
  ae50faf9bc79f3bf69b1c1ed92773631
- SHA1
  
  942e42fff7ee58d72b6457aefcf3d9f1b5bc71b1
- SHA256
  
  a735c50c3a9440f951baf9d63d33771ed88fbf739f4c479dacfab2d359eb0f92
- SHA512
  
  fa880c2e93cc912c5c62ceb443e87b36b2a27fbd81fc7967605709682204f7ec2d08aa2b36a5248a5381160a5fa1445eba69a66cca4c8db625c4f57c981575f5
- SSDEEP
  
  6144:jBxXfrYQkfuUILWADdYKaH/5BM2jxNnF5luJLSQkJFXsGz6hBR7zHvuB:lZlLWADdYKaH/5BM2jxNnF5luJLSQkJf
Score

1^/10
behavioral30
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  4add245d4ba34b04f213409bfe504c07
- SHA1
  
  ef756d6581d70e87d58cc4982e3f4d18e0ea5b09
- SHA256
  
  9111099efe9d5c9b391dc132b2faf0a3851a760d4106d5368e30ac744eb42706
- SHA512
  
  1bd260cabe5ea3cefbbc675162f30092ab157893510f45a1b571489e03ebb2903c55f64f89812754d3fe03c8f10012b8078d1261a7e73ac1f87c82f714bce03d
- SSDEEP
  
  192:VjHcQ0qWTlt7wi5Aj/lM0sEWD/wtYbBjpNQybC7y+XZv0QPi:B/Qlt7wiij/lMRv/9V4bvr
Score

3^/10

discovery
behavioral31
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  7KB
- MD5
  
  b4579bc396ace8cafd9e825ff63fe244
- SHA1
  
  32a87ed28a510e3b3c06a451d1f3d0ba9faf8d9c
- SHA256
  
  01e72332362345c415a7edcb366d6a1b52be9ac6e946fb9da49785c140ba1a4b
- SHA512
  
  3a76e0e259a0ca12275fed922ce6e01bdfd9e33ba85973e80101b8025ef9243f5e32461a113bbcc6aa75e40894bb5d3a42d6b21045517b6b3cf12d76b4cfa36a
- SSDEEP
  
  96:JwzdzBzMDhOZZDbXf5GsWvSv1ckne94SDbYkvML1HT1fUNQaSGYuH0DQ:JTQHDb2vSuOc41ZfUNQZGdHM
Score

3^/10

discovery
behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

Browser Information Discovery

T1217

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Checks installed software on the system

Drops file in System32 directory

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32