b4d41cf83f3d337de9166ad65ef9bc7cff2c35191ab0538109fffbbc82c7d53e

Sharing

Copy URL

Twitter E-mail

General

Target

PrismLauncher-Windows-MinGW-w64-Portable-8.4.zip
Size

36.8MB
Sample

240806-se2jfawckd
MD5

de1a237a72fa46279f1e1b0e4afbf704
SHA1

c4200f162d350aaff8869276a084f87bac3e88a0
SHA256

b4d41cf83f3d337de9166ad65ef9bc7cff2c35191ab0538109fffbbc82c7d53e
SHA512

e8159568dd5d8efdc733533c49602f8e81493cca678b4d11435f99361923faff67549f15877b1358afd6e4088f9caffd69971258064f622137e9f84bd5aeda85
SSDEEP

786432:1NCe4fXKwE7HlgjKcNdz2zmUsXMo+gdmMhF/0oGdmoEElLl7V6BEPpL:12fawEzloKmdzRHXMoLm3MoEElpQBEPt

Score

8^/10

Malware Config

Targets

- Target
  
  Qt6Core.dll
- Size
  
  6.7MB
- MD5
  
  b6c673ece7f71e3b7f98263d445b9ba2
- SHA1
  
  b27e7362102ad9f1bd85fd96b3b6077824e7cdec
- SHA256
  
  310d70735676fa6ef007344ff784493f5ba65ae3675886b4bc9bdb8e9d9cd822
- SHA512
  
  23d78951710725a56b4b3b4ef288d2ef9f86fc7c12f9509b787a6aacfa04f4f903bebf13a9e836d7bdc4ed2772ed7c9d5dc4548d342f047453b5910ba8820a2c
- SSDEEP
  
  98304:lcSgvuIAInSljjvOiUJlKFdu9CwJsv6thw12vP7zIPR+9Xz/ZfX/8lFxW+MEH:FD1vAHKFdu9CwJsv6thw123RE
Score

8^/10

microsoft defense_evasion discovery phishing
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
- Drops file in System32 directory
behavioral1
- Target
  
  Qt6Core5Compat.dll
- Size
  
  432KB
- MD5
  
  722cefa84d0a1c12cb948d47cd2deed5
- SHA1
  
  5bc17302b3789ff488dd00df21b7e45b757b7bdc
- SHA256
  
  5568da85e278ad56943b3727c87a6da7a05aeafed468f450695366dd66326d2f
- SHA512
  
  8ce033e9545dd43947a5f83847d755a991f45495d8f7bfbeb9001325b4914e39b11dc2d9ccea689fc60bcd144437e6e2e8a79b5017e76ae96559a9fe017987ff
- SSDEEP
  
  6144:n4l91OvBGRE3kPNoPGNr5bpbBYGRk5UHyxPtcmU4u8bTM:n4r5RE3kPNo6rVSyyxNUj8bTM
Score

1^/10
behavioral2
- Target
  
  Qt6Gui.dll
- Size
  
  9.2MB
- MD5
  
  38f208e881fb3b2eb9bd427b931c04e7
- SHA1
  
  b76e9d42bb2ef2cfbea8106f7f1751d397d74164
- SHA256
  
  6ffd821e6882c7ee77f2a0f11338ddb7224652ee19cf2971732290cb3a57d492
- SHA512
  
  61d28648d08397bfcbd50534e9584f983b3c81e52066d4045566deec5857332a627bfa4a7efa8774ad0e0464282364f6f78322dfca154366111356079df9ecc5
- SSDEEP
  
  196608:YdrKK5s/P8LBH6Dr1FX4DRNCByWt6kmEEgqj86Xggggggg:EKOs/P8LBH6Dr1FX4DRNCByWt6kmEEgq
Score

1^/10
behavioral3
- Target
  
  Qt6Network.dll
- Size
  
  2.3MB
- MD5
  
  3dee1275f2be78e9cebca37bc5f7bc6c
- SHA1
  
  e49a5627bc9f64e9a240c31c1e70c2aecbe3dfbb
- SHA256
  
  598819078c53ecd50e0ece438cc1d23d9ab7e0b7391a522218d0aae153ecc7db
- SHA512
  
  e4f6756273c1fd880515f011bbd07b7fe738ffbe60a83277d0a932989dfc92ddbe290a8088f5042e6d1bafe4a755db0ae90687b7b36cd4feac9874960bfbc76a
- SSDEEP
  
  49152:CW/Fx/I/+0+IYywwYAoQ4gI4Q4gIWxkISMFI2r:R/FpSMFTr
Score

1^/10
behavioral4
- Target
  
  Qt6Svg.dll
- Size
  
  529KB
- MD5
  
  d8fd1786cd47e420f5f0c1c9f30f1258
- SHA1
  
  34ba41c32ecc7aef7e7b46e71dad71c178fa76d9
- SHA256
  
  f0f6f3272acaaac02befb5753dacfafc36c42d5b5068e6c6345875e3ff33240e
- SHA512
  
  ed3e9c9201c68e1566147390b18578c5aa23f7137353fb7828bf75b8ea167e96b66e2617c06d9570999a03bc6df070a6a35e12257b488b2fd476688f007c7b81
- SSDEEP
  
  6144:Qtum0oElcM+tBn3qHcd6l2kso71FNRjx1QJHCGhxUYgQdKpXtJu9k9xQlT:uumScMQBn3qHcd6lnD1QJHHjUYv6GlT
Score

1^/10
behavioral5
- Target
  
  Qt6Widgets.dll
- Size
  
  7.7MB
- MD5
  
  af24a47d14847a9548a574c6d23a3e53
- SHA1
  
  e6a88a79a4d601af5fcd8ea344614e6419309264
- SHA256
  
  4c5fe75e485b790c5ccc7c003b6684199dba91ecc8c2b2496a9178c3dfb31a4c
- SHA512
  
  c9fd6ffa045293dd17fb9bc0fbcdc5ba4d37fd17675351092f7e2481d92705741cfa343b1607652fd77459f0bdc904d84ef59922eb65a63acac0fd969dfa0478
- SSDEEP
  
  98304:16yOBRA0aXi9xDqB2ASo5O7Hl8cBgGmbxZ89HLfXsIziyj6t7:Ig0aXiDHlUWLvit
Score

1^/10
behavioral6
- Target
  
  Qt6Xml.dll
- Size
  
  194KB
- MD5
  
  2ba6713ee31250744d9f948223b29684
- SHA1
  
  88bb4ed413ba9891b6fc67e7952cf4c45139a90d
- SHA256
  
  4460564e0c564603a21c36ddde41824a897b8e11b44cd52e660be55f9664850b
- SHA512
  
  b6478e7e50e78d4270150d40b2c6b9dc430d9c92b4a0411149479392ae27c39f5b44567af6861a373081e982185d54b569c118c8db251d76557d1988110f0f2a
- SSDEEP
  
  3072:jk55bZy/KAoOzIKRe+swwOF05uZ2S3DsktQdJC+3pKKU2GSE+7:mby/KuJdw15u53Rt25Io
Score

1^/10
behavioral7
- Target
  
  iconengines/qsvgicon.dll
- Size
  
  70KB
- MD5
  
  0e53db21e3a7b8be33abd45760330ddd
- SHA1
  
  11cc40ae8d0d814384ecc5dcc1222ba6e4a4977f
- SHA256
  
  dd7e093f820758cf8f5b58488eb6f13cbb791c91751e1ac13d0c5238abe77d43
- SHA512
  
  db50f011ef5aecb874cdefbe762e18cdf89e22b638b3517333d724ac547cd474ed9f0094f3ce4d4540c90273642dd500bea3883b54f8883d6512a629b72cd83a
- SSDEEP
  
  768:pqjPTPBfU4l+rJfPYWxE/upvaOU02Sw+Igyz+3iYtIIuY9fb/r1N8YqeSMSFuWvT:pUTPJTyJ37E/WBpIgHtOY9jz1/qeo
Score

1^/10
behavioral8
- Target
  
  imageformats/qgif.dll
- Size
  
  48KB
- MD5
  
  24e1f44ddda3ac6e85c2944008ca1a8f
- SHA1
  
  8593ec3c1e7240311760f2395c84996e3a048f27
- SHA256
  
  e018a0b4bb50e22c4cca97270863811c6a2b2e352fefbd49db118f1e9c4fff03
- SHA512
  
  96eb11d2d7d476e1677afcbfdaee4d8b6db1919cee04be971899385cfb3e101c0181ae8a4c6deac211225e1fee26b5fd6fca328ead84f5ea7b54addd2e251bc8
- SSDEEP
  
  768:qzMpvs8MArowfpUggf2o1TF7BnxEtIMMD1UtQo30YEE1PeLX7s7:PNYArowygIjHEtIWFmLX
Score

1^/10
behavioral9
- Target
  
  imageformats/qicns.dll
- Size
  
  57KB
- MD5
  
  cd676b30a2090652cf4225678008ffda
- SHA1
  
  68d474f47c4278252ac1ae441ecb16fdcb430e46
- SHA256
  
  a2676bc8ef8ac3a0efd4539c372206f7456e9389e216b72610df8edfbc2621e0
- SHA512
  
  edfc631bb672b9f2c390ae15f63b0c5d32b345dd088aa579c0837046b27080a5fcb0a2351a1ad7585138a8f7f8f12bbfde4007e7f71d250ee56e09bb3db57003
- SSDEEP
  
  768:uYLeS0gZetlVv7/IBXy4/a5JeI2PKtwNs0zBZSY1SLeD:teS72l5OGJIKtAXSSSLeD
Score

1^/10
behavioral10
- Target
  
  imageformats/qico.dll
- Size
  
  50KB
- MD5
  
  a1f02f5a201f7866a6ac91b89b1b45c5
- SHA1
  
  922ce3ef85c6463fa7b847cbc4d4475119f0fb23
- SHA256
  
  ebadb3607726724e9944c3c730ecb110c4045cd7868f560593d28e0be41fa372
- SHA512
  
  b85ff6681f863285fdcd54385a864ee70e49a681302ada58e95edd41853c44bb99be36ce69546ca3e7afa91c6e6de2179b05f1dc5631bdfaca8d9c19645b02b6
- SSDEEP
  
  768:AvJOrQC9zkSKBzxd0we8E89C/4NZN6qtIMpXuctOEZm2LX:KC9z6zjZNZN6qtRntOEo2LX
Score

1^/10
behavioral11
- Target
  
  imageformats/qjp2.dll
- Size
  
  53KB
- MD5
  
  a0ca930787ec1d36d93c7f7cc610f0f8
- SHA1
  
  a6f7d11712ac1c5c093f3d90743b237443bc197d
- SHA256
  
  b79cf29ca29fdfdc74ca53a3861d4a689825c8f81f76f9228e8a96504c44592d
- SHA512
  
  96f9caee758f16cad7449267cb67f8d3598edb515d66641056a31b47269480a5c18f0adcf61460ca37503c12bba902b9245f81e25efbdeba190979182808e647
- SSDEEP
  
  768:hvCeaggYrkSTtZ7iT9iT9dtIxCQMNh49omQpU:JWgbhiT9iT/tJQ/9ypU
Score

1^/10
behavioral12
- Target
  
  imageformats/qjpeg.dll
- Size
  
  62KB
- MD5
  
  e548a7532d65f92c95eed8a662c4010a
- SHA1
  
  e607e2ef80b51047f4c66c94767b862e61f46bb0
- SHA256
  
  8c0cf3ea1e41b208e890a937a6d435722ee89bb337afee61095e594d7545b99f
- SHA512
  
  7b0828074b699d588123a2e07607dd993e240371c40e472f1f9d79bb87f62e78d264d530ee04a7a8df2f645d5875ba20fe0d280ec3fcea34d6d01df5ea092ebf
- SSDEEP
  
  1536:7neGIIZ3EONKD1c0s0v0NRt0oMnvnyLXu:7neeZ0uKDJsI6Rt0o4vnyDu
Score

1^/10
behavioral13
- Target
  
  imageformats/qsvg.dll
- Size
  
  41KB
- MD5
  
  6ac301d4cc3e983f0cd084725b9b0cd7
- SHA1
  
  64fd608f09c79f7e20c5c6f2e147ea1e87c8b221
- SHA256
  
  83b5b6dcc0742b1bdf03eed1bf4f1d062243f9060ea1e48f429ef90aacb46355
- SHA512
  
  3684dd8cb08e46e62fa97e1399530c29f4d083a0223595997f4544bae833e36f3079632b7614a2ef9a699af589a36e6267beff855823ca4c5b7b5a43bd9c2fea
- SSDEEP
  
  768:+QTit6Y2kQaPpvXU0TYtweZ5j94NPIcGea:NTitbLTYt7x9MgcGea
Score

1^/10
behavioral14
- Target
  
  imageformats/qwbmp.dll
- Size
  
  37KB
- MD5
  
  33fcebf66966b14a6815fc76bb10c61f
- SHA1
  
  092887aba8cadfe1b4c0da3276d6cff22269bb84
- SHA256
  
  64f42fd16bbaab749e6f638b0381fdd4702a49a5a3db08eb0671836ddb6a9030
- SHA512
  
  efe9b65050650bc5694c2454b27e05ac9cd076cf64fce48d47763df8c4ad96af342a95715d19500cdd15e5f7dd67a800a2b010b88cebfcec75ef6dae5dff1071
- SSDEEP
  
  768:XwtOtqOFk2uFIwcd+qsBg4xqx0twwHVnPd4QYJxe:XwL2uGwJHxM0tnVnPb8e
Score

1^/10
behavioral15
- Target
  
  imageformats/qwebp.dll
- Size
  
  46KB
- MD5
  
  9e8d8055f4fe8c5e70bf5e7f0b4911da
- SHA1
  
  9a2e620135e574734b8ac6ebf328491e453b335a
- SHA256
  
  d1c9fc4b1d25ee905112af55c067c4b61af40cf9326d26d9dde21de213167fd1
- SHA512
  
  c278395ffec2fa991fcd761c7c055aebe833e49bd0ea5a84226727e84571d51d8c8ba8d824fe7953b655ece6579d3f46871ccf54ac7d2ccc119c3f3339269851
- SSDEEP
  
  768:O9Z7dyv06sndLhAkvtww9GfceXfCPtURO:TRHkvtkfcpiO
Score

1^/10
behavioral16
- Target
  
  jars/JavaCheck.jar
- Size
  
  1KB
- MD5
  
  48655198f1bac944e6e5c19732385e18
- SHA1
  
  178515371540632f15930cbe3c92b7b1c7d3a0f9
- SHA256
  
  6dee70190e36b4cef87e27b9e6e7b200dca80d64eadba1ffc30f743cab6edd94
- SHA512
  
  9e9f6dde20fbd11082fb1530fb60b12af74805a32b12b42369e920c6b66639b62dc4cedec677dbf5cdf23ffe6016c4746f77c3e9a9487cfe352e35f44147a5ee
Score

1^/10
behavioral17
- Target
  
  jars/NewLaunch.jar
- Size
  
  13KB
- MD5
  
  4f847b63c68f68b602f224a6d6aba95b
- SHA1
  
  06acaf7356d42d4285b4198033e84a95045e0f8d
- SHA256
  
  047f563b6e6bbb5781c58e73b32e35b036328ddba2c3b25c7e215a4be8048082
- SHA512
  
  d37053819f783cb5ce8a3d8cde88f7a98940d0d7061286c82f03fe7f2e3a4c39d9cff00f1261254620237880aeb4677b480397d7231dfedf67766fb582f2f648
- SSDEEP
  
  192:1trD8FoDNpAjTrohKqlErnlTSbcjX1XReXyAjj8u8BeGnhAVf2i:jrD8iJpAvrvFDlBeGZi
Score

1^/10
behavioral18
- Target
  
  jars/NewLaunchLegacy.jar
- Size
  
  23KB
- MD5
  
  30df32c68357bcfb4465a18660762252
- SHA1
  
  4a16ae19783cad4e091390a1403d49126abe9d44
- SHA256
  
  44f50e14e7724ad478491e302123ba28f220e50cfca60cb327d8558db97de748
- SHA512
  
  a409461f6de48064288937cf29bad6b5e005c1e2314dcb80e85b845f7667c01b92a09f71ab2075151c5c0e218ce41def87c2c47dd8f4a10928757c2f52a1f523
- SSDEEP
  
  384:1HVLDZDdUfYNONelSEa6x1jO8Buc6gd9ryCTbkD/8SSWlrg:1HV1xl1x1jlGy9uCTAD/8SS2rg
Score

1^/10
behavioral19
- Target
  
  libb2-1.dll
- Size
  
  42KB
- MD5
  
  87ab9208b130b7d7b2dbf6e887aafc5f
- SHA1
  
  afc23cf59beea5dea0e7b4d7f96b936ab4594511
- SHA256
  
  d6754584336b179a02722cfb80854f764024b6649e6f0cbf2d3878407e5678af
- SHA512
  
  fee411c30bc4df1777f42df27deb198114851672c916b197e8a1eb44f39fc88ba801703f24d06c51a72ec952d91ed992695f1c38b32689b54be8c578f23db8c6
- SSDEEP
  
  768:TCkFQpFtYAuZbKrbKlK6zy7GvC2mErBSnan50zkoaAcvVO:2pFtYA8lHy7Gvhlg7c
Score

1^/10
behavioral20
- Target
  
  libbrotlicommon.dll
- Size
  
  145KB
- MD5
  
  00bc42b62d1a5adeb2f599a591403d9a
- SHA1
  
  42fb609f84e1fa97451a10aba914cda6db950b06
- SHA256
  
  fc5bf42b62da64ac76ffcdf50f232c8c821c9c278e23f63c9477c75a74b2b7b7
- SHA512
  
  2407e732a44b5293260a882b8118cd18d1e5d5339735d19efdef0c33ec5bed64aa4d099f1ab7eb590324e0c860c4a5bc7ba04eb04f5d9fadb1407c078d32d91c
- SSDEEP
  
  3072:Y04lzbWhNbNL8DXGvVh73pbi0tdpvGJaoZB7PxBlavxA:Y04AhdNorGvHdbi09GJOx
Score

1^/10
behavioral21
- Target
  
  libbrotlidec.dll
- Size
  
  63KB
- MD5
  
  6b933641e6a997c2a100191783370ce9
- SHA1
  
  0ec5b215cdcb3c5ab1fcca8c1591474349cdab7f
- SHA256
  
  ce832348f2e913ceba2d0b94d9a8fe655035e438067ad9a7527b1d7e556acc27
- SHA512
  
  6308a7a34ff517e7b43958ad119206b44f92b75456617285b520e8706bede28d1b319c3b57253cca45d208988a6ef4e2720c3e343b0cf7ca876ecb0cfed2e3c2
- SSDEEP
  
  1536:QI0kv30D1vleo2465oymusFCfJq0rHoJXHLf:QI0n1vso2AAsFRXHD
Score

8^/10

defense_evasion discovery
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral22
- Target
  
  libbz2-1.dll
- Size
  
  96KB
- MD5
  
  b843434a8eae82adea4f9eaa2fbffe47
- SHA1
  
  b34aaa305cfc1a4936a88592b5689b0c978ffaa4
- SHA256
  
  22289ed41efbe633f798047de836b31170336e5e40e7e7b586c915bdbda7fcd9
- SHA512
  
  9f7c152c3b7ef52c0b3131d865960f8529bfe43776bfcf00c668fc41258e4ba4fcecb09888a99f77634534b42202d57e71806b808d9efe9ca6125712b8db7570
- SSDEEP
  
  1536:XbxAQ+Ny/Nl+cBvnbHGFQAa0NkQZm4BZkd38pR/yjr/wRFULiQW8TbOJ:LOQd+cBvnNA1FZk2U1TbA
Score

1^/10
behavioral23
- Target
  
  libc++.dll
- Size
  
  1.4MB
- MD5
  
  ca5abc265c3cd09b6ba3362e3a60e961
- SHA1
  
  55a877ec5d654448bd39c10018bc358abb220a5b
- SHA256
  
  914d66ae0df9b03235b2d06a07a439836a58f10739ea73278112789e1294e83d
- SHA512
  
  59376a7530db2c5b52d1b44454c30cc6998d9ebdd9548932d5daa8684034b6b545b8ceddb4cc9bca9e060a265c38c0b6d9fdda5725e5b95de1b9f0f739da9088
- SSDEEP
  
  24576:5kbze00FKg/K3VpshSMXl2hxLR7lWSLuKPlMOWudd7l/BOku6pyc5R8h:U0FK0KFtLJdmkusF
Score

1^/10
behavioral24
- Target
  
  libcmark.dll
- Size
  
  259KB
- MD5
  
  96e3e22b35fbadccc0dbfefd33bd33ac
- SHA1
  
  050c6b1e58dc668214942fbbbe987a61dd3b0f47
- SHA256
  
  57288f807fabd5ca70dca120700b36e388d059a7c7c1455e1109a5679760db86
- SHA512
  
  1d4795e1c42ac207e48413893592f94bb250077e078d1dfbc919d5e53cc9bc608d4f28856df32a7b7e140a6fa7df7867fb472fbb3a4098f1469ba8b6fddb76fa
- SSDEEP
  
  6144:QacI/4iMccHZ/LdAnAJm78FHSNsLmZY/KlEzuh3gtyLsZmf4ZCT6aG7Ll4tmVSu1:nf4qcHZDdcGOtmVSuVZOl4uAIGjN
Score

1^/10
behavioral25
- Target
  
  libdouble-conversion.dll
- Size
  
  78KB
- MD5
  
  20d6fca191ec4998242748eb54df4905
- SHA1
  
  e2d5afc4a3778c73762ebb4af9c446689a355a92
- SHA256
  
  52a913618d12f2e02d756d7c8af5199ed77d61c47cf3c94cd23209f64b001eb7
- SHA512
  
  49d6bcfd5f2d9c304b81fae3a18d642302a5055f64a98b27e72e277b1f5cfb2ddb77d0080624ad5bf2ab62bdb215da7a44441dede5999b056954159c75184a1e
- SSDEEP
  
  1536:vBek0a0m7qSccFJnwYYQ3uxadkYqHpgr:Zek0af7DTnGaSHpgr
Score

1^/10
behavioral26
- Target
  
  libfreetype-6.dll
- Size
  
  828KB
- MD5
  
  7e0efe15a52434441699b4e18a403012
- SHA1
  
  d4564f3ba2e8236003d13e2e5bce71248fc655c6
- SHA256
  
  7a3258d807643e786983c107c49a9bcbe9bc755bc0a32e0f548d3bf8c048e818
- SHA512
  
  b60c46832556fcceaebd81f72667c6548e4f0c1655bb2d9a8e424564751fe46a766339850c92a4145064c3439a020ff23734228abc7151e1dfdf1b76f5ca2916
- SSDEEP
  
  24576:Ex9EPoJMcBbPgDE7yf/mQNWkiOBlBCZXd87VZ9p4lu:2EfcBL8Ik7lY87VZ9alu
Score

1^/10
behavioral27
- Target
  
  libglib-2.0-0.dll
- Size
  
  1.5MB
- MD5
  
  6ffca088618cfec28bea91662b113c42
- SHA1
  
  453c7b8f121e4b135a40d0a0896e3b4e980384d7
- SHA256
  
  343b4460bde31a371e1b44a601145cb52c08e1f499d8c4059ccb5b2f542b1bed
- SHA512
  
  7f17cf7136eadc00c0260b011ae35809b2cf9d45dc5dcc548564aa862b2ce7e15d0ee68b17234eee3054ced66533e5f4e81cffc7a1dc497718d209709c4596f3
- SSDEEP
  
  24576:D13MNQbKIca8Qe6xObsaTSqqqqqqqqqqqqqqqLq9YSZA+mIvASktvD434Obqykjj:D1cNQbK8xAGYSZAfxDtv8bquym7OZ
Score

1^/10
behavioral28
- Target
  
  libgraphite2.dll
- Size
  
  149KB
- MD5
  
  c8dfe47f78c491446d7b1c39449d82be
- SHA1
  
  218fab832b78f14072be0d2f9d7d9775bba24323
- SHA256
  
  51ad68c31e706d4d9181cf3f15df259e5962644f664a3723d6ca48f0ef4fb8c4
- SHA512
  
  39ea8978571db1c5b1c89134e53d799932092f5102e0390aaa28cebde3ce1049e92287db49ed9cc2b57e4662a464e17bf945b221a496ea90bad52b882e86d903
- SSDEEP
  
  3072:dZgCQBHA1F/+q/xNjjSLUOCsv7S314txH6ANc12:dZYBAhxNx4tMAN
Score

1^/10
behavioral29
- Target
  
  libharfbuzz-0.dll
- Size
  
  1.3MB
- MD5
  
  3106cc1f724e26ae4ba642b16a6a3a81
- SHA1
  
  a2da227b2495ae00402ebec8c2a19458cb49416d
- SHA256
  
  aa7851dcf631509f8d7d882e771eee51047fc7736b6fb8639e0c91c8d5712f77
- SHA512
  
  0a805ec60df5640f3a57e6e3e2057926fcb355d5ede5ec1ddfdba7274ef317d543a1e07b7998a011dafc1319b8387da54a8ee5915736d8216eb615b12df57fc7
- SSDEEP
  
  24576:q4J40OBUaAkUplH+jJKko7dU2w4OXa/TDOD:fZOOaAkUpgjeBDSgTDq
Score

1^/10
behavioral30
- Target
  
  libiconv-2.dll
- Size
  
  1.1MB
- MD5
  
  6ae5561a184c63875e167e11b7d1892d
- SHA1
  
  621c6392aaee1e60ffef1d0c13b540252ea6ebb1
- SHA256
  
  8191c1eb79d1e89449521ca63130f9ff20f6ddaac229f7ea7376be8bef41f3eb
- SHA512
  
  64e8dc95691e554414b7e77ef90149fdeb85f1e716f663c43bcbe7d8d40fbaf3ef0452ca729631fd941df4be47ddc0e36e94d5ed26485a7e9ead2998049c0375
- SSDEEP
  
  24576:Ai9frNffGavkg3NyElQKuqsbbTujvKYw0BAUZLYOD:PZXGaXDQKuqVjCx0BAUZLYOD
Score

1^/10
behavioral31
- Target
  
  libicudt75.dll
- Size
  
  29.3MB
- MD5
  
  25ef3f10b61de70a0ae5ff875471286e
- SHA1
  
  5c94325d14eee4fd8c679cd9d994feaab34dbd8a
- SHA256
  
  9072d27fc9bd8d85e56e17e329d498585b3284079eb4aee147a62a0b55f9e258
- SHA512
  
  434e1d1a923c71fd1308f4602c0428c3533304e92b3b2130d88151c4dff5a075537c5ed3414379877cdfbfc3a4231c0e2a1f80b1972309977ac80e1a74cc1d75
- SSDEEP
  
  393216:EzVhxxOXBDFesiXUxpWJ9IWlY3IDUl2nogg9WbkxyBtS//JO47TW9U0PprgdES5w:GvxOOx
Score

1^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

T1553

SIP and Trust Provider Hijacking

T1553.003

Credential Access

Discovery

Browser Information Discovery

T1217

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Downloads MZ/PE file

Executes dropped EXE

Loads dropped DLL

Checks installed software on the system

Detected potential entity reuse from brand microsoft.

Drops file in System32 directory

Downloads MZ/PE file

Executes dropped EXE

Loads dropped DLL

Checks installed software on the system

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32