19553257352e789a2911ef06e5aac45b615f3144b2c016310ebaf9eea3e6520e

Sharing

Copy URL

Twitter E-mail

General

Target

HMC+2.2.0.rar
Size

157.1MB
Sample

240808-zqdp3szblq
MD5

6071916227391855fdabd08cfbc9481c
SHA1

84fad8d8ce5ffe9f1e621e2dda7b989b441aef7e
SHA256

19553257352e789a2911ef06e5aac45b615f3144b2c016310ebaf9eea3e6520e
SHA512

1a4f28a624a0d288261029bdcf865deb393ba5fdae68622f9d31e9aaac1258876a9d35bdec61c487c7ff79a55540ccbe2f8028585e045c43f991ee6337feee72
SSDEEP

3145728:1pWR4+G/a9JU2FTWoTqHXoW9sjOYCppHXbjkxQ55c1MvPctcHNp:X/7/abUoyYWgOYSpHXbAu55UMnceHr

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  .hackus/Settings.cfg
- Size
  
  17KB
- MD5
  
  3858127a5c18b2074374b3a3aca47ec6
- SHA1
  
  a4a2027135e66674bbcf47211d004c875380c292
- SHA256
  
  0709a2e36681079006a89f68f15fa035d8c4e62e9e58fd4dbbdd6f1267422d03
- SHA512
  
  f3f0b27ae93f2ffea4e4cbe1abb9d282683f56fef35f5c0d61adadaee4b0b7cb8c9d3a48684f19b4038e6b00a20c36dfb449caeee16a24864fae3ae3960009f7
- SSDEEP
  
  384:JDADrMPnIIOK6gYp13TPOSBmQ4b2IU/L9F9e3BvklI5Y/XpHRC9nxs5m8j0NA/4g:JDADrsnIIOK6gYp13D/Bh4b2v/L9qvkV
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  DotNetZip.dll
- Size
  
  462KB
- MD5
  
  79c304e621ffbb4611b698dc2fb9dc41
- SHA1
  
  30413ad0c9e2f955ec43ed9dceb156edb11c419c
- SHA256
  
  46103e4d053be472f1c85223a43e179a5f022df14607febf6f48837473bd3e9d
- SHA512
  
  fef8764cb5f15444ef8dc6877bfd45133af019a87158c701a95c87f3297e32e27607daddbf4aa365133d60fc3f449acfa4f5c003ffd478c59d7940154d9ab5a9
- SSDEEP
  
  6144:iF4lenKdxBoW6iev7zBIL09vdGtSV41kJDsTDDpBnse6OVxLV/xgaqYN3fmxalo:iF4lqKdxBdheDES4csRBse6sfzVca
Score

1^/10
behavioral3 behavioral4
- Target
  
  Entropy.dll
- Size
  
  104KB
- MD5
  
  d45282966db7731687135c76963634a1
- SHA1
  
  8f217e0b15846a45f7e6e528e5f99ef425efe4e3
- SHA256
  
  68310ea51caca38b53b4ae3d5eb7a24127da4b1021c36963e77a0dacf4aeff73
- SHA512
  
  98f1035130a3126fd1613f1ab23c5328a763d56dd2b211d12ab2a17529a3ed1c2542a8f00cfa3ca7224e1d7d9e2dff378dd90a8adcd72f1566175308c038d943
- SSDEEP
  
  1536:GaQAfp1LJb4vLl8JWOKweLZjdtey2+0A1afQ9EUWtgCNC40fa:Gifp1LJcjl8JWOKweRdEykAWtgCGa
Score

1^/10
behavioral5 behavioral6
- Target
  
  HMC.exe
- Size
  
  2.6MB
- MD5
  
  0bd541037d1794d63bb58654f1e897c5
- SHA1
  
  a901fc2bc1fcc672b6dfee0d3e93b4ca8f11c710
- SHA256
  
  2e8931e43c5674bc641651868ef311e2d3407e0132325c0795bdf4f5404fb30f
- SHA512
  
  85412b5357e65ceebdd1f460e4764e3b5b11c242250500f9f55fdbaa0d2c6aa15cf0f68f7e1d88369a013a2d16c95e235db68dd48590e306de59cf01fb7128c9
- SSDEEP
  
  24576:rVsQ6BKfC+CWDU2fy6Uuri8MmOmbCYUz7PH8Zeaj0HM3ow5Xt:rVeBB2kMOnYUvPb
Score

6^/10

discovery
- Legitimate hosting services abused for malware hosting/C2
behavioral7 behavioral8
- Target
  
  HandyControl.dll
- Size
  
  1.7MB
- MD5
  
  f68e64637ac34443ab8fb83bbeab2bf7
- SHA1
  
  82e5a63b21f02ff3ac651a203523fb473a1aead5
- SHA256
  
  471a6ce1aff5b635df599f21cf3e4894d9e893ec9d42d733f9f5c3672bdb8383
- SHA512
  
  e41119634301244331eae3ed13b3a739e68b2a45a1f8c08949d37bce7d189687568cc19c382749ab906ef536305bd1f14d4462e2d27667af256fb047d1eb4eb0
- SSDEEP
  
  24576:qwr+FdUo+3uuobzeXEF7qpILuLUiOBqiIiGiXiIi6ioIP7cTq2b6s8uUpWGGv+dN:q1+3ubbzapdMvw0GcZ
Score

1^/10
behavioral10 behavioral9
- Target
  
  IpMatcher.dll
- Size
  
  12KB
- MD5
  
  66b5ee1af1d75592612e24bb1bf10072
- SHA1
  
  6a104e3338f1534a1233872574bf4e00535154d1
- SHA256
  
  318d50f35b83ec3a2f0fc339d4155c47d2d9ddf3444047934bbcdccef8167e39
- SHA512
  
  213af0bedef1c1e66169cce7509298b872f09e56972781ab3db6d2884c63200ea35d6e815b28d8fa97d92a385df3a9af80bc5b0c03d416e0551a327a199fb403
- SSDEEP
  
  192:2gZAuCfvti3mt3LjCm31CLiQST1YuDIl4TWQelDoFujH8Z:lvCfvti3mxLjCm31CLiQST1YuDIVTlDQ
Score

1^/10
behavioral11 behavioral12
- Target
  
  MailBee.NET.dll
- Size
  
  1.7MB
- MD5
  
  0b309ea2d92164c41937efc3c4a75cb3
- SHA1
  
  9ed899ea9f15c69d21b81f57d74d9d07c4d8cd0f
- SHA256
  
  7428e138a0b2a9e87f8c47076074d29e8d9ba18e07784db6d568ec15cde88bbe
- SHA512
  
  4695fc4e240e1a3ec8ec14f984c3c0191e4c265ea9b7bb44529bf54fd4365d2d09cf5110138c66896ab71512c7b7a36da0eb63202047e705375a4ea1467eb6ae
- SSDEEP
  
  24576:dDMgcE4ilhMM9XBav0OvQRka9P7mijqMaP7P:dDMgcWfMM9XBQ0Ov0mi217
Score

1^/10
behavioral13 behavioral14
- Target
  
  Microsoft.Bcl.AsyncInterfaces.dll
- Size
  
  16KB
- MD5
  
  1e79035fda3aa29bf70f9df1023ce3ca
- SHA1
  
  847ab97b81dd1c83ae196307b52d8ae983ec5b8f
- SHA256
  
  fc3827cfb6834f0ffa6cb76278f309a3b598ae01c751f13fbeb57886e4168943
- SHA512
  
  338550a154ce6f876e101c5d66cd78a04126ab9236c3fd1ebc124ee9db1b72f8a16f1ed6f857fb773581326ac5fc808939b7d3c9fd529123137b48ef4bf9b768
- SSDEEP
  
  384:DOJWqnwnBbNA1kq40VES2j0cX6dAl+NW2VzrdcmDqxRWeq/Ws:DulwnBhYlTVv2wK5idcgF
Score

1^/10
behavioral15 behavioral16
- Target
  
  Newtonsoft.Json.dll
- Size
  
  679KB
- MD5
  
  69c1a967b27ef8657e8c6665de47527b
- SHA1
  
  34bb58f3d27335bd055d297bc52ce2146698d711
- SHA256
  
  3be4fda7b6bd04e9aeaabf973ccc952afb5c0a6aa0fa672831ca82df218df84a
- SHA512
  
  1ee211079618d3b019e0b89d984fc8fef5ad359c312104eee46ce5ddac74271f70fe0d61967e7fc325d7e0181760ca265dc547300237c32f2e35ecc14d3b7f58
- SSDEEP
  
  12288:CLnRIXzZu/3yNFCU8xF6xc8yNRaVjI3QMDajj1HiiiR8MJhBB0ihT1fWNUwHOvWG:inR0Q/3yN4U0Wt6MBCjCu
Score

1^/10
behavioral17 behavioral18
- Target
  
  PresentationFramework-SystemData.dll
- Size
  
  8KB
- MD5
  
  dca6f1b8644df5d0890a7dbc6411e86c
- SHA1
  
  27066bf658df2d398aad6003ae8496dcf015a4d5
- SHA256
  
  48883bd04158c2456ea1be831b559b594fb86199c0d9618e7c3fde45a986ab26
- SHA512
  
  046020ad671d37935eb674988186eb6a8a28b093887f572a4604781be3f8fc6d9df96a00580f352789bdb7ea0f8ebaf6ee3cf13c6be5118bd1df290a3487742a
- SSDEEP
  
  192:cmBvnnwQh8N/UH6AKwBz1o5fDzupoiuhuWHsWYSW:cmVnn98N/Y6m3o5PPiu0WHsWYSW
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  PresentationFramework-SystemXml.dll
- Size
  
  8KB
- MD5
  
  160928813e7cafd92bd765bdce4c18db
- SHA1
  
  85b11c0d7469a9fc8d2c297e35665b41ee73c754
- SHA256
  
  872673e0e79265978bddeb5b5c410417d553920bd373a9976a33fa1549f4b563
- SHA512
  
  6de533acef8efd4f15a0a2155279a0143f6c86d91c39a41d7683195a868e48bd1850f750d6d6c635ad33df48da5a8bd152aa5fac29534de9b22f6340cd836380
- SSDEEP
  
  192:Yy/Rs7qoQh3vcXP+dKsY1tsbCyo+hCkPd2JCWfDW:Yo4TG3k/+StfyoMCkPd20WfDW
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  RegexMatcher.dll
- Size
  
  198KB
- MD5
  
  44e7acfa4b123af014f21ce4286018da
- SHA1
  
  716ac3de5015c3b5e60332e7062278a072ab743c
- SHA256
  
  9787a9a2cd79ba6fff3398e5cdc883c5ac1817c088d73fc7933f414b5d914830
- SHA512
  
  3ba06f536257131092fd5c6e3125a5b2e2ede2147564fac9eee8af71d05e57b91ad6a328938516d544f02161a62cdb2442c4bf36c1ca4ae1f264f769e6341ba8
- SSDEEP
  
  3072:L0Mw8b4aPAYD4XJfuLN8WSdEJ15Kxa8pMvr0/f72QPY4wOd7hGHqVMvskjOVcML3:HiVfSCD
Score

1^/10
behavioral23 behavioral24
- Target
  
  SharpCompress.dll
- Size
  
  558KB
- MD5
  
  a582e2f7ccb5875c188716b5e5bc84f2
- SHA1
  
  0f1bf79fc02262614038205bd20709dca2ceda62
- SHA256
  
  f7cf666f0bf661f63ae3a5e531516fd68ac9353471faa78443f21bfd0a5f2f4b
- SHA512
  
  76d036be7840b2e8382753a4dd745aadcb6575e8276e335a2cad9fd46793bdba786d1b32c5e08e43192ed86bb319d6706ca9ae8e061a9fdd96987fe93b0384fc
- SSDEEP
  
  6144:ZcdsAgdCvxAlzRRs3+nZgA31sKLQ6RGk6SOZ3YuK/FhLDrthTjVjTap23T7nAEzq:e1xw1sKLPRHFhdCgT7Li3Mc2Cb
Score

1^/10
behavioral25 behavioral26
- Target
  
  System.Buffers.dll
- Size
  
  11KB
- MD5
  
  0bfef61b203054f6fbf08419ffe3f018
- SHA1
  
  ed9d0418507630996eb2c473ec5daf11d185c2c6
- SHA256
  
  d838c40848daf87743e96d42f8db18bb66a0b27cff5a48926a85a61c2d3e05b9
- SHA512
  
  4e848c56e79a7df025bf2fe2879dcff5718e0f81d804e82c658fa319233a0431ec60955ce3fc3ed4dffb9a823ba770dc6383e88c97316cbf263c7ea8f55dd051
- SSDEEP
  
  192:CpsZpZD2wrM771vOC9yXOfcgSQfAxRyMzwWvYWJea:/rMdp9yXOfPfAxR5zwWvYW8a
Score

1^/10
behavioral27 behavioral28
- Target
  
  System.Data.SQLite.dll
- Size
  
  392KB
- MD5
  
  147328def2e79a86d7335a661eecc051
- SHA1
  
  98ff30131d77cf28807d50b97cc92cc8655e235c
- SHA256
  
  7442d48a24c1747cb17d80e95c4d7343de16e14a252484ace3be3fae55b1d641
- SHA512
  
  d26f6627f09cab90ae545df68f2df006f0beb988cfadb16f6af56a454e854a9b9c10d2ce787052b80536f9d05b7286d57e42f361f54944e20df99b3c1c49aefb
- SSDEEP
  
  12288:Omfjeeb63oRXFNFfcaFeFOFwcGF6cmFWc0FWc8cIcKcUFJFpcNcHc7cbchFFc5c6:Owu3oRrP
Score

1^/10
behavioral29 behavioral30
- Target
  
  System.Memory.dll
- Size
  
  129KB
- MD5
  
  1d3dd9fcc077e6b4f88c05b9aef53ee6
- SHA1
  
  12b33858bc84f54b8aa8dbcb5a0ec2da043a6f66
- SHA256
  
  d5235265564f0bfd23b7279d7bdccc9ea6383ed07c5d0bfdf6c99029af9a2c0c
- SHA512
  
  81ee9aaa809219c6989b648af1cd6f91d229823505ace58314bbf552a985ddbef7d8fba8703948727d92da94070834b5879ae47451fa98982cde16b36c771c69
- SSDEEP
  
  3072:nUGrszKKLB8a9DvrJeeesIf3amN32AW/rc:OB8l3/aK32
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32