3cb7340b5b0b250a5b8d6cbf45bee4355be09c9a4d4fe2b2fac9abd5c7b95efd

Sharing

Copy URL

Twitter E-mail

General

Target

dnSpy-net-win32.zip
Size

75.8MB
Sample

240812-qlcgsasfnp
MD5

f6fe2bd46f091e4c7494f8df876d6c9d
SHA1

a9a4db38a2aee9d69641a065319f0e012bfea410
SHA256

3cb7340b5b0b250a5b8d6cbf45bee4355be09c9a4d4fe2b2fac9abd5c7b95efd
SHA512

9eab2457da031074ea4f00d37863fd72b414823728560dee29b99efd9bfb860db86862d6b12e1ae597ebd0032e75d5073d21c5e3516e4ab7a7d0b2863c234a6b
SSDEEP

1572864:+P0kspXUdyPR8gv0uOXUu0PfynU0rOrIOV7tZynZ8r:+cksJGyR8gFryUUOLKS

Score

3^/10

discovery

Malware Config

Targets

- Target
  
  bin/API-MS-Win-core-xstate-l2-1-0.dll
- Size
  
  10KB
- MD5
  
  2cff9f45aa9698aedbab42cdb266d0fc
- SHA1
  
  69da7348204afadecba88a70def9172daf6641c9
- SHA256
  
  7c3ac1d0edca143f9d72ef91a1e148482bdc6f2fb62a14e62044f40c9c3c79e1
- SHA512
  
  9c30ccb6f6da03c7444994972183b395c781620ba52dbc42c677ac663cba2c2f98946dee075044046d2af2065114d183945d78b6e841a477cfe399ddb493e0d8
- SSDEEP
  
  192:uf5baWphWiWSawTyihVWQ4eWua8d90884LfqnajJNv8:uf5baWphW/wGyXJJllNv8
Score

3^/10

discovery
behavioral1
- Target
  
  bin/Accessibility.dll
- Size
  
  19KB
- MD5
  
  c46e0413edba49fcb022f2059b8328c7
- SHA1
  
  c244c02b1eadb71dd7e389de16273e660dd1beed
- SHA256
  
  759cc60cd64286916cb932a89317ee8697232014a4373b8f10bd4f756cccea45
- SHA512
  
  20010408973909dc4cf1a0ac74cfe370f89178117d5ea256634f9fe6074883bf9997aeccf61b8da2bc10668e98decfa2d1e335bc9d9b2790b17ef06a27989a18
- SSDEEP
  
  384:UWI/W82MkSiVKmE+FNZgOcHi8jdHRN7CGlGseoR:2NEEfOcHfRs0
Score

3^/10

discovery
behavioral2 behavioral3
- Target
  
  bin/D3DCompiler_47_cor3.dll
- Size
  
  3.5MB
- MD5
  
  2f2e363c9a9baa0a9626db374cc4e8a4
- SHA1
  
  17f405e81e5fce4c5a02ca049f7bd48b31674c8f
- SHA256
  
  2630f4188bd2ea5451ca61d83869bf7068a4f0440401c949a9feb9fb476e15df
- SHA512
  
  e668a5d1f5e6f821ebfa0913e201f0dfd8da2f96605701f8db18d14ea4fdeac73aeb9b4fe1f22eaeffcdd1c0f73a6701763727d5b09775666f82b678404e4924
- SSDEEP
  
  49152:sXMoHAsisjBFjJMLhHELxJm8ZU8W/GBj5Z535TMpinAizxkl/cD11bqCG7jHbOkD:srZOb8W/G5hnAizxz7NZy9AG
Score

3^/10

discovery
behavioral4
- Target
  
  bin/DirectWriteForwarder.dll
- Size
  
  463KB
- MD5
  
  9efdf7e3043bedac1def2e1fb35d8d47
- SHA1
  
  33129887e03d39a55c743bca284d5f8fb7c958f0
- SHA256
  
  f8974f43e3253f023240d5f08ca762fb48d91ae01049ee58485e269db60c5ed8
- SHA512
  
  f19590dff98cbba08bce9d50e5942158af1c85c2e644f942495ffdc57babae8305f6d0b447e3f178be535784927d8b213e8669c0004629a27daa95e1833b37bc
- SSDEEP
  
  6144:9ka6w3d6ZS1IdfNJ+U5lrFufY8voZizIYH4BH95deXRiIU8ZcNVSb7Ang5dn/lx0:9kG6ZfR3Zqpp1OPJXo6TbiPah
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  bin/Humanizer.dll
- Size
  
  207KB
- MD5
  
  5fc547c851275cc7a1227843c7b35daa
- SHA1
  
  5e22f33bf7dfa5047fc9f661cf7ae069832bf006
- SHA256
  
  40dff6faebcc6e2babe37003853509b2050e806edf3c5f141fbb85fdc0d1bea7
- SHA512
  
  3382ec32d38bac335fb01464337bc0189a1f8cef33fb94c5d99c02655b4c14160fdf02786789a9687c1d651af0ca1a2b55417e8f32570ec5355e44624266acca
- SSDEEP
  
  3072:3EMxgfS3v/xcvZL8i6KHgFgJyEnJi5NV2XpFY7oejVLqoLbBr6h7sA/:37xgf+WlJiJ2XLYMejVTV6t
Score

1^/10
behavioral7 behavioral8
- Target
  
  bin/ICSharpCode.Decompiler.dll
- Size
  
  509KB
- MD5
  
  3f0b190b2c3de675c5dcd932ceecfe98
- SHA1
  
  f0c5c533ac50f0009ab3bc7ed2935b2cfbf01d55
- SHA256
  
  eea43e707cc5212eb2c32f788df7441b47e5e13ef6ef4a3a9bf2cecba3d51bc0
- SHA512
  
  907b047d0f679ae657083d3c7aea5daed2c1aa678d35674f0c23438c2a2e7e61ca19b2f362294ec6d7edc9b9367659594cb071d4deadd97d3375f71cf83c74d1
- SSDEEP
  
  6144:3Nulek0dQJywv/2ABniCx3DIWBQREWTWRKKxJ3s6gLP961yMINV6X20qlJJY+K:3ogpdQ0CFIytT5gMIhlJJY+K
Score

1^/10
behavioral10 behavioral9
- Target
  
  bin/ICSharpCode.NRefactory.CSharp.dll
- Size
  
  576KB
- MD5
  
  bb9b505e8de119d455b960dcdfd1379b
- SHA1
  
  7e513fae3fbee42a8321e2dd25715552a8e54acc
- SHA256
  
  9e5990f9b907e29a1b3cadecc278df05f27eb0e6130f135beb4b0152ccf2e9d2
- SHA512
  
  aa307588a0116472af36c8b4accf221d352e0b35e83f4861f661cc1caff5603128775ec3eeb5537ec3b66f946ac963133a62fe52f18349927edd9f8dc0cef66c
- SSDEEP
  
  12288:ItCo5SPhdfREvnwYCA+zkPggzWKOPKdCCfnPGJKI/k+5fxgyH1JZFkHHLVX4xbc1:TyO+Yse
Score

1^/10
behavioral11 behavioral12
- Target
  
  bin/ICSharpCode.NRefactory.VB.dll
- Size
  
  193KB
- MD5
  
  105185942e3b82168e85aca9245f177d
- SHA1
  
  c72a5b96d4831cdbcfbe401700becca8f9f58786
- SHA256
  
  54b757f43b63946b9e666c827f0023dce715ae09c45d762d267a08866fd9657c
- SHA512
  
  f869bf91fd30ca9cfe4bff42920e5b6cfed4646ce8839fc0875c83218821e96639558942215f9c43d24dbfe2a008bab8971d24b52407df9a4504cfe219e4fb04
- SSDEEP
  
  3072:PxvLbDjY3yiq/5WtOmas2MY4aVP/lTCcWlR0L2Pjs9vN7mGT:lLbtSQM5tbl7M7
Score

1^/10
behavioral13 behavioral14
- Target
  
  bin/ICSharpCode.NRefactory.dll
- Size
  
  280KB
- MD5
  
  599ac99e9726762a0430ca3c3b77f3c5
- SHA1
  
  889b575c6de2bcd8eda28fe3dc75879b388622fd
- SHA256
  
  7ae880504db44b9811d57c615e42107c2aace31a2683a83bfad2e00f4e03beef
- SHA512
  
  bd459ef5f0599eeb0601b7fd219db7aaded22c193a3672da057da84062c5cd50abe252564cb38233bd1cf886ed2353ecad5851a97b95fce8b3bebf1d61df87ff
- SSDEEP
  
  6144:26ene6DxXV3tcP9LT0WdT0eM3jTLdKlyn+lR+3Y:26eeuxhtQTDM3jTLdKlyn+lR+3
Score

1^/10
behavioral15 behavioral16
- Target
  
  bin/ICSharpCode.TreeView.dll
- Size
  
  58KB
- MD5
  
  1c754b4cf6bb9d6f36132b0dd0042a89
- SHA1
  
  490a800de4ba5ab32c7c5d04e68b4e23abde3666
- SHA256
  
  af3e6cef5342c7d7dd813913dde2c765c1501ecf0832397dbb631cd5d15dda21
- SHA512
  
  b61f4cf7f599db4b3083cd5e9f739afa239f408e6ead3bac7eed47babe8a8fde6c76110e8ff237606dd7176f4bc3ff56676f71f8ca329e46cc93439fbe2dd170
- SSDEEP
  
  1536:8jwWaYuo0UVdlY4dDAtV2n//bbvlZhtTVDS1UFL6THwLurd:8U1Yuo0UVLxOUn//3NtCUeB
Score

1^/10
behavioral17 behavioral18
- Target
  
  bin/Iced.dll
- Size
  
  1.6MB
- MD5
  
  664c15683a6a3fb4204d5f1ff42e2e5c
- SHA1
  
  181591babf235320241075da4c60d1bfe21c8285
- SHA256
  
  dec71b0af2c2267fa1ca8d1465faf914ab5350c7407d0e35edd690d1b4f421fb
- SHA512
  
  cf5f17bed9e4b437c7354a1495a009de1f3ac3ffd1b59f9b8662b12c30f0c2e5e8f8f65610a433ff0be099963bc6c8a2a236bbdc8e8a0d8f35ef401da1fe06ee
- SSDEEP
  
  12288:TSDMaFobUafDLGzkXNWx5g/nKjysieauTB6TJGv7FN7Q/918Gs2jRweNsUTrk61U:CkdWx5LvM/n1weSUTrk61uihPQ
Score

1^/10
behavioral19 behavioral20
- Target
  
  bin/Microsoft.CSharp.dll
- Size
  
  879KB
- MD5
  
  68434f91137349c05aeae000f3ea29b8
- SHA1
  
  ffe9fd8a7209b902273c601b95c7933f3ae3d775
- SHA256
  
  1bd1f10d817ef2ecb3cc157747527fa5f3db7239377c2ee3ca0f06d7b3775800
- SHA512
  
  52d63998ff773f2ab7de071f0108e4b3a4abe7a7bfde01c74d964cf6ce39460f84c03c4beb249154205a6655e2f94a001cd2eec8de3bb722f8ac9de2ef7b9463
- SSDEEP
  
  24576:WpORInlfl9o9yH8vXnOsV3GFAyAq19ucjG6ayG5S:vSd9o9yH8fnOsV3GFeqzy
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  bin/Microsoft.CodeAnalysis.CSharp.ExpressionEvaluator.dll
- Size
  
  99KB
- MD5
  
  c093e7d2deac718331b5a1f90a296e82
- SHA1
  
  57b1e624faa420481a1b8efff8949a8f3a69c010
- SHA256
  
  afdaf3294c67480ba855ca06f6750762a7828d4a104d79a32569c6f334a743c1
- SHA512
  
  a6602766979a732885f6ffc1bc5dbaf9f2e4dd9640bd8e3478d60bc3114a0e62180b3d7e59d3707a48890beffd0bfcff2d32e0fd50d43d5a380fbbbe379a741b
- SSDEEP
  
  1536:Rbf5/T3RO4A67T0V3etHeI43tvlKKmCuwMvNtO8P/aqCYYISv74osfy7NB6S+XPb:1V3A4AoHf4dvAKmCuwMS8X1LYIn2m7
Score

1^/10
behavioral23 behavioral24
- Target
  
  bin/Microsoft.CodeAnalysis.CSharp.Features.dll
- Size
  
  955KB
- MD5
  
  d0b6f0df27507b3321e57b04b15cccd6
- SHA1
  
  82940bc154bc81a18bb4678f60a4de268c6babf9
- SHA256
  
  fd7c989836facb6341057062bb87ae35ecce722de3329cc63930bc0d875dc1f8
- SHA512
  
  e7a78e8a4dc3d31c16ba8a3ae1c62bfb6f8267b80e58468190e4044494ac727d6b9f521209c0e749cd53e6059c82542c3f773d9e5cbf97816b4e9be553a7d49f
- SSDEEP
  
  12288:rqRBrFpSQor5EjxSKV1W+OWPb1sbTfncPAqoBPxfeh7z:6eQnVswsbTfn7Oz
Score

1^/10
behavioral25 behavioral26
- Target
  
  bin/Microsoft.CodeAnalysis.CSharp.Scripting.dll
- Size
  
  28KB
- MD5
  
  975129c8b6a6e514c231441630179bd7
- SHA1
  
  6e0d9e9abe646d574eebaa5359b9e16d6407a722
- SHA256
  
  c7b0746b960654a0cb51df95feb1fcd16b8ba99a1369a5603b00abcf31cb6b44
- SHA512
  
  e2919caaf0bf3a22dca384bb257a075513829bba71d4e9babe5e64d995fb26a43858a75f883811ef50be9c49a7b22a3a79943eb157adc464a6fae65ec0c29535
- SSDEEP
  
  384:SnkPsVDzfK8DkGP4D8oewY2kGqln2XhtmGkIcyWkVfW8S/0Lg/dl//Hq:kkGfdna8oe6lq12XhwGkTYRS8AK
Score

1^/10
behavioral27 behavioral28
- Target
  
  bin/Microsoft.CodeAnalysis.CSharp.Workspaces.dll
- Size
  
  692KB
- MD5
  
  7a56b5cb02da5b7208706ee49abd9d43
- SHA1
  
  a331b07be743af5ba274249687578a28ce7b68eb
- SHA256
  
  310ebdfce5f3ffa522fdce334fae8938cb1db3fa887c4e7218e90e78c7a90e67
- SHA512
  
  8c94439daa5b506500099d1549fee089640b65c8209665a42987d5401d664528d539adcfd992cbb66d740cdd377882e385d561476818cbdc28dc7a8bb19963a3
- SSDEEP
  
  6144:VYbRJSfgneMuliMfTxwbxwgnjXP2V1Yh7TCJfNwIewaIRIfhCGz5Xo0gGfQmDm8K:LwsNfTxQx36V1YhOqIDu4fz8s8h9Y5R
Score

1^/10
behavioral29 behavioral30
- Target
  
  bin/Microsoft.CodeAnalysis.CSharp.dll
- Size
  
  4.7MB
- MD5
  
  38343f3d8108eed296fdf5aa19102e20
- SHA1
  
  f0995115254a0a76ac05329812368674dfa4f2ff
- SHA256
  
  75e17c4aa3d0374ecf1d04c2de449f6eee9f13cf5f291bb8c8c0d170b1cea4c8
- SHA512
  
  ea34cafb1af2abacbdaa826c3b060fd2772a912e5497e3fd373a5f88c3ec0a122671c55b541bb2f56cb8f8d86e9dd236aa3b61869d1589e3d97b7683564c2a7d
- SSDEEP
  
  49152:gLlgqJOlmNmIFmLaXyXXjZJ0NZg39C+SDm00zc95YXjlB42hmNJQtf:tP4xWXXjZJ2Zg3VT+6jvb+af
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32