General
-
Target
2d823521cedf5a958f682bfe30dc6b066f813f6f53d5311d814fce946f0f58a5
-
Size
3.6MB
-
Sample
240813-12e8qayeke
-
MD5
7db8604c051e9c8fa15beff8a0f9227d
-
SHA1
d0af81a71921d02efdbb1241e5998059a9b1bc5a
-
SHA256
2d823521cedf5a958f682bfe30dc6b066f813f6f53d5311d814fce946f0f58a5
-
SHA512
bb0c5e640f7c22ad991089decec0b606a2985285cf1a055538cafadd6dcd16d87b22cbf42630022926a79e704e59f78e29aeabe94ccecf382e5916fc22eb5ccc
-
SSDEEP
98304:vHBzFW8nyA5gpxTDYzGIms9AdfrvDShPL88L7eUOmr:vu8nyA50U8dfrvMP/7eUF
Malware Config
Targets
-
-
Target
2d823521cedf5a958f682bfe30dc6b066f813f6f53d5311d814fce946f0f58a5
-
Size
3.6MB
-
MD5
7db8604c051e9c8fa15beff8a0f9227d
-
SHA1
d0af81a71921d02efdbb1241e5998059a9b1bc5a
-
SHA256
2d823521cedf5a958f682bfe30dc6b066f813f6f53d5311d814fce946f0f58a5
-
SHA512
bb0c5e640f7c22ad991089decec0b606a2985285cf1a055538cafadd6dcd16d87b22cbf42630022926a79e704e59f78e29aeabe94ccecf382e5916fc22eb5ccc
-
SSDEEP
98304:vHBzFW8nyA5gpxTDYzGIms9AdfrvDShPL88L7eUOmr:vu8nyA50U8dfrvMP/7eUF
Score7/10-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/EventLog.dll
-
Size
52KB
-
MD5
8fba844f18192aa308f3afedefb968f0
-
SHA1
fe984f437a773bed54056a1ee76ab878434d0f74
-
SHA256
29aae99021db33a68d96d24e4a9a9c8873e15cd4869a143ff42a8b1dc94323d8
-
SHA512
2b12ad660e9c6a19f9ba5e065368f00228868e0d0c79e95c7fbdf9227350e56c3b3eb0ccbb181c4a138205c3bc467eee7ad250e949afe5f9c454ffa3e2b0caa5
-
SSDEEP
768:3rEVUItMvCrf0U0puoWtODiJCrwhXktHd/vh2kfn4hjSDbCFtVcDuVpk:3a5ZrehfDiJCshXkt+kvGiStu6VO
Score3/10 -
-
-
Target
$PLUGINSDIR/InstallOptions.dll
-
Size
15KB
-
MD5
ece25721125d55aa26cdfe019c871476
-
SHA1
b87685ae482553823bf95e73e790de48dc0c11ba
-
SHA256
c7fef6457989d97fecc0616a69947927da9d8c493f7905dc8475c748f044f3cf
-
SHA512
4e384735d03c943f5eb3396bb3a9cb42c9d8a5479fe2871de5b8bc18db4bbd6e2c5f8fd71b6840512a7249e12a1c63e0e760417e4baa3dc30f51375588410480
-
SSDEEP
384:EXsC43tPegZ3eBaRwCPOYY7nNYXC06/Yosa:EXJTgZ3eBTCmrnNA5p
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
12KB
-
MD5
cff85c549d536f651d4fb8387f1976f2
-
SHA1
d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
-
SHA256
8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
-
SHA512
531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88
-
SSDEEP
192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
Score3/10 -
-
-
Target
$PLUGINSDIR/UserInfo.dll
-
Size
4KB
-
MD5
2f69afa9d17a5245ec9b5bb03d56f63c
-
SHA1
e0a133222136b3d4783e965513a690c23826aec9
-
SHA256
e54989d2b83e7282d0bec56b098635146aab5d5a283f1f89486816851ef885a0
-
SHA512
bfd4af50e41ebc56e30355c722c2a55540a5bbddb68f1522ef7aabfe4f5f2a20e87fa9677ee3cdb3c0bf5bd3988b89d1224d32c9f23342a16e46c542d8dc0926
Score3/10 -
-
-
Target
$PLUGINSDIR/nsExec.dll
-
Size
7KB
-
MD5
675c4948e1efc929edcabfe67148eddd
-
SHA1
f5bdd2c4329ed2732ecfe3423c3cc482606eb28e
-
SHA256
1076ca39c449ed1a968021b76ef31f22a5692dfafeea29460e8d970a63c59906
-
SHA512
61737021f86f54279d0a4e35db0d0808e9a55d89784a31d597f2e4b65b7bbeec99aa6c79d65258259130eeda2e5b2820f4f1247777a3010f2dc53e30c612a683
-
SSDEEP
96:J9zdzBzMDByZtr/HDQIUIq9m6v6vBckzu9wSBpLEgvElHlernNQaSGYuH2DQ:JykDr/HA5v6G2IElFernNQZGdHW
Score3/10 -
-
-
Target
$PLUGINSDIR/nsJSON.dll
-
Size
23KB
-
MD5
f4d89d9a2a3e2f164aea3e93864905c9
-
SHA1
4d4e05ee5e4e77a0631a3dd064c171ba2e227d4a
-
SHA256
64b3efdf3de54e338d4db96b549a7bdb7237bb88a82a0a63aef570327a78a6fb
-
SHA512
dbda3fe7ca22c23d2d0f2a5d9d415a96112e2965081582c7a42c139a55c5d861a27f0bd919504de4f82c59cf7d1b97f95ed5a55e87d574635afdb7eb2d8cadf2
-
SSDEEP
384:n7U5CiIZ1ZC2RvhrTfldNuwQ5pk+BISivMyyOgqCoRUj+OvHxOuofnykhVQJrTU:YoZ1ZnhrTfldqk7Yyy94RxOcVQJrT
Score3/10 -
-
-
Target
$PROGRAMFILES/OptBP/DotNET/$PROGRAMFILES/OptBP/uninstall.exe
-
Size
72KB
-
MD5
37bc8ebe79273cfca07ecd620d4a2ce2
-
SHA1
19a62855f0b41d2fbec89b65c9c3c71a754c1a66
-
SHA256
12dc9d067751d1e20762cd216f5ec13f115349d2164cdc9b27b5522f8c7a8688
-
SHA512
8f1db3514bc8a8386ac773afe52ca3b3dd9368a23132389be8f6b9cc9f1b454d5c702d3e369b22ad37142c42bd37f41b470f7ec00ac522c226a70edcd3808ee9
-
SSDEEP
1536:r/T2X/jN2vxZz0DTHUpou1gSLiAvNYta/qo:rbG7N2kDTHUpou13iAya/qo
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/UserInfo.dll
-
Size
4KB
-
MD5
2f69afa9d17a5245ec9b5bb03d56f63c
-
SHA1
e0a133222136b3d4783e965513a690c23826aec9
-
SHA256
e54989d2b83e7282d0bec56b098635146aab5d5a283f1f89486816851ef885a0
-
SHA512
bfd4af50e41ebc56e30355c722c2a55540a5bbddb68f1522ef7aabfe4f5f2a20e87fa9677ee3cdb3c0bf5bd3988b89d1224d32c9f23342a16e46c542d8dc0926
Score3/10 -
-
-
Target
$PLUGINSDIR/nsProcess.dll
-
Size
4KB
-
MD5
f0438a894f3a7e01a4aae8d1b5dd0289
-
SHA1
b058e3fcfb7b550041da16bf10d8837024c38bf6
-
SHA256
30c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11
-
SHA512
f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7
-
SSDEEP
48:Sz4joMeH+Iwdf8Rom/L+rOnnk5/OCnXeAdbdOAa4GPI+CJ87eILzlq7gthwIsEQW:64c/eFdfS/SSnkxNa4G+ueqPuCtGsj
Score3/10 -
-
-
Target
$PROGRAMFILES/OptBP/DotNET/checkDotNET.dll
-
Size
4KB
-
MD5
8e3f0fbb8649df656b6b3cab643a449e
-
SHA1
a87f414c5e03b6223efcd5fc6e41ec98923f75b7
-
SHA256
22c8af5531be8967da874ce66f0754c231c358f65a7e90e99755fc218e28a35a
-
SHA512
8cbb9fb7184446a586167366d0d70e9f888f86dd1f3d143c3bbe401a6e47a835ee51018ccb35ca38e7b41a8199e091a9e4b473051aa471d8188c0483e3370b46
-
SSDEEP
48:6Vi6Ir6BPI51nS0UgH60SPHulRIdnlv77Ulq9ImLKpfbNtm:r61cc0PSHuhc9+zNt
Score3/10 -
-
-
Target
$PROGRAMFILES/OptBP/DotNET/checkDotNET.exe
-
Size
112KB
-
MD5
56beca6ead8fb6c8b839c20365befcba
-
SHA1
8c9a977a3fe0246dcf3d450d9b2076f42202490b
-
SHA256
f1046fb02322581f47b8a4f0228468083e20b11f8568fcf070a95bc1a91e6329
-
SHA512
a0a9a5b772bd63dcd61d26156cdf00a0ccf70d45379364de24600e64698eb91d7b6ff9f1976d14215e2fc32d0235d00cfcbbf75f75d3a21816981d89270494cb
-
SSDEEP
3072:bz6SAVyxY+XWso4LQyMBPyWvP6S0Ij7a:bIVyJ/El9xL0M7a
Score3/10 -
-
-
Target
$PROGRAMFILES/OptBP/DotNET/checkDotNET35.exe
-
Size
4KB
-
MD5
a16b094169f09696b8d7bad1211ccb33
-
SHA1
7961bcc6c90ca69ea62c8293759ed4e4ac5e7261
-
SHA256
4e6760d61db5235be6854c7db15b85279d74abaeda39fe22b676d711b6052107
-
SHA512
f6baa89ffc014df7c0f8f3501f0c09f2ec484c13c33dfcbb6856381cb6505f8df201c1b2234f09fa7e4cb6f7221d509600e93271eb68193eaef84e3e8374ea1c
-
SSDEEP
48:64h0Wb6iunsMMrlyFQ/Ri1trGlLzgSFypfbNtm:Ki6iuYluQr5zAzNt
Score1/10 -
-
-
Target
$PROGRAMFILES/OptBP/Emis.dll
-
Size
40KB
-
MD5
30811bda37e8447e476e53abe761ce76
-
SHA1
7a23ae20e10bfdca42e4b8b68cdd5fe1ff72ef0f
-
SHA256
a43254b4a656c5a583a8692b1d3ed18d2c291b5c8a478e7aca1ad1105113f4c5
-
SHA512
a5e538fa14f611146995cb0fd3924790ec99986c6198fa054d3820944b3293710400b64559b257fea4e3df53b5eed44232098f0022feb65d120625e6ad7d88d1
-
SSDEEP
384:tmXHnfrkRaphsKAgCOT98e1NxDev0agxvTk2pz9LIIgA9CogUXiSAkqEMvaAn1ku:8kRVf5esHgxoQ6InxTSSNO1keJ
Score1/10 -
-
-
Target
$PROGRAMFILES/OptBP/EventLog/EventLog.dll
-
Size
5KB
-
MD5
1adc42fd1c2f24fe493ad4e1e2e9e924
-
SHA1
2124890576f81f68eb39b62ea39399ea3d870c5f
-
SHA256
1f8c7b744c3d9ba8027b129dd6e17ab7d170bc9769983f1ac20ca448c58a6be3
-
SHA512
fcf9007fc026b372330dc9fbadbcbf1d35441c9faa09d3706f334db88b0b8438dc2f0b18461f17a65fac311a5745553cf97b99ec0df2ea3efa8defca51674460
-
SSDEEP
48:6UiXDUaEuh9tDuaNkqWN0D39/HALKHxKPgIuUGr7CbbBzLEUbuSZ8KVNXUhKOltj:junRu3839YLKHxzTC9zbu8svIVzNt
Score3/10 -
-
-
Target
$PROGRAMFILES/OptBP/EventLog/EventLog.exe
-
Size
106KB
-
MD5
6e09df9efd51bfbc91c61820844c4d2e
-
SHA1
a25b757d53170f38b4c6f7eecfb6fe86fa1ce447
-
SHA256
ddb984b8c4df9cddc6938c9e4c7d5fb2ada0e8fa12790555711b655d711907c0
-
SHA512
1c76b7960e27ef4b9d6524ac620eae77007a15e134d9a43ed69b9d02f94336294b213d7d7d3a3de9c49250373afb7f90289152b1aceb2bcc10f9c87496346394
-
SSDEEP
1536:2B33NwAL34HWbYhkz9JoLNwfWs8jsdo/ZAzi:2B33NwAjytLN+EZN
Score3/10 -