Overview
overview
10Static
static
109070036232...0N.exe
windows7-x64
109070036232...0N.exe
windows10-2004-x64
10$0.dll
windows7-x64
3$0.dll
windows10-2004-x64
3$2.exe
windows7-x64
3$2.exe
windows10-2004-x64
3$3.exe
windows7-x64
3$3.exe
windows10-2004-x64
3$COMMONFIL...st.exe
windows7-x64
3$COMMONFIL...st.exe
windows10-2004-x64
3$COMMONFIL...64.exe
windows7-x64
1$COMMONFIL...64.exe
windows10-2004-x64
1$COMMONFIL...dr.dll
windows7-x64
1$COMMONFIL...dr.dll
windows10-2004-x64
1$COMMONFIL...dr.sys
windows7-x64
1$COMMONFIL...dr.sys
windows10-2004-x64
1$COMMONFIL...dr.dll
windows7-x64
3$COMMONFIL...dr.dll
windows10-2004-x64
3$COMMONFIL...dr.sys
windows7-x64
1$COMMONFIL...dr.sys
windows10-2004-x64
1$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3ssranghk.dll
windows7-x64
3ssranghk.dll
windows10-2004-x64
3General
-
Target
9070036232769ef3d265188fff67ea50N.exe
-
Size
1.9MB
-
Sample
240816-x8s7dawdrq
-
MD5
9070036232769ef3d265188fff67ea50
-
SHA1
1d1aabe9cc3e2259452e31c8bcaddfbd845fc003
-
SHA256
061be13ea4ba484514d798f70838648d72f09a5ca6c58a608d9b6d28e63146d1
-
SHA512
a3397b4f583b2839be791552515c063d3d5505909449ef94370e1e6163a0b1e8d359a8d19273c911b4b49bfc4537737631b7677aa759014723d79df8b2d8ea9f
-
SSDEEP
49152:8gwH+Hl2+jmaJhsYAH5e6duUPUau0rqURpUpE129j:pF2+/ZAHRu0UwmypUrJ
Behavioral task
behavioral1
Sample
9070036232769ef3d265188fff67ea50N.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
9070036232769ef3d265188fff67ea50N.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
$0.dll
Resource
win7-20240705-en
Behavioral task
behavioral4
Sample
$0.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
$2.exe
Resource
win7-20240704-en
Behavioral task
behavioral6
Sample
$2.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
$3.exe
Resource
win7-20240729-en
Behavioral task
behavioral8
Sample
$3.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
$COMMONFILES/supportdotcom/rang/driverinst.exe
Resource
win7-20240708-en
Behavioral task
behavioral10
Sample
$COMMONFILES/supportdotcom/rang/driverinst.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral11
Sample
$COMMONFILES/supportdotcom/rang/driverinst64.exe
Resource
win7-20240705-en
Behavioral task
behavioral12
Sample
$COMMONFILES/supportdotcom/rang/driverinst64.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral13
Sample
$COMMONFILES/supportdotcom/rang/nt_amd64/ssmirrdr.dll
Resource
win7-20240708-en
Behavioral task
behavioral14
Sample
$COMMONFILES/supportdotcom/rang/nt_amd64/ssmirrdr.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral15
Sample
$COMMONFILES/supportdotcom/rang/nt_amd64/ssmirrdr.sys
Resource
win7-20240704-en
Behavioral task
behavioral16
Sample
$COMMONFILES/supportdotcom/rang/nt_amd64/ssmirrdr.sys
Resource
win10v2004-20240802-en
Behavioral task
behavioral17
Sample
$COMMONFILES/supportdotcom/rang/nt_x86/ssmirrdr.dll
Resource
win7-20240705-en
Behavioral task
behavioral18
Sample
$COMMONFILES/supportdotcom/rang/nt_x86/ssmirrdr.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral19
Sample
$COMMONFILES/supportdotcom/rang/nt_x86/ssmirrdr.sys
Resource
win7-20240704-en
Behavioral task
behavioral20
Sample
$COMMONFILES/supportdotcom/rang/nt_x86/ssmirrdr.sys
Resource
win10v2004-20240802-en
Behavioral task
behavioral21
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240708-en
Behavioral task
behavioral22
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral23
Sample
ssranghk.dll
Resource
win7-20240704-en
Behavioral task
behavioral24
Sample
ssranghk.dll
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
9070036232769ef3d265188fff67ea50N.exe
-
Size
1.9MB
-
MD5
9070036232769ef3d265188fff67ea50
-
SHA1
1d1aabe9cc3e2259452e31c8bcaddfbd845fc003
-
SHA256
061be13ea4ba484514d798f70838648d72f09a5ca6c58a608d9b6d28e63146d1
-
SHA512
a3397b4f583b2839be791552515c063d3d5505909449ef94370e1e6163a0b1e8d359a8d19273c911b4b49bfc4537737631b7677aa759014723d79df8b2d8ea9f
-
SSDEEP
49152:8gwH+Hl2+jmaJhsYAH5e6duUPUau0rqURpUpE129j:pF2+/ZAHRu0UwmypUrJ
-
Detects Strela Stealer payload
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
-
-
Target
$0
-
Size
47KB
-
MD5
477ae0b984507516552b27ec80809eaa
-
SHA1
ae1af819d153128d9f55ac9e09430004f824ad6f
-
SHA256
f8a2c8d8b0f7fd0332930d3d18517df3c98a6ab2814d9a5f03e35f72774359d3
-
SHA512
f3a852d408a17411c6878e64bf08e2965191d71098216091ba18ab9582900d7e0b59795bf7307689213b4507cf248848e80920456c4d975787751527447d196e
-
SSDEEP
768:a65zgCynVlXWh1+OU/hYJweGvUAu3s8yTLPksGnTEDLDRvyPCB1:nqPlXa1vU/sweGs7sPTLPUPPCL
Score3/10 -
-
-
Target
$2
-
Size
2.2MB
-
MD5
3c58ee787f100d9c124fde7d41e2b40c
-
SHA1
794539da76db30d2193bc0e7f705a66816994773
-
SHA256
9ba659ce26f5e4bc1dd98d7d41ac1514bb2853d68c3d56707f7a050cfb08ed87
-
SHA512
2340c7f37ff53fcc9cecc77b0e87f6b86600f3cd08aa8bb0da87b9e041943cfcac87d6660187611cf7ee0eeb900a6f28272251bd60e0f2664da0e49c19667a5f
-
SSDEEP
49152:OxpVf/Sa5WFtRnCU/6T2hzSBZvvT9dPZpU7Up9rXCGT5Sp/VZt6H/a:mSa5ICU/T8vTw7U7CtV/
Score3/10 -
-
-
Target
$3
-
Size
1.7MB
-
MD5
867f418fffc2dd61dd3fc065f4ab29bb
-
SHA1
9558d4995c70048cfcd7cfd4718f38babd6ba581
-
SHA256
2d2648a2e454e1637086d90b0a9071df66dd3de61c42ae88e4b1362aa51b21e4
-
SHA512
ebcaa8e676509b56bae4318ca800383b8b306b8425a0a5e4c55c69a9bc38937a5f806874924efb8b6f6b0624ad0c09b140c4c63127a2573069ac178f03817238
-
SSDEEP
49152:D/dZ0ao9Uns/o6TW2uDg3riKPTHBRbBxvcaqxiJrcXKu4p/xTR3Z4HK4S:RZ0ayUnn6TW2uDg3riKPTHBRbBxvtqqt
Score3/10 -
-
-
Target
$COMMONFILES/supportdotcom/rang/driverinst.exe
-
Size
14KB
-
MD5
ae68f797651e2da0447bd2f28aaa31b7
-
SHA1
e3d1981e36f163c2947e60df1aef7ab208e18435
-
SHA256
a5d6b459ce511916464facd547685dfe548fff00cc312c246ce61fc1e1328345
-
SHA512
da5e5a14571ba6e8f09276e944860a531470d0708517f732c85f0ec48a1d48e9b1ef0c34a8a7ef27727e07aee6ccae24fff028440de020de26bc7cd4f9baedf2
-
SSDEEP
192:loyf/DNEJ921Ofs7hM52nYe+PjPErQdq+v5r9ZCspE+TMwrqE1gQR:pu921Ofs7hM52nYPLtdqeMdC
Score3/10 -
-
-
Target
$COMMONFILES/supportdotcom/rang/driverinst64.exe
-
Size
16KB
-
MD5
198aecd00486eadd45b763ecf6b850ef
-
SHA1
8141e2a173f5ed8a1ee4111a9dbf3973f87583e7
-
SHA256
da94f1da1d256ad7edcacb856d7712fae587714e8372462871b9b8390697e66e
-
SHA512
9968dc12d98ca2e7a4d6a90f01228d27c2c67f46cfe2e5cac61c1ada698e84e1fd43afd7b30dd30240ed6eea1ff5fb6e1f9ba7d15303baa889a34f24d4f46703
-
SSDEEP
192:eDiM4Cvk+sej9brlWzyON4M5AKnYe+PjPErQdq+v5r9ZCspE+TMwr7ROe:eDiM40qeRbrwzdN4M5/nYPLtdqeM0D
Score1/10 -
-
-
Target
$COMMONFILES/supportdotcom/rang/nt_amd64/ssmirrdr.dll
-
Size
31KB
-
MD5
28b26600204f79045eda8f7fd8ca3c86
-
SHA1
b9f19e36b80eb862370d99b466664380440af6d5
-
SHA256
5140f07b878efd1b74ee9f5821a207d1cee65952702ff75c49a4522face230c6
-
SHA512
aebd4425b846883e1f49da18edf3b7c96a9fb9ddb7ce709938b21eae169bdaeb5ce6bf8593638b5c887b26de7476b793a4691a7d56e46796bb658f1e516ad3c1
-
SSDEEP
384:KzkRjefjUQ2IeuDLnoEGfNu5hPpObpgmNZy047rGAU0rnFM3b9YJLeUmbCJA13o:0yuYIPpO9gmNZy37rjUGncboLeBbCJc4
Score1/10 -
-
-
Target
$COMMONFILES/supportdotcom/rang/nt_amd64/ssmirrdr.sys
-
Size
9KB
-
MD5
1100066057fbf612b573efd3b21383f1
-
SHA1
f95db83ea936f1fe70583a4eca810da807167dfe
-
SHA256
894f5a999e03807dffea67938d2e456d50d9e5511fe91d2e2293c51d98b3d87d
-
SHA512
62850de88b00daeab3299fec2bbd9aa0b07f766b96f42392310cb4f23c9e50f0aa8bc87f82e28cd99c195ea205a26c083d048cbac3341861dcee4a5eabb9dea8
-
SSDEEP
96:nhVr58/4Yg+iPoHQjzQMLy+eloBw+ebCfMSy2R2KnlTkqs1IHb9S:nhm2+yowJL/elGw+ebCfRyQpkqs1I5S
Score1/10 -
-
-
Target
$COMMONFILES/supportdotcom/rang/nt_x86/ssmirrdr.dll
-
Size
27KB
-
MD5
c48e3ca416da093ae18db54ebe8c13b3
-
SHA1
7d06586938d286cb03900a302633774b3653214a
-
SHA256
f7f6819a38b2dcc2541777a4a7ce3d85c4c27b8afd7513220c7388e3ad3f1b52
-
SHA512
30f5466e98e3273ebd8cd4c5eee35fbd0257bdd1874c3175ccc775d05aeee8d67dfd040b09bf14ac00a131e3e5b3c473f4ec078ed2ebf89d2b63999fc1c3c59e
-
SSDEEP
768:IEoI8qJUk4NOWX7rHvbY01aGkHSb9LeBbCJcw:zoI8quUsLY01azI9qRCSw
Score3/10 -
-
-
Target
$COMMONFILES/supportdotcom/rang/nt_x86/ssmirrdr.sys
-
Size
9KB
-
MD5
f843301bdadb2728822c83413ef5f132
-
SHA1
3d8b8514078b19cc98aed4b0d74d1497b79f3512
-
SHA256
c36cb4e972671c9c7fabfeedd20fd1e239afaf69ad88586a32b9b2c1fa2a2fdf
-
SHA512
552b28d05169bb52dd336d2b2b547bf0cde2f855f28109338544e98c63f27f22b6287a00b9addc0efe089670f5a844996b0a9eedc87d1d64d4086235047adb0c
-
SSDEEP
96:/OlR5IPbgYBiPoHQjzQMLy+eloBw+ebCfMSy2R2KnlTkqs1IHb9FPI:sXuyowJL/elGw+ebCfRyQpkqs1I5FPI
Score1/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
c17103ae9072a06da581dec998343fc1
-
SHA1
b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
-
SHA256
dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
-
SHA512
d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
-
SSDEEP
192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score3/10 -
-
-
Target
ssranghk.dll
-
Size
39KB
-
MD5
8cab6c22e508bf8add2f61d1a5e74786
-
SHA1
08a666d8bce25ba81b0473462d8d831b30c8b2ce
-
SHA256
53ad29f3cf9019c4104649c3e7c670643cb665e737001ef9541d876e939ade4a
-
SHA512
952c9d51159def01e1a9533306e07a91dbcef7e3175a3362fc783437952fd0fe51a8a0e1eb1b9b6a13ed8cb00e64593d02b3f24be6d5d4bdb827417a5d999b89
-
SSDEEP
768:cX4j/ABFxIQ76prJnTMNheNmnTEDV3vy6/Br1M:K0+F+Q7+rOzNTY
Score3/10 -