6c0d68f540576b53b24a28d1c0b404a2c6e1c3633ec5a9b7f0d5959f281a4cda | Triage

Sharing

General

Target

General_ToolBox_Eng_Extranet_Install_V1.010.0000001.0.R.20220302 (1).zip
Size

38.6MB
Sample

240821-jkmsssxakh
MD5

83f4cf4ce7e5197abdf393262d228771
SHA1

b98e277f26caae5be9a8ddb9bc66d4fd42ee82fa
SHA256

6c0d68f540576b53b24a28d1c0b404a2c6e1c3633ec5a9b7f0d5959f281a4cda
SHA512

154d92ea2189a9e981e0c52ff9a0317814fe928d3828b602f464ad6596f9a47ca47252b308c66d0ec2652422fd973edb26c5f43afc0c34e8ee7e0c8bd885fa47
SSDEEP

786432:aDoW1O5jTwCxHhSozBT6JztoIRGayVmTQtAFjK5skek:4odZnxVQOGGaRTQtEmyk

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  General_ToolBox_Eng_Extranet_Install_V1.010.0000001.0.R.20220302.exe
- Size
  
  38.7MB
- MD5
  
  b4b567ca1891125a3fc403f4f7836417
- SHA1
  
  211cb4f0d73617eac9268e8681d9119505fea594
- SHA256
  
  bfd5135fb86ec881732283e700ac1432453c7b2e69592637f392b0d9091ff26f
- SHA512
  
  2795fd0840fc0209976f478fd2113d9ed93bcb099d6c388b495fec3f9319ec59917779232b5c611ae2ea83dcde192f89873cb86b1f0f1a206e719c0f3a480d52
- SSDEEP
  
  786432:f7owP035xSXvfpEotHqIGH29D89cpvmtUjrg9P8m:DonpwvQ8D892vmtA5m
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/ButtonEvent.dll
- Size
  
  4KB
- MD5
  
  55788069d3fa4e1daf80f3339fa86fe2
- SHA1
  
  d64e05c1879a92d5a8f9ff2fd2f1a53e1a53ae96
- SHA256
  
  d6e429a063adf637f4d19d4e2eb094d9ff27382b21a1f6dccf9284afb5ff8c7f
- SHA512
  
  d3b1eec76e571b657df444c59c48cad73a58d1a10ff463ce9f3acd07acce17d589c3396ad5bdb94da585da08d422d863ffe1de11f64298329455f6d8ee320616
- SSDEEP
  
  96:hrA2+5HGZFYJf9D8IjDflDCoMzncsGSmE:hE2+5mMJfJ8v1zFGSm
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/FindProcDLL.dll
- Size
  
  31KB
- MD5
  
  83cd62eab980e3d64c131799608c8371
- SHA1
  
  5b57a6842a154997e31fab573c5754b358f5dd1c
- SHA256
  
  a6122e80f1c51dc72770b4f56c7c482f7a9571143fbf83b19c4d141d0cb19294
- SHA512
  
  91cfbcc125600ec341f5571dcf1e4a814cf7673f82cf42f32155bd54791bbf32619f2bb14ae871d7996e9ddecdfcc5db40caa0979d6dfba3e73cfe8e69c163c9
- SSDEEP
  
  384:1NWlNdqdAnhTKMLE2oIM05fnqCiWg3Yy9kflIinokN:1NWtqdihTKCldkYwkdpnoy
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/MsgDLL.dll
- Size
  
  404KB
- MD5
  
  0ad4a1201285c6acca5b8fb61b5db4b9
- SHA1
  
  b9234c5bdc6d175b40b5837e8e129c2aa243e903
- SHA256
  
  4ae2012d63d66f479fb9838477839520c50ae3f2c3f9d51b51be495b1ac3c4ec
- SHA512
  
  9fbc90ff196171da5bb1fbe6bee033180f0f96b878ab9082c78712049c4fee4ccc716b00e1a95b97040983bb3be0648443c71f8c34e331ec290d32577194769a
- SSDEEP
  
  3072:NGZiC/a3JyK8T6I4Uik9e8Xot4IJZdwy65vN0Ywr73oF9RVxJSVtD58GVrTLWyiM:ena3JyK9I4UdjXoEHNZJSV8GV3
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/ShellLink.dll
- Size
  
  4KB
- MD5
  
  aad75be0bdd1f1bac758b521c9f1d022
- SHA1
  
  5d444b8432c8834f5b5cd29225101856cebb8ecf
- SHA256
  
  d1d1642f3e70386af125ec32f41734896427811770d617729d8d5ebdf18f8aa7
- SHA512
  
  4c6e155cdf62cc8b65f3d0699c73c9032accefaa0f51e8b9a5c2f340ec8c6f5fab0ea02aad0abed476b3537292ba22d898589812850968e105ac83680d2f87d0
- SSDEEP
  
  96:Lno1dF1kBjthIjDfCnke7+bzYz3Cl6nfkfLGO:LU+h8
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/SkinBtn.dll
- Size
  
  4KB
- MD5
  
  e4ec95271ff1bcebab49bdfed6817a22
- SHA1
  
  2c03e97f4773aea80ecdb98a1482e5896fe4677b
- SHA256
  
  ee1c06692a757473737b0ebdef16f77b63afac864d0890022d905e4873737dd6
- SHA512
  
  771a527133806307a1b17b7e956d6a3c16e9bc675bf084b43204ae784a057dac2726dbf90645692876043a4e7365ba8825c167621fde4760c79cd84679e2aa3d
- SSDEEP
  
  48:iIf3aEDfeWm8JHFQbUrUPJJDFoetaxn/pFW3GNivz187eqzI/kMr8oX0Zbj:lv9Dfw8DQbhD2iaxn/PHmiNI/dQFZH
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/SkinProgress.dll
- Size
  
  4KB
- MD5
  
  cc037c4703d3ec257efeef2ce0a1a20e
- SHA1
  
  b3d6cc8f687a31fb2c1a5921a38de9429af20502
- SHA256
  
  888b32ecbc37ce67d4edc28d894cba0a4f4e2488cfc2212d1af011bd0bfe97ff
- SHA512
  
  120bfa0a68775bef04c1863023b0e73a41982284fb36da7f497fbb7d5ed8631ad02fa09951424d339f6fefaa90a17c12f949dd68bb33bad64b1b7cace489d2a7
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/TestDLL.dll
- Size
  
  388KB
- MD5
  
  281c94835476af29fb723e7db3507c9c
- SHA1
  
  8921c61eaff715b11c30050b756f0e62f59fa171
- SHA256
  
  1f04c14f43471a5a4d885275e704abcba460e06ce22a7e17c731a9aa83ea1ce1
- SHA512
  
  b9d6477e0c4ae8f563ea460b9fb5bc477c19ed82c3942eb0ea3c5fc58d8d54959121dc12eb4d1fc75892d2f0e16296c6fcce4f4c8db0de964f91d6c004081d30
- SSDEEP
  
  3072:cKYCXwRNVWVj8dnjUNBXUBYtkGjZ/EIEhwr73h4ct35xac1rJTa0dO:oeMVWVjqnj2MaEIDxac1j
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  c10e04dd4ad4277d5adc951bb331c777
- SHA1
  
  b1e30808198a3ae6d6d1cca62df8893dc2a7ad43
- SHA256
  
  e31ad6c6e82e603378cb6b80e67d0e0dcd9cf384e1199ac5a65cb4935680021a
- SHA512
  
  853a5564bf751d40484ea482444c6958457cb4a17fb973cf870f03f201b8b2643be41bccde00f6b2026dc0c3d113e6481b0dc4c7b0f3ae7966d38c92c6b5862e
- SSDEEP
  
  96:hBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4VndY7ndS27gA:h6n+0SAfRE+/8ZYxMdqn420
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/nsisSlideshow.dll
- Size
  
  8KB
- MD5
  
  379fc69af4ffaf5cd5d0e3f6ded9376f
- SHA1
  
  e7685656d854c464a1a1299abc24177849496a54
- SHA256
  
  ef4be0f68c8ca2ea4434e9daf2b36e5443327a9b2a0fb8857c820183a757b9a4
- SHA512
  
  c8db8caed243ee80038af4a74f1898762167b952febccd9b4974d0e93938040aad9c8d53ff288aafd1e388845c3cd6ea24a13aa37f893af4b2fa63c5add091e5
- SSDEEP
  
  96:6Yv3HPVmlUU2R2wwJrUIlRSnZCm4bgPbV034rCnkK/8zSciz:6Yv5UDeIyZCm4bgPbVQ4rkkwUxi
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/progress.dll
- Size
  
  208KB
- MD5
  
  10d73356f0dace1ddd9be92d52577375
- SHA1
  
  c29974f2c5c5ecaffdf3cabf570a885690647155
- SHA256
  
  7d936aebee57e04338308ed8c52ce2c24e21b2978721326be3eb9e90c080834e
- SHA512
  
  4864585412734b4d0c5ae7af0c5e5fd3f70646d5ce72ba55594a2051aded0750a9f727c78a28e5f34a0f4dcc9bd0581c53e87c0144f049070c801680c9258cee
- SSDEEP
  
  3072:1sRl0qQ1EjUlVTwSA0pRn10YfBCZ2yDOiI68dawr731stIy0ToyYd:ir0+jUl9A0l01qXvyW
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  $TEMP/dll/MsgDLL.dll
- Size
  
  404KB
- MD5
  
  0ad4a1201285c6acca5b8fb61b5db4b9
- SHA1
  
  b9234c5bdc6d175b40b5837e8e129c2aa243e903
- SHA256
  
  4ae2012d63d66f479fb9838477839520c50ae3f2c3f9d51b51be495b1ac3c4ec
- SHA512
  
  9fbc90ff196171da5bb1fbe6bee033180f0f96b878ab9082c78712049c4fee4ccc716b00e1a95b97040983bb3be0648443c71f8c34e331ec290d32577194769a
- SSDEEP
  
  3072:NGZiC/a3JyK8T6I4Uik9e8Xot4IJZdwy65vN0Ywr73oF9RVxJSVtD58GVrTLWyiM:ena3JyK9I4UdjXoEHNZJSV8GV3
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  7z.dll
- Size
  
  1.0MB
- MD5
  
  20005925d98d1a31e2940337aec9afc0
- SHA1
  
  779b827b6196ed3f247029a49ddc36fc8a08068a
- SHA256
  
  ab35d0798f0548fa4c55ea14a4e129372baf01b1ff3da5bfd5cdd55fe72d1f1e
- SHA512
  
  b41130718d73dd3e0e9ee8eed8a9cd1196c187b10793c58decac855ecf490e42a1c235f3e3beb1c893f8f00c0f1f0a48950f20a50e3d042adda642500cf0fbd5
- SSDEEP
  
  24576:wi5PJIx11kITLM49ND6xp7mmUvPWrn9yQrKaTe3nI7Q:j5PCzTLM49NDtGrn9PGX3nIQ
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  7z.exe
- Size
  
  259KB
- MD5
  
  a10bf0e8d40b78c8b0b43a6a6fed9207
- SHA1
  
  0999873e46ae4a8f6740aa826773037c94fc5e18
- SHA256
  
  3d921cc9c553941d646c34cc6a79259e530c4a7652abcdd4b680e923f45090f6
- SHA512
  
  76e0e75288b05de8f71e464c8d23f9d18f785a6abf86b61f388177f044b959fe10363a05fa6031184758ad869ff855d648bf05e32e48531208372e59e354a206
- SSDEEP
  
  6144:co+AdpbEPf4Qn65VGQgpYZPsIpSWZfX8:co3CPQosVhgwPs
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  D3Dcompiler_47.dll
- Size
  
  3.3MB
- MD5
  
  c5b362bce86bb0ad3149c4540201331d
- SHA1
  
  91bc4989345a4e26f06c0c781a21a27d4ee9bacd
- SHA256
  
  efbdbbcd0d954f8fdc53467de5d89ad525e4e4a9cfff8a15d07c6fdb350c407f
- SHA512
  
  82fa22f6509334a6a481b0731de1898aa70d2cf3a35f81c4a91fffe0f4c4dd727c8d6a238c778adc7678dfcf1bc81011a9eff2dee912e6b14f93ca3600d62ddd
- SSDEEP
  
  49152:PyZ9lnpmVm/w+EwVOmufvkQS8MH2J9CqS5Sqr88pPWW5KhQYPsXqUiQ6:E9fWAwVBC8MH2JNSF8+YPsXqUT6
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32