54b51bf19ffce063577597534e1658d25e5756072366cceafec91af5d7382f4a

Resubmissions

21/08/2024, 16:07

240821-tkpbqsxhpb 10

21/08/2024, 16:00

240821-tf5sxs1drp 3

Sharing

Copy URL

Twitter E-mail

General

Target

V1.5.6.+.V1.5.8.zip
Size

3.3MB
Sample

240821-tf5sxs1drp
MD5

376d8646fccd79826d049751bc72ec81
SHA1

63b00bc8e21d97d3be49495a0511b7d38645b6b2
SHA256

54b51bf19ffce063577597534e1658d25e5756072366cceafec91af5d7382f4a
SHA512

b6bfee3294055bf0344430bba9d7ea82c55cb4aa6b84b437ad267a48f48f0f3465f47857a8c8748b42a3385eb783840cbd968395ac860b31a2005986b147cf77
SSDEEP

98304:4irm4peYUuEpjoaua/Iu9ugQ4uPlUST1laev2j:4L48iEWCj3uNbld2j

Score

3^/10

Malware Config

Targets

- Target
  
  V1.5.6.+.V1.5.8.zip
- Size
  
  3.3MB
- MD5
  
  376d8646fccd79826d049751bc72ec81
- SHA1
  
  63b00bc8e21d97d3be49495a0511b7d38645b6b2
- SHA256
  
  54b51bf19ffce063577597534e1658d25e5756072366cceafec91af5d7382f4a
- SHA512
  
  b6bfee3294055bf0344430bba9d7ea82c55cb4aa6b84b437ad267a48f48f0f3465f47857a8c8748b42a3385eb783840cbd968395ac860b31a2005986b147cf77
- SSDEEP
  
  98304:4irm4peYUuEpjoaua/Iu9ugQ4uPlUST1laev2j:4L48iEWCj3uNbld2j
Score

1^/10
behavioral1
- Target
  
  V1.5.6 + V1.5.8/SecHex-Spoofy V1.5.6/SecHex-GUI.dll
- Size
  
  1.3MB
- MD5
  
  ad714ee48d2e829c5012c65de6166c05
- SHA1
  
  5880bac89ca346dae62c053aa49c028372388edd
- SHA256
  
  7d32d13d123871650794a1e172adc70bc8dafbdb762f49d889f813844d532b20
- SHA512
  
  a51252950455dbfb5dfd564689e605b022bdf26f80ad12f3fde3e341a14b8f764324ff3be6f29e4855bd499141e23628e9aabb0e439627dc802814db091d54ee
- SSDEEP
  
  24576:ZfaPwrgBrO1BKH8jPcWYVxHCoh0XeV61r9qZWe7d7NWS91GsVz9cebgS9aI:ZCPwrgBWBKH8jkDVFCNXODzWS9HfX0HI
Score

1^/10
behavioral2
- Target
  
  V1.5.6 + V1.5.8/SecHex-Spoofy V1.5.6/SecHex-GUI.exe
- Size
  
  144KB
- MD5
  
  a3a73bb0b21c4c4c0771d4fda37ad34a
- SHA1
  
  a61e96bcd872da24a548b9d2bd706af102426cea
- SHA256
  
  9c04ca4639650f2707e817c8852bf8e128ab328fa4ef790aba96f8ec17ad5316
- SHA512
  
  b4bd8522d784ed13e8aaf25ab10c3b7a08bc665d79fe1365339381cd783d4df010bf5e0cc934ef6a93592d471bf2e9b67015a680f2454cb1e6a37f889dfdea68
- SSDEEP
  
  3072:98vbzyQ6Y1YXrbNK+3FNxacPEMk65RQA2TWk:9szAXNK+3FVFRQdTW
Score

3^/10

persistence privilege_escalation
behavioral3
- Target
  
  V1.5.6 + V1.5.8/SecHex-Spoofy V1.5.8 (testing)/SecHex-GUI.dll
- Size
  
  1.8MB
- MD5
  
  5b65ac01d6babf936451fb1540a680b4
- SHA1
  
  48fae5874d20a27ab24eeda3a34b36d0e157a15e
- SHA256
  
  39882d08403185d68a6363eb5066bd212003fbd479e6aa78ffbe97c4191949fe
- SHA512
  
  41f3a2c83542f94011f6a8dc02d46f2c5fdaa4a3134838c2701daa68f7a12b0e0e61592c38a1d32443573b92807a5137e1127125f69200cbedb9ff97a77eaa81
- SSDEEP
  
  49152:0X/lx35IEurgBWBKH8jkDVFCNXODzWS9HfX0HId:0X/LJIE3+KH4kpc+DX/0HId
Score

1^/10
behavioral4
- Target
  
  V1.5.6 + V1.5.8/SecHex-Spoofy V1.5.8 (testing)/SecHex-GUI.exe
- Size
  
  183KB
- MD5
  
  c252a43b1d357d08308690545c617031
- SHA1
  
  10312402951264e103983c4c08582b785b588794
- SHA256
  
  b779b45849a4ab5bd8ff296e6c95638c5be4da18b67f1fd195b31795bc21cdfc
- SHA512
  
  c3f359c1bd57276ee9422151e7b32a8232d88b0d2ea220cdd4c1323c39ba7a19540dcd52b393de47274fbbac1b46f4e75d34173fb037ebc755307c80c8cd586f
- SSDEEP
  
  3072:f8vbzyQ6Y1YXrbNK+3FNxacPEMk65RQA2TWTa/2udv0lf:fszAXNK+3FVFRQdTWTJ
Score

1^/10
behavioral5
- Target
  
  V1.5.6 + V1.5.8/SecHex-Spoofy V1.5.8 (testing)/runtimes/win/lib/net6.0/System.Diagnostics.EventLog.Messages.dll
- Size
  
  782KB
- MD5
  
  286f0a973cf2332fbded81cf541fff06
- SHA1
  
  c712b399a1e9217625cac0fa8dfab1c681eb5174
- SHA256
  
  3a2ea792755bbe4674f349d7870aeb917494ac39f96a9e5d9625d4ac68dc3ec5
- SHA512
  
  3b615c3071cf8c13e972391d53ad8310092d2503cd085334162cedcc141b1d25df2694b0034ca87d9dcab26acd69cbc3358deb7bac8a1ec24c142d39eb4e2ac5
- SSDEEP
  
  192:knrMpXKRZwW+1OwvHnhWgN7aFWa8l98RjchC6zm60X01k9z3AifUX:erGKiXvHRN7b8RjcM6a1R9zDfe
Score

1^/10
behavioral6
- Target
  
  V1.5.6 + V1.5.8/SecHex-Spoofy V1.5.8 (testing)/runtimes/win/lib/net6.0/System.Diagnostics.EventLog.dll
- Size
  
  139KB
- MD5
  
  62c63c04c6083330d020cf855c85002c
- SHA1
  
  abfd4f92b132ac47e9b049545be242f86f9a389e
- SHA256
  
  fac816ca0bd5d9c4a17693b37575a5aba901d993133b61d7344b597472fa0c26
- SHA512
  
  afa4870e91b5528001b6a4019b068aacfcaa8040bb492c12b1dca9b0cd236d847b376d77b6222875eefe0ca377babaa541bfbb19f0165fc305775c36134a79a1
- SSDEEP
  
  3072:PDIYZl6zdsy6PbTH2WAwPvXSMoiWJoQ46Kjbj4+:fZAGyoTH2yXSM4u1bD
Score

1^/10
behavioral7
- Target
  
  V1.5.6 + V1.5.8/SecHex-Spoofy V1.5.8 (testing)/runtimes/win/lib/net6.0/System.ServiceProcess.ServiceController.dll
- Size
  
  66KB
- MD5
  
  1c710ef8481e54352a4e1f66a8f7ad8c
- SHA1
  
  ccd1388f0f418e7f74f10bad6f32c175b68e6880
- SHA256
  
  d11b97c114101961bcc7acb0bb17e536708593c0321b6107942fba20cb430c65
- SHA512
  
  f658e2a506e8c7a11a8e91ff069b63e84a1131742cd1928f2b9ca77e97ebbfdcf64b9452496f9e345a9fba70863ce3928fe6c5886a09f2c84682893ad4e1451d
- SSDEEP
  
  1536:1zf8ajD3rRdO3OtMdq+K7j3RN0pmDf93zu:1zzD3116dq+K7jRNKmZa
Score

1^/10
behavioral8
- Target
  
  V1.5.6 + V1.5.8/SecHex-Spoofy V1.5.8 (testing)/runtimes/win/lib/netcoreapp3.0/System.Runtime.WindowsRuntime.UI.Xaml.dll
- Size
  
  39KB
- MD5
  
  7141c72e54fe9a7ed39ef89814de67d9
- SHA1
  
  bccef028036224c6f0bb168d104d0f6adb186dc5
- SHA256
  
  884442e44bcef27d917e5de5b69cbd4a297830e0b98b84495c7ab7486fa47332
- SHA512
  
  9d3a1da9f050dd7df26f3a35dcfef5766adf4d3627b9d28a57359414b1d67aee7a8b6176674a01a5a3b099e21be5ce9d3c911af42fe5150469e37ff8a92a7efb
- SSDEEP
  
  768:XFUvumWzh6pCPtrpeHWGj45ZOo2HNB+LXDPp8vkyFww8L1v:XSIzDW2Gjjk7akyFwBxv
Score

3^/10

discovery
behavioral9
- Target
  
  V1.5.6 + V1.5.8/SecHex-Spoofy V1.5.8 (testing)/runtimes/win/lib/netcoreapp3.0/System.Runtime.WindowsRuntime.dll
- Size
  
  130KB
- MD5
  
  0198a79063c865ed21c95b7400ddd9fc
- SHA1
  
  b56b4bc0760914149e8d43288d5c151b7fb8ab43
- SHA256
  
  be26699765f700a29c3928e10f6d1e02a297dff3ba6eb7afb6ec41003cb3d665
- SHA512
  
  fa77da06a33ae646f69dcadeaeb71524a91cbdd1e9d8008c5fa278039bede09dab87b74765ff5fdf133a4f864d2a324659618d58a30e7dd165408b1c3be889ef
- SSDEEP
  
  3072:zmhU+vMwoh1Zz+Wzvo3Z/O6ZFJX3JhKLqAOd:zgU+Ewmz+W7m/DFJXvKe
Score

3^/10

discovery
behavioral10

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

T1546

Netsh Helper DLL

T1546.007

Privilege Escalation

Event Triggered Execution

T1546

Netsh Helper DLL

T1546.007

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Time Discovery

T1124

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10