8fef46b5b026c0a615b3e62d8a4ebfe9de8787417f17c3d5e4741006b6e4ae79 | Triage

Sharing

General

Target

4f19f13d5d3b065b9fe5b47259ad6380N.exe
Size

1.8MB
Sample

240822-28fcqsvfpn
MD5

4f19f13d5d3b065b9fe5b47259ad6380
SHA1

6978eef566290e85a8cdead26ce6e917c943bbc3
SHA256

8fef46b5b026c0a615b3e62d8a4ebfe9de8787417f17c3d5e4741006b6e4ae79
SHA512

c66a1e1d77c1600b36669e16e7a5eb079ba9eecd39cffe12ee2aff7772aa96295e5e630dfa4d4476a1e471c25a7945374c526ee2b4901db0e0c6c132dbde26ca
SSDEEP

49152:zO2z8olzmdLJvAfjfoEEMh+36IxnYOzg7/:zOO88+JofzoEEc+3nBzW

Score

3^/10

discovery execution

Malware Config

Targets

- Target
  
  4f19f13d5d3b065b9fe5b47259ad6380N.exe
- Size
  
  1.8MB
- MD5
  
  4f19f13d5d3b065b9fe5b47259ad6380
- SHA1
  
  6978eef566290e85a8cdead26ce6e917c943bbc3
- SHA256
  
  8fef46b5b026c0a615b3e62d8a4ebfe9de8787417f17c3d5e4741006b6e4ae79
- SHA512
  
  c66a1e1d77c1600b36669e16e7a5eb079ba9eecd39cffe12ee2aff7772aa96295e5e630dfa4d4476a1e471c25a7945374c526ee2b4901db0e0c6c132dbde26ca
- SSDEEP
  
  49152:zO2z8olzmdLJvAfjfoEEMh+36IxnYOzg7/:zOO88+JofzoEEc+3nBzW
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/BgWorker.dll
- Size
  
  2KB
- MD5
  
  33ec04738007e665059cf40bc0f0c22b
- SHA1
  
  4196759a922e333d9b17bda5369f14c33cd5e3bc
- SHA256
  
  50f735ab8f3473423e6873d628150bbc0777be7b4f6405247cddf22bb00fb6be
- SHA512
  
  2318b01f0c2f2f021a618ca3e6e5c24a94df5d00154766b77160203b8b0a177c8581c7b688ffe69be93a69bc7fd06b8a589844d42447f5060fb4bcf94d8a9aef
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/GetVersion.dll
- Size
  
  6KB
- MD5
  
  5264f7d6d89d1dc04955cfb391798446
- SHA1
  
  211d8d3e7c2b2f57f54a11cb8bc4fa536df08acc
- SHA256
  
  7d76c7dd8f7cd5a87e0118dacb434db3971a049501e22a5f4b947154621ab3d4
- SHA512
  
  80d27ee2f87e2822bd5c8c55cc3d1e49beebb86d8557c92b52b7cbea9f27882d80e59eefa25e414eecee268a9a6193b6b50b748de33c778b007cde24ef8bcfb7
- SSDEEP
  
  96:E12Z84uiwpGTVTDSpaHYfniz0R3GhCvXY6Ix5vdR7pBi46AQ5Vu4:2STVTGwYhR3GhCvy5vH7pBi46AQ5Vu
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/Rfshdktp.dll
- Size
  
  2KB
- MD5
  
  9410591a148871a6d0629cf25b94526f
- SHA1
  
  be1e8b0fe8327f185136a0d2460a68f720484535
- SHA256
  
  acc76e81f71e7f2ba58c36d678bc9ae4705e0187a3cdfa6d0025190467d9c0c7
- SHA512
  
  465d3e418e769b907262e07cbca3d2c5132bf328431d456be09c059821be20a6d30106562d7ef0bfa93ca219b2abe57ee891d937419fc4b8840987b184b45df0
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/SkinBtn.dll
- Size
  
  4KB
- MD5
  
  e4ec95271ff1bcebab49bdfed6817a22
- SHA1
  
  2c03e97f4773aea80ecdb98a1482e5896fe4677b
- SHA256
  
  ee1c06692a757473737b0ebdef16f77b63afac864d0890022d905e4873737dd6
- SHA512
  
  771a527133806307a1b17b7e956d6a3c16e9bc675bf084b43204ae784a057dac2726dbf90645692876043a4e7365ba8825c167621fde4760c79cd84679e2aa3d
- SSDEEP
  
  48:iIf3aEDfeWm8JHFQbUrUPJJDFoetaxn/pFW3GNivz187eqzI/kMr8oX0Zbj:lv9Dfw8DQbhD2iaxn/PHmiNI/dQFZH
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/SkinProgress.dll
- Size
  
  4KB
- MD5
  
  cc037c4703d3ec257efeef2ce0a1a20e
- SHA1
  
  b3d6cc8f687a31fb2c1a5921a38de9429af20502
- SHA256
  
  888b32ecbc37ce67d4edc28d894cba0a4f4e2488cfc2212d1af011bd0bfe97ff
- SHA512
  
  120bfa0a68775bef04c1863023b0e73a41982284fb36da7f497fbb7d5ed8631ad02fa09951424d339f6fefaa90a17c12f949dd68bb33bad64b1b7cace489d2a7
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  bf712f32249029466fa86756f5546950
- SHA1
  
  75ac4dc4808ac148ddd78f6b89a51afbd4091c2e
- SHA256
  
  7851cb12fa4131f1fee5de390d650ef65cac561279f1cfe70ad16cc9780210af
- SHA512
  
  13f69959b28416e0b8811c962a49309dca3f048a165457051a28a3eb51377dcaf99a15e86d7eee8f867a9e25ecf8c44da370ac8f530eeae7b5252eaba64b96f4
- SSDEEP
  
  192:0N2gQuUwXzioj4KALV2upWzVd7q1QDXEbBZ8KxHdGzyS/Kx:rJoiO8V2upW7vQjS/
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/UAC.dll
- Size
  
  18KB
- MD5
  
  f4c53393f965edc7b40b3db3ee795af9
- SHA1
  
  59f45733ca2cd0af4155bdde3ca45fea9008f7ed
- SHA256
  
  cd66ba3f2f35ed823e740addc1bca8dd8547e158d2b0000ced6b252433b5dd5e
- SHA512
  
  37724bec245a9219c24a40e426635efaf9a582381ffbae70a9003756ff1e1566197747c568c46b3fc0cee114ca0bb259f57f3292979e16d8d9acaf6e046b8c8f
- SSDEEP
  
  384:AXU8AHMsuAbwKKwFwcnAoIx2Ta5p2/V0H+mpbZ5BzISD:GAHvuiwhwFmBgV0HzpRzI
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/WebCtrl.dll
- Size
  
  5KB
- MD5
  
  418a34a689d5f9bb85fc951168749edb
- SHA1
  
  0b75ce26883e12944abdbb67c143000fd0905d6b
- SHA256
  
  915322078d1f8eb278250f446c1960e1555ffa0f8dcd048a48ed32fe7f5a5b3f
- SHA512
  
  9aabb74cfd37cbda4718077ba76c7906e0f3ab5949e99f9d800fb1952757a60cabe29413f054f62e2887ff57aeb9d355532fd1662ebf3a523a500b20fe702b90
- SSDEEP
  
  96:LyoDfEPD4Z0H3G7bLTb3LOg0AwBeRzrJ:LuP0aH3G/LX6g0x4Rz
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/WndSubclass.dll
- Size
  
  4KB
- MD5
  
  0a0218f11d82cdcc4f50de8edd58f3ca
- SHA1
  
  ba387579a8ddd175811c762902a9bf3a51ba9fd2
- SHA256
  
  938e4ae758aebc6f1609aab9f8d068689fba91c6f3bf5bb46e4df575616fcd29
- SHA512
  
  46742bc09b5199ac16fb2753a4b1584fa1b39d497869719e297574dfbfe4a0aa86ba7c6b77ef38e5e27734005c9d15036c52a577b08cfdfa104daae2ee756a5e
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/install_protocol.htm
- Size
  
  21KB
- MD5
  
  ae6e5a93d84ffaa85bdac786118c4d3a
- SHA1
  
  f7f7cacd382c661fe1036f83503da07efe9375b4
- SHA256
  
  8fa2618f2467e5dd5e6ce02280f9542e474dbbe06b773f805bb31feeb5535f64
- SHA512
  
  dc0d67a2c397ab70cc218643267eb966cc2a5d85294a573c501e905b8625aebacbf2fddaad949ebf0551023d807ce5c046f3796580d0cba4702bcf2a14b59dd1
- SSDEEP
  
  384:m5kZ5mI2B3duy5abXY+vztniYKK8i/BEKxbSm+6os:m5kZ5mIShKXY+vz0YKBiZF2mAs
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/jsScroll.js
- Size
  
  4KB
- MD5
  
  24862d5a9c85c2c6792a26475de990bd
- SHA1
  
  dc5aed9172656a8112ebd8144df1e8ee4d2b39d7
- SHA256
  
  913da011a9a268a082669fb5f5d590f25e8f32e44bbd4b0e03e8e134712e0bbd
- SHA512
  
  983e50f7ccf62c812336573bdb461c8d017dc02fa21ad5886aa95b89eb09768098fa89982e798b996463758c826000f95bbeb5a6dc0c6d3cfb1f5ef723611f67
- SSDEEP
  
  96:Q+kET1Tt+484iCqPCvDdthTpFVDDlRcuP2hfdw:zx44845bNpbDERfy
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  4ccc4a742d4423f2f0ed744fd9c81f63
- SHA1
  
  704f00a1acc327fd879cf75fc90d0b8f927c36bc
- SHA256
  
  416133dd86c0dff6b0fcaf1f46dfe97fdc85b37f90effb2d369164a8f7e13ae6
- SHA512
  
  790c5eb1f8b297e45054c855b66dfc18e9f3f1b1870559014dbefa3b9d5b6d33a993a9e089202e70f51a55d859b74e8605c6f633386fd9189b6f78941bf1bfdb
- SSDEEP
  
  192:SbEunjqjIcESwFlioU3M0LLF/t8t9pKSfOi:SbESjFCw6oWPFl8jfOi
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/nsProcess.dll
- Size
  
  4KB
- MD5
  
  05450face243b3a7472407b999b03a72
- SHA1
  
  ffd88af2e338ae606c444390f7eaaf5f4aef2cd9
- SHA256
  
  95fe9d92512ff2318cc2520311ef9145b2cee01209ab0e1b6e45c7ce1d4d0e89
- SHA512
  
  f4cbe30166aff20a226a7150d93a876873ba699d80d7e9f46f32a9b4753fa7966c3113a3124340b39ca67a13205463a413e740e541e742903e3f89af5a53ad3b
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  YoukuDesktop.exe
- Size
  
  1.4MB
- MD5
  
  70a639eeca8884fdf0b560094a699340
- SHA1
  
  98a1449cbab7209c8ef95d3add480f64d2349035
- SHA256
  
  7cfa9082ab1b595aa27063c7db8e04a5c48578023181aa9ba52442d7d812cd90
- SHA512
  
  e1fde892a87ba518316bed92ddfbb2aed71113946139ba5c662e0423b1bfdbae3dbe82ac7fc19d4108053fec35f22fb881c3ae000ab28463f3f2b55f987d827d
- SSDEEP
  
  24576:tGld2sAq57JiGtwy9XInugl/HlH+ThTB8KpP8RP6yd:tGaq1rtAnJJ+NTCK+56yd
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  ikuacc.exe
- Size
  
  1.2MB
- MD5
  
  8d1e978ab19d4de7d187504df7d89197
- SHA1
  
  193f3b29742510aa641397c113021bf19e7ca299
- SHA256
  
  ed3b86845ad4dc837c7ef951b9331d2cae6565981cf8d9ebeb366e51f11e6a3c
- SHA512
  
  8d03e9853e9b7a2c872ca7d46a996b093240b23e98a39c61981403f187d46a7f73c42a915b8cc4d26f0b1820e48e55eb7c2ec19d60909d37f8d3bd899642c085
- SSDEEP
  
  24576:UMkxne7BXGOdWXtkBD31WOzy8Xv9jlxMLmbEhZ7rAk9BGA3JNNQtrBAyfnB9I5id:OeVVD1W4RfBlahhZXr/NY2yPB9Lxll
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32