General
-
Target
8f36dde1cc56c41c6bf0da63a023acf0N.exe
-
Size
2.7MB
-
Sample
240825-qwn9bsxbja
-
MD5
8f36dde1cc56c41c6bf0da63a023acf0
-
SHA1
001634af373b3bd9017a62ecae71214b7b9c6156
-
SHA256
e46141f1d741192361966ffa93790c3032ac6123d49a78c7271c101488b8848c
-
SHA512
32771304c83ad649b947c9b5d102db43bcf01c2c1c3d4920bf82325f96fbc6c1aa6fc4c274c50cd6d44621ec2ef9b3e39ac8c48bbbf9cb7554d1ee247fe15f1e
-
SSDEEP
49152:1KG0pl7yM9RTw0Pelu8G5UoeBJksdUD0f+GWeIWmRlo0:134H9RtPeoVOoOmZQVWtWm3Z
Malware Config
Targets
-
-
Target
8f36dde1cc56c41c6bf0da63a023acf0N.exe
-
Size
2.7MB
-
MD5
8f36dde1cc56c41c6bf0da63a023acf0
-
SHA1
001634af373b3bd9017a62ecae71214b7b9c6156
-
SHA256
e46141f1d741192361966ffa93790c3032ac6123d49a78c7271c101488b8848c
-
SHA512
32771304c83ad649b947c9b5d102db43bcf01c2c1c3d4920bf82325f96fbc6c1aa6fc4c274c50cd6d44621ec2ef9b3e39ac8c48bbbf9cb7554d1ee247fe15f1e
-
SSDEEP
49152:1KG0pl7yM9RTw0Pelu8G5UoeBJksdUD0f+GWeIWmRlo0:134H9RtPeoVOoOmZQVWtWm3Z
Score8/10-
Blocklisted process makes network request
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
-
-
Target
$PLUGINSDIR/ShellExecAsUser.dll
-
Size
89KB
-
MD5
42865be4950639e871fed3a55b790d7b
-
SHA1
c6f52d75dec3e215ff0ed3f9ffd4a2e05e3a31c4
-
SHA256
c2c32ec71d26b8b4c451401eea1b00fb110ae6f530301605f8d5f71fb7bd738e
-
SHA512
2bf28f0b39d4b10325b7038b71519819f6923ba11fcbf510c6be2e02291741ec3d79f4be651df9e0fe1ce4227498a1449463407622dfdd924b81e8681fe6bb67
-
SSDEEP
1536:nZUcH87dl2uUVzmk1zaOvSTamTa4Uyf/fhcQYDZZsWjcdojmV/1Boq:2BZlWVzmupvADrymojmV/Eq
Score3/10 -
-
-
Target
$PLUGINSDIR/StartMenu.dll
-
Size
7KB
-
MD5
4206ac12a66dd61b2913f158488db070
-
SHA1
589a65a8f2b40d9e821e47bc66fd5bb3848d6f77
-
SHA256
4b722e1b2445fe8030194ba2ae1f573bc8e13dc3c028ce22312ea9848c584449
-
SHA512
a6a1bd423f222dd28277831eb01a14179ea67fb4d7c2b498cf0684185caf7d44a1378faf3a3933a6ce5bed5f5824d011b4a0f6558c3b5d8e84cb5a2bfe455a67
-
SSDEEP
96:o8dPIKJhMuhik+CfoEwknt6io8zv+qy5/utta/P3lkCTcaqHCI:1ZIKXgk+cx6QYFkAvlncviI
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
3e6bf00b3ac976122f982ae2aadb1c51
-
SHA1
caab188f7fdc84d3fdcb2922edeeb5ed576bd31d
-
SHA256
4ff9b2678d698677c5d9732678f9cf53f17290e09d053691aac4cc6e6f595cbe
-
SHA512
1286f05e6a7e6b691f6e479638e7179897598e171b52eb3a3dc0e830415251069d29416b6d1ffc6d7dce8da5625e1479be06db9b7179e7776659c5c1ad6aa706
-
SSDEEP
192:eP24sihno00Wfl97nH6T2enXwWobpWBTU4VtHT7dmN35OlbSl:T8QIl975eXqlWBrz7YLOlb
Score3/10 -
-
-
Target
$PLUGINSDIR/md5dll.dll
-
Size
6KB
-
MD5
7059f133ea2316b9e7e39094a52a8c34
-
SHA1
ee9f1487c8152d8c42fecf2efb8ed1db68395802
-
SHA256
32c3d36f38e7e8a8bafd4a53663203ef24a10431bda16af9e353c7d5d108610f
-
SHA512
9115986754a74d3084dd18018e757d3b281a2c2fde48c73b71dba882e13bd9b2ded0e6e7f45dc5b019e6d53d086090ccb06e18e6efeec091f655a128510cbe51
-
SSDEEP
96:5mArJv6F3TqDmgK4ghEin1US36eHQZDUDgGogZcko5Nt4AMP:5XJ63LhR6inZ6dsgZkKQT
Score7/10-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
-
-
Target
$PLUGINSDIR/nsDialogs.dll
-
Size
9KB
-
MD5
dbdbf4017ff91c9de328697b5fd2e10a
-
SHA1
b597a5e9a8a0b252770933feed51169b5060a09f
-
SHA256
be60a00f32924ccbe03f9914e33b8e1ad8c8a1ca442263a69896efba74925b36
-
SHA512
3befc15aab0a5dbe7fde96155b0499d385f2799b1a2d47ce04f37b5804006b1c6c4fff93d3cedb56a2a8172b23752b6f9dc6168cfce3596b91def3247836cf10
-
SSDEEP
96:33YnIxFkDUGZpKSmktse3GpmD8pevbE9cxSgB5PKtAtYE9v5E9KntrmfVEB3YdkS:33YIvGZDdtP8pevbg0PuAYK56NyoIFI
Score3/10 -
-
-
Target
$TEMP/$_85_/InstSupp.dll
-
Size
365KB
-
MD5
3ad18e6d9662a366e1c8ebd31f059da5
-
SHA1
2782f844625a824bd7509785bc8621db24d3ae39
-
SHA256
887517b5ea27a815d0a026d925bb402e14fb9256c5ef22e57baa5f48247245a6
-
SHA512
a200a69ba098f1a2d72e313874f600b0d7d54b425e98c3b434baadeeb65c85d9de70b9c905515e7843c5528c41de16273fe93fa5f0bab2bf933b9ff793c01a70
-
SSDEEP
6144:o0xiRP/1oEHK6RI5p6zh3ovKypq5JTykXk6KziBrgAsff9r3mC/JmfFt:o0+/KT5gzavfpq5thEGxsn9rONt
Score3/10 -
-
-
Target
FireFox/bootstrap.js
-
Size
11KB
-
MD5
4ceb7dfccc418f4a220e41e0e3b5244a
-
SHA1
6e4e25767afb889f516ed42308f9ee1a38c67492
-
SHA256
e9c7c14543100f703f9ee59762ed5e0ce2958acf44c93e33c89539088fdb8228
-
SHA512
647b44e9805ab99d1bcd791c51301b69738d30c49233f4a75cbfa2d9463d0a308a3ed2b7294a53d3258081061f71f6ba7be8f47712d4e5e78d54a916897c28cd
-
SSDEEP
192:fy5ZY6esa/XFee6DKdawc38ZY9bk300jAVwaP:SXeR/fawc5ZiAVfP
Score3/10 -
-
-
Target
FireFox/content/html/popup.html
-
Size
734B
-
MD5
c929c4ef17977667affa3fbf2308d429
-
SHA1
8981c4dedbb7446e817e20f206b5c9e174cc0074
-
SHA256
4599c1cb8c97f841d48a003f47e6ab8b7b8f720448129183c4499812468377eb
-
SHA512
1831fb44ec6c9ff32fe21386023d4f0229d85844b09ed28975b65e5aba6eb81c6a0f783a7e023f966cc90082191ea4d5df5c3f803f2764181461433ce38935ad
Score3/10 -
-
-
Target
FireFox/content/js/uid.js
-
Size
41B
-
MD5
0460abfa86a3c928cfd26d3af6b17188
-
SHA1
551732701651d8ecd2847a9db6a557aef32b1539
-
SHA256
074dc1633ac3a5118053e509bd2d285635c9d946275431489bbfdcf26f26c8c3
-
SHA512
fbb386513ecdee0b096c5d75830a1cc25afe1c2b724f53bfb7f4d73312bc52f3dcbb953b47da05121ef21b76a734896063b8043ad3b63785a605cf7df2263258
Score3/10 -
-
-
Target
Modules/7z.dll
-
Size
893KB
-
MD5
04ad4b80880b32c94be8d0886482c774
-
SHA1
344faf61c3eb76f4a2fb6452e83ed16c9cce73e0
-
SHA256
a1e1d1f0fff4fcccfbdfa313f3bdfea4d3dfe2c2d9174a615bbc39a0a6929338
-
SHA512
3e3aaf01b769471b18126e443a721c9e9a0269e9f5e48d0a10251bc1ee309855bd71ede266caa6828b007359b21ba562c2a5a3469078760f564fb7bd43acabfb
-
SSDEEP
24576:TW+wsDaQw6DDz3qRyPnmGfrnvVUKueY8RmneWtJ:TasY6DwOBfrnvV7UeWt
Score3/10 -
-
-
Target
Modules/ArSp.dll
-
Size
38KB
-
MD5
867fee96192bbe3fbe43d0739c9a6299
-
SHA1
c1fa3a76781ebdcdb4bce9658b560fc453e873b7
-
SHA256
7bad83e031dadbbd8a948de887ffa8de10f284f0bf6f23e1470d960d656125c2
-
SHA512
8a9ffeb60009d98e2c78208e63f6e2166ea6e8e22e963b42d16a8f84c640d70b2924a3a3650e0134b43b09367ef50344d21e7d8feb8179a2115a995c10a9586a
-
SSDEEP
768:g/PidxjnQyslT/lwPRBYzNjMLwHFScci1:QPidtnPgrlwQzNoMHFS3i1
Score3/10 -
-
-
Target
Modules/BdUdr.dll
-
Size
57KB
-
MD5
4c8f842fdd9746db691e86c17f80d5bd
-
SHA1
5ce367d5475351f26229374dbde8a5b2cc5e7c68
-
SHA256
38686a0241bff3c9c910cfed5c7d6a226fb1d868be2c0d01485b0873cd02ff16
-
SHA512
16f3107a24ec71f683b4c7be068a04960064e7b21d81c4e8faa7b9bab425a5b9b45f02bca025944c05e6d5af58d5848bb25d7e3db35c87e131706550283a907c
-
SSDEEP
1536:FiiWqjptijlWIhMjrQLyKOnkS83/+jQ/40iaFS3iZ:8iWqlASQL5OnkS83/+jH0ipc
Score3/10 -
-
-
Target
Modules/BrSp.dll
-
Size
114KB
-
MD5
c9f82186ff43303ad3d89ee7c065741e
-
SHA1
356891ad96b2d8c0a7fcc0ab42f18dc47082b7a5
-
SHA256
6e9a76992b3b6b9d3a83f7584a1a15327b1d385ea3d34bc1b1a40af9a7798417
-
SHA512
de6441f551c4afb3f5fe94fecee1cb2c8ef587ed13804a6b767ca0bf0c76b0408ab0a0b9789db79b41e475370e1b3a0f1846e14348f355f64dce3435373cd83b
-
SSDEEP
3072:0cTpZGIJkkaq7ub40DQfxUisfdOgPk/Od2/s8y/L:tpZGwaqW40IUmOd2/slT
Score3/10 -
-
-
Target
Modules/CdPrc.dll
-
Size
88KB
-
MD5
5e0006129c4bb6f4491b63fc83aee52e
-
SHA1
947fc00097cd3b64e8988145778bffc6c908840f
-
SHA256
a347017fce2cee5f0840ca117810db2c2db489f37804c3666ef0d31e72d93252
-
SHA512
cb91171947f22c65ad88f4d3004d20f81de3939dd97afbc48d0d425fb25202f74683859d04600f8d30ff60b465e18d1c27c3fb876a886af389371edd2f34d6ff
-
SSDEEP
1536:MF9wbgScEr7fYnXEFMDvy/utmMYtLSCqRJO/mFl9uEW/c3Ncc/1FS3i/E7:mtMgnXMMDvymtm96RJMmFnvW/c3Ncq6N
Score3/10 -
-
-
Target
Modules/Core.dll
-
Size
106KB
-
MD5
928ce4d12b735e59ac0788f14b37cd93
-
SHA1
b97c5fd84eea652e3479423b3d1f838aeeabba88
-
SHA256
173f961ee251b1ba8b191909c1284158a469d3dbc81ae30fc3df99b50910e611
-
SHA512
3548d2f2fb5ab32c2cd3e4f87f1b3101e8cfa89c0876d66e54b780125b36dddffbeddf0b72638bc414be4a8ba8f6d5712241902c5c78b044076ba9bbc708d264
-
SSDEEP
3072:UZYCVPJG1+LWSYVgFWTNlidmuwa8I/+/VZM4vX0gt:UZYCflSSYSFu0muwa8I/+/VZM4vXV
Score3/10 -