47a0afd46df55daf728e376f34b3cae0d4b1ff7ee2b89781f309c6495d24fb5e

Sharing

Copy URL Twitter E-mail

General

Target

ccsetup622_pro_trial.exe
Size

79.2MB
Sample

240901-bay43svhml
MD5

c15c88c4a93a67043bb41238d199c43a
SHA1

32d63202c249bdf55c88831a049a92bc88775256
SHA256

47a0afd46df55daf728e376f34b3cae0d4b1ff7ee2b89781f309c6495d24fb5e
SHA512

ae1ff5e1046f47afe8e4bfa531baecfdc39476a065bda2e1dea09f2475ec3f23953be1fc85f5a8cfc8f4ac994f7d6f9bf664f670cadf793c2578b4a48c485cf5
SSDEEP

1572864:x8hqyumaN2Z4K5JPmfS2XDaes5KXzk2lAZEnOYyF28/UeVCMDP11ywLlZIK:xi1CElmKCDxs4XzRlAZEtK288SP1ZIK

Score

7^/10

Malware Config

Targets

- Target
  
  ccsetup622_pro_trial.exe
- Size
  
  79.2MB
- MD5
  
  c15c88c4a93a67043bb41238d199c43a
- SHA1
  
  32d63202c249bdf55c88831a049a92bc88775256
- SHA256
  
  47a0afd46df55daf728e376f34b3cae0d4b1ff7ee2b89781f309c6495d24fb5e
- SHA512
  
  ae1ff5e1046f47afe8e4bfa531baecfdc39476a065bda2e1dea09f2475ec3f23953be1fc85f5a8cfc8f4ac994f7d6f9bf664f670cadf793c2578b4a48c485cf5
- SSDEEP
  
  1572864:x8hqyumaN2Z4K5JPmfS2XDaes5KXzk2lAZEnOYyF28/UeVCMDP11ywLlZIK:xi1CElmKCDxs4XzRlAZEtK288SP1ZIK
Score

7^/10

bootkit discovery persistence spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Downloads MZ/PE file
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2
- Target
  
  Lang/lang-1057.dll
- Size
  
  270KB
- MD5
  
  cc01172e73b1b2e71badfa3a1de16b78
- SHA1
  
  aca3a20dd88029ddbd020bbda5836235fc75b5c3
- SHA256
  
  e6daa5fda839c053f41e6f6435729e38e306eb4da650d3418afc53dd46beb9a5
- SHA512
  
  ec4613c02b337c5464c82d396c67592ca7b77b51e32bd656425c9c380999c3ba97438adeef9caa9fff73ce00488bb0ea63434460658e3410a31205ab08967054
- SSDEEP
  
  3072:9OOq2nsbqLRRB3LPllkJq5WycwPALrbC/hDiypbDsalR97gA7c1R1XA:CqB3blelr+/h+i5A1RC
Score

1^/10
behavioral3 behavioral4
- Target
  
  Lang/lang-1058.dll
- Size
  
  272KB
- MD5
  
  e48ae7ca39d950e0197dee93f76782c9
- SHA1
  
  47397949d797e9aff85f295ce05198da214847b0
- SHA256
  
  f3858bc6b709a3be8ca4e78abd669e7fbbda9550976e663544b60259fa3cc6f7
- SHA512
  
  7ef3ed919c24e3c290e3a1460496705dcb12c15d531ed3cb11013d849a7fef7d08f0da0db78c27acac5cea7df76747a2ba637a22085b3b5806654d27e9290181
- SSDEEP
  
  1536:vOFjEwhopP24xej01KKA6NIhMEDdQPlYB13g7XxY:vO6wm24xwphTDdq0dgq
Score

1^/10
behavioral5 behavioral6
- Target
  
  Lang/lang-1059.dll
- Size
  
  265KB
- MD5
  
  4660a9be487f4675b75df843c83eb639
- SHA1
  
  d0257800c72624b1abc313cf9a8eb4bdfb2c494b
- SHA256
  
  4485bde9e47165f944fbcc31c04d5821a1f3f32e4b27272b693b8b48c2a39f00
- SHA512
  
  d670b94549e6ca35af1a787b84ceb737d53962282a39f78e30cc185f79e354126a3fdbe7f5500063140ce192c6cc4f51fd1931efc22442355bf2775bf783fc1f
- SSDEEP
  
  1536:3O+xzqO8zGdrZbDYz7cSXIjN+EGtmod7C78xH:3OIiEVDYXXsatNCE
Score

1^/10
behavioral7 behavioral8
- Target
  
  Lang/lang-1060.dll
- Size
  
  283KB
- MD5
  
  4b1c2693ab1746a75c6ffb185651f7d5
- SHA1
  
  1f90919622d799e77af370b8ab6ae4d65dfe446f
- SHA256
  
  946719fb2a15e63ff833118233b4b0f9fbdc65bc428f93760a2a545224fa5849
- SHA512
  
  eb070584907a03c32d41f9f41589c6ae87c9d937006dea1654859f2edf847ef6d18f85d7044ed2bccbb9eb52c05ef0f646dc3047e1115ce8173e4bc5751c2eb7
- SSDEEP
  
  3072:WO0b6yNUB+Db7tT0yRVLX90eNfVyYoD1sFZVpmg4V+JkEKvperPV/4JmZIdiZbCs:GVU4
Score

1^/10
behavioral10 behavioral9
- Target
  
  Lang/lang-1061.dll
- Size
  
  257KB
- MD5
  
  c6ecdd5c4fa8284fedb8c4e9ea9624fd
- SHA1
  
  41a28dfb1f670c405a6391258689f8f7ee14984b
- SHA256
  
  3a714755af133bacd1fd93f0c2b4f7b015d22da6b197eed044cb6b1c0008eade
- SHA512
  
  95d814364ef72952e4b162841921c30462d275bea2d88c094bcbdeae1491847357cec77310da984ea4088d3cc0b38e49d341e308e7b34ac7b11638e5c1b77028
- SSDEEP
  
  6144:rrS6PYBjrXQw4Kfm0lh7+BKJlmO447I+lKe73:9Ls
Score

1^/10
behavioral11 behavioral12
- Target
  
  Lang/lang-1062.dll
- Size
  
  264KB
- MD5
  
  d02ac70911231e8e2ce59ce91c17afea
- SHA1
  
  000e1d6ea6be46ac0d88e3659d157b9a06bdd14f
- SHA256
  
  fcaefa3c536c1eceb07245976ee50b81ccdbf3217615b4bca3fcbbc260b2c8a2
- SHA512
  
  9a9740746ad68d812ff3ce0bd0af0c15d9920554f50de69489ed1f690ec6047c1a93595c7c5e41135c9580d494633a9338e643e3b817f8c357ef1640e81ad447
- SSDEEP
  
  3072:FOoN7sqaua3xqfkz3xOe2cWIrCy1ddAG98kPHeopgE+ZDhF+irQ:7QqjtlIrF1ddAG9zPHeopgE+ZDhF+iE
Score

1^/10
behavioral13 behavioral14
- Target
  
  Lang/lang-1063.dll
- Size
  
  271KB
- MD5
  
  89049864a01bfa8d9fba017cab997ae0
- SHA1
  
  48d22012d5caa4c37ecfa26ecf0d9a7e71b8975d
- SHA256
  
  911a37fe27cf61c982ed6dd714a3fa67f1eefb15ad5fec976291274864849801
- SHA512
  
  1bad5216b3421a30ee6e87981e637a080ccaf81adcca3f6cc031d723f7058aaad0adfb24673f2a12d49a565bcd61a601bbb8dbfa8e8fad602c27fdfee7119f96
- SSDEEP
  
  3072:ROwVFxILT3wHKd4OZphEXSKyb74AwlCTWgVEhm5f6UsAJ2QE09GZytVEaLpglnfH:+ItwdyF
Score

1^/10
behavioral15 behavioral16
- Target
  
  Lang/lang-1065.dll
- Size
  
  266KB
- MD5
  
  3bd76dc58fce0f1ac3a924abbfe58428
- SHA1
  
  589e8e57612996246083ef599aabfbca320b728d
- SHA256
  
  14ea3d971c4c9a3f3c2bd4b6c503273a3f45ce7053f8892b35e0dddf1fb38a2a
- SHA512
  
  42dc6a0021e442274559984c4ae30593260a53abff1135cf989b456dec489d9e5926b994d31f84ffd80ecbef23924b7db719a4b57765fb0ea89932d992f113e6
- SSDEEP
  
  3072:uOe6wg68Y8bfz7uFEgw1vO6asQKjY97MH5kVwohuRWSs:S6wggaf2Egw1vOtsQKjY97MH5kVNKWT
Score

1^/10
behavioral17 behavioral18
- Target
  
  Lang/lang-1066.dll
- Size
  
  277KB
- MD5
  
  646ec790417fc881260c314272962145
- SHA1
  
  1307669960a37f86c8d930671867bac15ffba68f
- SHA256
  
  51ad7095cb96e61c338a7b794ddad992a520465ff0950919c39cfa3f96ba099e
- SHA512
  
  2f0875be2c200d3b46daa6e768e90665a38bb52fab249a58e0bc547b976f14d427f3e74a00fc9fb76cd17711cb8a9328e6f094d5d6f7825b5330a80c983640ca
- SSDEEP
  
  3072:YOlHQb3OJJv3Sy5boo+hEoMMK8bAy8TI2ZZVfaPBX:O3OnS9K8T8LZzg
Score

1^/10
behavioral19 behavioral20
- Target
  
  Lang/lang-1067.dll
- Size
  
  95KB
- MD5
  
  7472afce141d48c1ed15d4cdc1f44e5d
- SHA1
  
  830eadcca5e79c77c3f3de8631da106403da1796
- SHA256
  
  da072abdc5e3c1a7825aa3c08b9eb87343331bbfefc8801d9000b3cb9f229cd3
- SHA512
  
  cc39a84817236a5847e54f00db4852207ae3c7c4a0219bd1cebe1835dab7b5badf63a1c929842edcf77185dcc055fa3152c65be5ceab65280f00dafeef9fad1e
- SSDEEP
  
  1536:iVRKRwjihIlKVSYMOv2RLT7KooahF6LAIUjmuJ2DispH1aNv73gsmfAsZATeg9eQ:sQyXThwi0Yeg9evQ1rmFqY5j+
Score

1^/10
behavioral21 behavioral22
- Target
  
  Lang/lang-1068.dll
- Size
  
  94KB
- MD5
  
  eb812e8a4037ce99ca87b48a850e5f0c
- SHA1
  
  68fae1f1e36d6c9cd2bc19d64a2343fcc10b09dc
- SHA256
  
  18a2b150e25454e005cda52e6c4e0d62e2aecc24bb92f66803d53553cb7bec35
- SHA512
  
  329222281f80b7ac67411b9b27ceeca74ce81d7d5acb2215df372c4eb66a35b5b9b97585afc0814d8f186d5d56c736e08e87081840902fb7ac8ecb053ea4155c
- SSDEEP
  
  1536:v8OWtBFOFKSvrNse08AsdUMJ8vlKnMTg0Pg9evRKrmFqYWXM7Xxx1:0JBYxselfGvlKn4xPg9evRKrmFqYzx
Score

1^/10
behavioral23 behavioral24
- Target
  
  Lang/lang-1071.dll
- Size
  
  103KB
- MD5
  
  33b27bf47d3144d95dfadb11908effb7
- SHA1
  
  a0893956a73d15071f397d98289c8917e3a7364e
- SHA256
  
  a4b154333c2e520b02e8e896ca3476aee69ded7eff9ceeceb6812a1895a70175
- SHA512
  
  e559e86ad5da19c13abbf355d11895f2fa090e853462c9fb2ff08fbf1dd5ce6bb6ee1b8666bb94dc8c9fdf6cd0eb09d4648a4cbb079a2a788bc82dc83c97ceb8
- SSDEEP
  
  3072:SIfvxxMq132FYhTaWH1zgdevRKrmFqYH7:s3WHc1s
Score

1^/10
behavioral25 behavioral26
- Target
  
  Lang/lang-1079.dll
- Size
  
  96KB
- MD5
  
  a17bba5a0ae4ad69040e6cf72c3e2bf7
- SHA1
  
  a3d7535b7189ac596a884eb08c87f06b21d51f74
- SHA256
  
  cd6f51910786240e779e13f2d1dba48f4eab08bbcb72690319ae9a4509718233
- SHA512
  
  0710b9e670ecff537db344a1478e997c32217b585e7e8d5fa2773a150eb10146cf4281a0640bfc11edd2d1b7304f9ce64748a326be30743d658e7e3dcbfada60
- SSDEEP
  
  1536:IMim7E6UZ2gL/VgFvSDKBMTg0Pg9evRKrmFqYWXl7qxP:FUZ2gLdIvSW4xPg9evRKrmFqY+s
Score

1^/10
behavioral27 behavioral28
- Target
  
  Lang/lang-1081.dll
- Size
  
  269KB
- MD5
  
  db504878efccdd4a1fbb20bf8f51cd29
- SHA1
  
  94b3dfef6d499aba172c37865ed61763d4d1edc2
- SHA256
  
  cbaaf264235741d88a3409795a4d112fed94876e111d8c2580bdaf4684588c61
- SHA512
  
  e7a729000e235d2e83456ee1668c67f91a296266a8f6f58b82b85ffe565f29708af3efe862311f30b77981d5cb4f7a6751ba11106bdfe8cd4b9cb30f9926e295
- SSDEEP
  
  3072:cOH3ONh0qtd0dv9GCYxmdFchBhThkbX+IErKc/Rdr1trcMKeBzAWTJ3z+bhAqhnY:ZKFvkF1+tk14WaMtId
Score

1^/10
behavioral29 behavioral30
- Target
  
  Lang/lang-1086.dll
- Size
  
  280KB
- MD5
  
  cf082990d76623874a35b31b7d0cec5a
- SHA1
  
  45e040e9010989567a2dedc42e843fef64c462ee
- SHA256
  
  f01fa651047b00db245f7c98cc221bb1c2fa50d26cb4679330aaa2524af2136c
- SHA512
  
  91919aaff082f904f2dadbe4e8ba8f209018a91c00694c88978d00e21d5f7daf0f40603b01353ba8f3c748e47a6f05fec7e301f3b9b94f9c0552511525580185
- SSDEEP
  
  1536:AOcZsGcHdos546rRkMuQsuRA7VkE2hzAV/nyq2UUc6CnmtCGQSQ1cNXpH0lj75xR:AOJGG59FkMuQsug+hOPyq2UnuC2HQl
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

T1542

Bootkit

T1542.003

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Pre-OS Boot

T1542

Bootkit

T1542.003

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Reads user/profile data of web browsers

Downloads MZ/PE file

Writes to the Master Boot Record (MBR)

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32