92e72c343534d619c89e4e4134c8f3a91f71e065b55385c0cad4eaac7b8db87d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

92e72c343534d619c89e4e4134c8f3a91f71e065b55385c0cad4eaac7b8db87d
Size

5.3MB
Sample

240901-dk76vazfld
MD5

ec2a5c041640815b2ae4bb05e728bd61
SHA1

8f5885d962bb4e57eb7786e694f8d87e23da7b7d
SHA256

92e72c343534d619c89e4e4134c8f3a91f71e065b55385c0cad4eaac7b8db87d
SHA512

25ad53c776f6f9533c2b5ee432476cf336c04e461f1e516b1b85009357612fbe2f695a843546a9ee92a136493578915e0d95dd24a83f5e1ac67db201fe8af10e
SSDEEP

98304:K8WjhvkwMtNG+6B3fTWH00q0Nl4SbcJtcNg+VUBuAxuTycBZwLLGBIJl:KfvkwANG+6B3CHDq0fPacN5quTycBZwH

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  92e72c343534d619c89e4e4134c8f3a91f71e065b55385c0cad4eaac7b8db87d
- Size
  
  5.3MB
- MD5
  
  ec2a5c041640815b2ae4bb05e728bd61
- SHA1
  
  8f5885d962bb4e57eb7786e694f8d87e23da7b7d
- SHA256
  
  92e72c343534d619c89e4e4134c8f3a91f71e065b55385c0cad4eaac7b8db87d
- SHA512
  
  25ad53c776f6f9533c2b5ee432476cf336c04e461f1e516b1b85009357612fbe2f695a843546a9ee92a136493578915e0d95dd24a83f5e1ac67db201fe8af10e
- SSDEEP
  
  98304:K8WjhvkwMtNG+6B3fTWH00q0Nl4SbcJtcNg+VUBuAxuTycBZwLLGBIJl:KfvkwANG+6B3CHDq0fPacN5quTycBZwH
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  6e55a6e7c3fdbd244042eb15cb1ec739
- SHA1
  
  070ea80e2192abc42f358d47b276990b5fa285a9
- SHA256
  
  acf90ab6f4edc687e94aaf604d05e16e6cfb5e35873783b50c66f307a35c6506
- SHA512
  
  2d504b74da38edc967e3859733a2a9cacd885db82f0ca69bfb66872e882707314c54238344d45945dc98bae85772aceef71a741787922d640627d3c8ae8f1c35
- SSDEEP
  
  192:MenY0qWTlt70IAj/lQ0sEWc/wtYbBH2aDybC7y+XBaIwL:M8+Qlt70Fj/lQRY/9VjjgL
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  ca5bb0ee2b698869c41c087c9854487c
- SHA1
  
  4a8abbb2544f1a9555e57a142a147dfeb40c4ca4
- SHA256
  
  c719697d5ced17d97bbc48662327339ccec7e03f6552aa1d5c248f6fa5f16324
- SHA512
  
  363a80843d7601ba119bc981c4346188f490b388e3ed390a0667aaf5138b885eec6c69d4e7f60f93b069d6550277f4c926bd0f37bc893928111dc62494124770
- SSDEEP
  
  96:ojsvUu3Uy+sytcS8176b+XR8pCHFcMcxSgB5PKtAtgt+Nt+rnt3DVEB3Y/NqkzfS:ojsvWyNO81b8pCHFcM0PuAgkOyhIFc
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $WINDIR/twain_32/amcam.ds
- Size
  
  9.0MB
- MD5
  
  51a3fa273404c1ec82dde8718d85ba11
- SHA1
  
  662306257899c53f3043249677e073ec804bfe25
- SHA256
  
  ddab63c538f5d76c344f358aca528299b1efcc4fa22e85bca563fdf040585cb8
- SHA512
  
  0e042906bbc891d42137b88a35383b337e465cff90660b028fd3033df94209f6ae5096354db42e374e5295b6fc2bf8aa2bcc353eb33bcb50e774a424f6f0afb4
- SSDEEP
  
  196608:civPeCvO3hVvP9CLlFhK0zlpsfmjFgUalUOn:c4PdjFgUalln
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $WINDIR/twain_64/amcam.ds
- Size
  
  12.6MB
- MD5
  
  adbb7a003d73384b600d915344b1e51c
- SHA1
  
  3fa8047d59ebb6f7ca7d717bb8be647f9ea3bdfd
- SHA256
  
  32c9e12600c83775fbe29c6efb82d3646e6d73dbb186e6b6bdd6a76a3064633b
- SHA512
  
  b18ed07f5ad0f9b97949a3c8fd0456fb0e91900afc5b33b90ea62d95786ecc8b8df8639d4933d7cc7f6ada8f6d335ef5417bff520878e13fee42b8d6055c4417
- SSDEEP
  
  196608:gm3szM7jtHl8dZ/xnXm/gXCp4lPXNAoDAx:gm3szMHv8dZ/j9zcx
Score

1^/10
behavioral10 behavioral9
- Target
  
  drivers/x64/amcam.sys
- Size
  
  20KB
- MD5
  
  391ce20910391e2beec24039a9c03649
- SHA1
  
  4d308e5bb731efbdb7316bda62d3a9839cbdb2c3
- SHA256
  
  e795765949d85b5643d065fc3c0b1cee61d6b2df711ad0592ff27b93edd5f5c7
- SHA512
  
  22f2be82123a8e9e55081836e63db74c6c5761618b7505802c448e49ba45751772f5385a70324f83521671c1f84409aabeda69075df47674202cf33aaeef11fb
- SSDEEP
  
  384:kc6hk9XMfZ7jF6hqd0VgociwNyvuWu9zN9pJJzCtvViY0Hi8ihXNIKP75g5xQdUY:RMMMfZF6hqd0z8Nym9Lh0sYCiFhai9gQ
Score

1^/10
behavioral11 behavioral12
- Target
  
  drivers/x64/dpinst.exe
- Size
  
  1.0MB
- MD5
  
  be3c79033fa8302002d9d3a6752f2263
- SHA1
  
  a01147731f2e500282eca5ece149bcc5423b59d6
- SHA256
  
  181bf85d3b5900ff8abed34bc415afc37fc322d9d7702e14d144f96a908f5cab
- SHA512
  
  77097f220cc6d22112b314d3e42b6eedb9ccd72beb655b34656326c2c63fb9209977ddac20e9c53c4ec7ccc8ea6910f400f050f4b0cb98c9f42f89617965aaea
- SSDEEP
  
  12288:uIId79EaUTvwieMozMEcOigSpuPMaLium:xIdqaWw1MsbTScP0
Score

4^/10
behavioral13 behavioral14
- Target
  
  drivers/x86/amcam.sys
- Size
  
  17KB
- MD5
  
  14527449305d5f2f42a092f437961d6d
- SHA1
  
  b750ff2ee43e5c444439a329308fd4551f1dba05
- SHA256
  
  c63c75a81a2e9ac81ae85be82a53d00dc4b06e1fefcd9fa4bd5746f6426f08dd
- SHA512
  
  611725d33ed62623ff84606b4140ccf5e5ceb9e51c0da368f5caa391eb31bf0cde59066670ec96e11a031b0b25b9c273e3d9bce8d5943b3a4c36dd46d49e7fd5
- SSDEEP
  
  384:RxJmbThKvRp5kYyicuCdIKP75g5xQdUb+LBd:FmKkCPhi9gPild
Score

1^/10
behavioral15 behavioral16
- Target
  
  drivers/x86/dpinst.exe
- Size
  
  900KB
- MD5
  
  30a0afee4aea59772db6434f1c0511ab
- SHA1
  
  5d5c2d9b7736e018d2b36963e834d1aa0e32af09
- SHA256
  
  d84149976bc94a21b21aa0bc99fcbdee9d1ad4f3387d8b62b90f805ac300ba05
- SHA512
  
  5e8a85e2d028ad351be255ae2c39bb518a10a4a467fd656e2472286fee504eed87afe7d4a728d7f8bc4261245c1db8577deeee2388f39eb7ee48298e37949f53
- SSDEEP
  
  6144:EZtaKSpwmx5ATm/LC3fwf3OoU9xkYSr/mdBTRhKWIjsRP/1HHm/hHAM8i6r+LyIU:EZxSpwmxvL/f3vCN1PMaLi6rAyIQjF
Score

4^/10

discovery
behavioral17 behavioral18
- Target
  
  uninst.exe
- Size
  
  194KB
- MD5
  
  772f571b118bdde4d142064898ca157b
- SHA1
  
  b810691d8440f8f22aea0f5e140839f37f96db9d
- SHA256
  
  2aa322edbee8e3d76ad6cf5e93d0f0d036570b20600c6adaa9a92239c428d2ac
- SHA512
  
  eb3f59ac30eaf480756be9e8b5ae87ebf50c2b3865453ceda0483893ada3b5219e0bf2c0d61ff880dfbc2111ec011e2e29a30c41c4391d6da1d0317604081653
- SSDEEP
  
  3072:iuxVUg3yGDRb8lc7uM3hR2cGqgVK1O8gicPsnHB4ZxXVSM:FgORa2T51OBzsnHGhVSM
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  6e55a6e7c3fdbd244042eb15cb1ec739
- SHA1
  
  070ea80e2192abc42f358d47b276990b5fa285a9
- SHA256
  
  acf90ab6f4edc687e94aaf604d05e16e6cfb5e35873783b50c66f307a35c6506
- SHA512
  
  2d504b74da38edc967e3859733a2a9cacd885db82f0ca69bfb66872e882707314c54238344d45945dc98bae85772aceef71a741787922d640627d3c8ae8f1c35
- SSDEEP
  
  192:MenY0qWTlt70IAj/lQ0sEWc/wtYbBH2aDybC7y+XBaIwL:M8+Qlt70Fj/lQRY/9VjjgL
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  ca5bb0ee2b698869c41c087c9854487c
- SHA1
  
  4a8abbb2544f1a9555e57a142a147dfeb40c4ca4
- SHA256
  
  c719697d5ced17d97bbc48662327339ccec7e03f6552aa1d5c248f6fa5f16324
- SHA512
  
  363a80843d7601ba119bc981c4346188f490b388e3ed390a0667aaf5138b885eec6c69d4e7f60f93b069d6550277f4c926bd0f37bc893928111dc62494124770
- SSDEEP
  
  96:ojsvUu3Uy+sytcS8176b+XR8pCHFcMcxSgB5PKtAtgt+Nt+rnt3DVEB3Y/NqkzfS:ojsvWyNO81b8pCHFcM0PuAgkOyhIFc
Score

3^/10

discovery
behavioral23 behavioral24

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24