dded292ef2ab0593c21e5ce653cf36c4165ec5ecd30d9366dc24c3f3e294c960 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Rocrail-Windows-WIN32.zip
Size

24.3MB
Sample

240901-vkryaswfqr
MD5

4ef3d9079b341fe74de297bd1b4778b7
SHA1

84dd0dbecd3363f5c1e96427357fb1f5bdd2b75d
SHA256

dded292ef2ab0593c21e5ce653cf36c4165ec5ecd30d9366dc24c3f3e294c960
SHA512

c71b49dfc3db0289591ec827d283712302dcdfdc62693551e1cec8e54a9c65d3516f8eaa014920396de6d82759ea98567a60ae6c79980fd94d4fbcd7f4991aa0
SSDEEP

786432:4sS7o0rp+0NtqD9bpby/L+jMvzjINZW0qXi:Uo6aJbpW/L+uINZW0b

Score

3^/10

discovery

Malware Config

Targets

- Target
  
  bin/TrackingService.exe
- Size
  
  6.9MB
- MD5
  
  60d4e73b0503df0b60703af7e0d32135
- SHA1
  
  ec78ed82e08082200cf0c62368ebeada97a46105
- SHA256
  
  3134bc3830f3b8f886fd8045336fe48b9f8c029469379b9ea8b175d47a613c16
- SHA512
  
  86d62fe5942daf5599795a82dc627e2347fe330bca38763c71beb4e85155915af740d35236a2a85d0674086084cf0b74ad933180cf99987e422adc57ccf19753
- SSDEEP
  
  196608:E8KPONKMPgsDJpcCI6Gxee4yH8j2QN+biJiQBmWkNIJrfLgW3kCVrrR:XH6ee4yHyHrfLJ0CV5
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  bin/ahome.dll
- Size
  
  371KB
- MD5
  
  cb474ebbada323d2140d954cdf031f40
- SHA1
  
  179eb16f6663830c496466a0769c999fba32068d
- SHA256
  
  9cf8c508654fd9325cbfdf6466801cc1373d6aa1b3ae217beec9559577fc3d0b
- SHA512
  
  1320caecb541ea0c99e75ad0cf6efbe4f936c831eff15bdc8f0459476ee455fab70085682761530a95e98eb975c44507a287019f50ba85e8f88405348d8e0f4a
- SSDEEP
  
  6144:hlp3TGfTwhwb8IsbnBuwn947sTQy9NdtFi:hlpibwhwb7Kl/Qp
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  bin/barjut.dll
- Size
  
  427KB
- MD5
  
  9927a29435209791123055ef0c3b20be
- SHA1
  
  cad43273eb0d26f1171609461a9df2b3900ee9d2
- SHA256
  
  f1e490da0e90aa6a4f8bcc153606a930f2ca69f67846f4086db18e2b64aa81f4
- SHA512
  
  74984046d4edd34f1de80e2c254dce78a620461c62f923add671dc4ef3d5c22bc4a82659b36ce65a129cf32b1e2db963d5af40a4caee16c216afa87ec6d2d725
- SSDEEP
  
  6144:vCqHyDEbCxDwhwYk0NpYV7xvQYfRQEYQ0Ngy4:vC5EbCFwhwqWFv7RtYQlN
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  bin/bidib.dll
- Size
  
  878KB
- MD5
  
  dce8438bf9f8a4d204af79abc2bd9db2
- SHA1
  
  995350d43539faec5ded499ed04fbc66d315ab11
- SHA256
  
  3f6c385294e58da8eee6482dd777155e4b0823459e6077604a40f4dba6d2d807
- SHA512
  
  95aaf0accba80c3f11e858e41ecb2048ecdf8d6f79a83469666528def8eae69ad6a7f812d4b6b06edc33a23ea55716dbba32bb8c523fd2c5b316fec0fe4e6ea0
- SSDEEP
  
  12288:HxM9iSFIJpzurCbpREtgpSowhwFvG0b3uGvr2OQluW:HxM3FIyslbvNQluW
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  bin/clock.dll
- Size
  
  278KB
- MD5
  
  75a392b8b4e401601b180a73b0060fff
- SHA1
  
  4ebfb04992f2e52e61351a1d7a5d98558a5d6ad1
- SHA256
  
  63338eb8e7c99be59415283437233e1fcbd419c09960e347d3fd17fbb736fff9
- SHA512
  
  0237594eeb42ac3e49453505d72e430cdefcb3e3145b17aa15abbb50e5af6c57c3d0022a8ad6014955624157bec45ab99088d823b14069a1fc8c6bc737892769
- SSDEEP
  
  3072:cnUOhKNeQoQY6AZL6fTT+Ajyt8ndwhwsBU9NnhESfAWEDKxvQucsZrQD7uCmDNlB:mUdfTT+A3whwpNnFNxvQAQDKhlB
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  bin/cti.dll
- Size
  
  566KB
- MD5
  
  d20cc7d6d200de7d1cff6d6209610f2c
- SHA1
  
  dcb60255a741fcb26033b0b9fa8243c545eeb0f6
- SHA256
  
  d79ad5593c8c5dc11d0ad700403f46e9ba26ace935eb1e6cf1ecba28f878a015
- SHA512
  
  ff8485b920a6946020479e192743256b29fec3fc898e2e8d63fbf7e9302696ca9de80e265324bef6896416a2f967d4b0dc0dc574086c807bfb1e8ffe27799531
- SSDEEP
  
  12288:4BmY0KftfE9cwhwPQTv3wNQdwxhRBdnGTTI:4/0itfE9bvANQ6xhRBdnX
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  bin/dcc232.dll
- Size
  
  638KB
- MD5
  
  45486e4d289c511c62a56b386116a80d
- SHA1
  
  6c588e660b196a321809cc84b0e3f103b343857b
- SHA256
  
  995b62570e10ce1acae46d20ae3e6072fd0b0690a2404a16587364891f28a79a
- SHA512
  
  a400fef65f8552aec6c337567556d9de205b0e3721030b3fd7521a65ac1fcd4612b83c3dfb713f78652ea0e6ce04ec2076031091c2061ab85d202f751b5a6054
- SSDEEP
  
  12288:h5XRBmCt5QlEXYevWoojK/bSyGTAM4bZwhwxk1VMvizQFNu:h1xHxvvMQFY
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  bin/dccar.dll
- Size
  
  441KB
- MD5
  
  d414041540d645fac1a0debde148ddcd
- SHA1
  
  2aa67480647ca04de90e94c5616129e3fc04158c
- SHA256
  
  7dfb3179fd614c8a6e03c54af382e4edc4692229a264ff83c3b42ab29450e9bc
- SHA512
  
  75ea534a1de63af238773fedc75563430139e46639805dd96555ca5eb0648c8bd1457c369975ed2b23fd6165f8eb93a99d755da6d413e26b541155df57e7929c
- SSDEEP
  
  6144:e8z3iDm6lfSDoZlwhw1IKbVCCOxvQ1w9lvFk/QeOiP9x:e8z3iDZlfBlwhw1NqvSw9QQeOQ9x
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  bin/dccpp.dll
- Size
  
  720KB
- MD5
  
  5d051e56aaa38f4a78b25334a36c3e23
- SHA1
  
  f1f6e85cea5151ee88893333191aa1b5f518db94
- SHA256
  
  588c18674a041c1c14884d5d9551559e96a7cb01c0e94a599aa522bad5e0b7c9
- SHA512
  
  4feddc1512ad793c3897b27ef7646c11265359263329a5fd2ec12629f21f77004530dd8325f67863c6f824ae6bc3a252f1f3c8c2d743a90c98e2bcd1c4717c75
- SSDEEP
  
  6144:4kxWZu6tP6MUwhwsDA9sIcpjx1O6rxvD9zkRX6lQUk1V4rvZ:4kxWcbwhwskiU61v9kwQUk16Z
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  bin/dinamo.dll
- Size
  
  781KB
- MD5
  
  e87d9dbd79ecc77b741bb008e25cb901
- SHA1
  
  d0897632579ede4d3c25d94998261476931ce547
- SHA256
  
  ad4e9c95629dc1ffae4d4a9f61c273e0d3c306cffa11c23976333bd465e965cc
- SHA512
  
  9370809e0ffe6929813039eb6ed211900998276ac84171990c84a4e756d070d31cae41f0af03c1eddacd1137b66f70e4515ffc710f6a6dc6a6055735140e0918
- SSDEEP
  
  6144:+7k5rQ0Z8z+KI8QABPHksPwhwtZDkbx2yz9lxvQxBGXXeitQK1Q3e77:ug8zlQs9whwU8KTv6mtQ7O77
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  bin/dmx4all.dll
- Size
  
  306KB
- MD5
  
  236e03bc0e53eb54c2ca6523d0902822
- SHA1
  
  badfc9255d0de367ca79a9531f7d8178c75c85dc
- SHA256
  
  40cf9c3d9445bc970726b97e6c2c824a43ab959eb1431a683b1aec2bfa13b629
- SHA512
  
  e566eaef1231afc5434f367dbdedeb02aafa6a18d6ecacca3ad566ed3e190a49ce1661a5d4a7846eb3479bcc64ca3eb3cc59cdd0eec16e2e4bfc1346fd7759a7
- SSDEEP
  
  3072:/baXWJ6ZSb5jztMowa3j3UJyu0p3zfkwhwFBbJbXe+CVpNWFYSYDKxvQhdYQfB2Z:jaXW8ZYUJFwhw7Jze+vFYSJxvQAQ4hLD
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  bin/dmxartnet.dll
- Size
  
  310KB
- MD5
  
  527f12de6c106eab00c65b73eb2d4aed
- SHA1
  
  e2e21074c343a28b0d5c118b49c4057689b99579
- SHA256
  
  b6f8473e96d8adf16ffdb36048dec6d9980d7313b140d24bd20f5ab42345f755
- SHA512
  
  6a3be3b9428ccefc6a80ad0fdc9cab9c65dcb0b19e65b66c7849f0f8402c698a4e65154b134d836f9a7a3f713ba287198d08d23748815fe09603709f7915facb
- SSDEEP
  
  3072:L/NJHqSQ/ZeXI6yGyiBki4NyyDPhZRtRrNSGvK2KEwhwiNmaEVg/IDx48v9mQQT5:5JHqSSdYNCt5NzwhwiNm9g/m4LQQGmL
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  bin/dmxeurolite.dll
- Size
  
  304KB
- MD5
  
  f09b19a731cc829507dcd66046143397
- SHA1
  
  bbb717f882c4dfe1e2ac3f75abff132ac4381bd6
- SHA256
  
  f11ee9339888eb05934b201d35522410f4f41c786387888a964fc2338fafec8d
- SHA512
  
  3ee3eb2100aec2f161fd9cd4c81582afb3b65a65a9513508c68d7bc06fb2d386cc3102e510cdfc5be5ae6c4a65e67d647bcc4fc641313df6074c99d9ee426512
- SSDEEP
  
  6144:H+DMgN8Fhwhwzvrf9O1bHxvQzRVbQOQI+T:H+wgNkhwhwzs1bRvQ9Q1T
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  bin/dsd2010.dll
- Size
  
  413KB
- MD5
  
  28152bb594156672d7cfc6f91e91ab48
- SHA1
  
  6433f4585e9a7145e1049c740ca6d550340f835e
- SHA256
  
  898ed02528ce43a890d22ad7c21035e58db77db982154a31a505f4ca5260adfa
- SHA512
  
  c650653a18b871f512c23c7cf2281708392597cf28baeef2f87f8e02d59b5e7da5ac304d9078e801f7cdb7546c44ac874c1d5e21926ff672f3cd15e3f19a9a7f
- SSDEEP
  
  3072:FhcHeAMWIO3hrTqRzAVTsEBpOSecwhwEZL3+z9SnxsDTjDKxvQlD4otUQKvh0MAH:FjQ2EJwhw2+zUsXKxvQBdCQKvvYTyC
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  bin/dumper.dll
- Size
  
  364KB
- MD5
  
  1a9a645538d87aff5123c23ce333239a
- SHA1
  
  7118d59a28096bc5c3d97a87056ba7db03f8664f
- SHA256
  
  7ee5e53e0f9fa9eeb824975ac2d8663ee0ad2bc5d7d58e0042464ee32bdcb840
- SHA512
  
  40e7b3d348d8f1e9276cf35530571c4b81caebe273fa8f73fbc8ea75f8655b939646eba88669ba6981af12a7d71e8373570d4f323cfaacec4706f86a889b8435
- SSDEEP
  
  6144:Q/bcv15zwhwWCty7o1TBRoxvQqYQD/NyNE:Q/MXwhwW61tRwvBYQD/NyNE
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  bin/easydcc.dll
- Size
  
  658KB
- MD5
  
  6539e6ead5bd175703e2e1f3639916ba
- SHA1
  
  d2751348eb3febb57d47b00fb9dfac00ad34446b
- SHA256
  
  2586ea3d19cc830c813f9c81df0952e460d58a38f18adaea3476d7d31373ba41
- SHA512
  
  58a6d5d26d61615412397295435a1f40dadb86fd4fc0cf4ac26b0ad6ae1584beef2ed9d96b1eb9975effead94c077cc5e0788fc379ca185a09f161c54d1c3f6b
- SSDEEP
  
  6144:T8tnIEyEsjU+XcLkILpsyzuisGJwhwT31mYBN4vxvQTFQW+zAHN3ZQZSCyrbL7rQ:T8tMMLk+uXawhw0pvnW3ZQ1O2p
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32