36c7d4dc52d14d18bf0969e49ed110e72ada06f6f78ea40077ed1b56d88cadc4 | Triage

Sharing

General

Target

36c7d4dc52d14d18bf0969e49ed110e72ada06f6f78ea40077ed1b56d88cadc4
Size

930KB
Sample

240902-c888da1akc
MD5

d118e44d97e401cc8dc4dfb53c9f3a66
SHA1

27de57d4be913836e838c34c9403fffe206d3bc8
SHA256

36c7d4dc52d14d18bf0969e49ed110e72ada06f6f78ea40077ed1b56d88cadc4
SHA512

399d16b92803a6bbd10523e746eba2a7ffc67a344253ffc328aa7d0b6627ef32f243cb982a3e2ab0064ad95831e8c84293e9c3f727f7233566e2e8a3e3310e2c
SSDEEP

6144:uT4DtNUjD58ADTFYPu9es0mPH+WSgEnqSB9G3Sond9LWKtsm4NTz:uT4UjD58o9euP+bJqSjwSorWKtsm45z

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  36c7d4dc52d14d18bf0969e49ed110e72ada06f6f78ea40077ed1b56d88cadc4
- Size
  
  930KB
- MD5
  
  d118e44d97e401cc8dc4dfb53c9f3a66
- SHA1
  
  27de57d4be913836e838c34c9403fffe206d3bc8
- SHA256
  
  36c7d4dc52d14d18bf0969e49ed110e72ada06f6f78ea40077ed1b56d88cadc4
- SHA512
  
  399d16b92803a6bbd10523e746eba2a7ffc67a344253ffc328aa7d0b6627ef32f243cb982a3e2ab0064ad95831e8c84293e9c3f727f7233566e2e8a3e3310e2c
- SSDEEP
  
  6144:uT4DtNUjD58ADTFYPu9es0mPH+WSgEnqSB9G3Sond9LWKtsm4NTz:uT4UjD58o9euP+bJqSjwSorWKtsm45z
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/AccessControl.dll
- Size
  
  21KB
- MD5
  
  eb7a540d0d2e28f6bf524d2cdbe0f478
- SHA1
  
  76204991c60913cffeba5595033c4f79e1e89bd8
- SHA256
  
  ef4b548b27a6edab3bcb25cff0598918c645795850d62f232909dee851e04c6d
- SHA512
  
  947132d07f7875dc99fbe8a87757f6efee0a8c6271f8a3bac6747f9f4f60ed7e203e28a588db8c55ee898ba8f3dcf640f6562c49c45d6c6d8fdbe2d2309b9984
- SSDEEP
  
  384:8fX/qSSu13X9dGY+M47iw93L/pvDGFtart8E9VFK4imkGu6m328t1:8fXSz8X9MCqRDGFo+EA6D8z
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/AppAssocReg.dll
- Size
  
  14KB
- MD5
  
  012461cad43cc5a871bb2019a461a2e4
- SHA1
  
  75617dce95008117b5b1bd602bbbe58dfda4e6d8
- SHA256
  
  eeed86addbf5989fe54e862e68e9a287eeaad11b209c26de67ab660b21445e15
- SHA512
  
  f1c42d0703e5c4fafae2fab90a7c23499e8b72f9e04ecc10602d1c48ca08781000cda36af86577b3e2380684ca442db54668f390822f3590b6dca6507e80fa2e
- SSDEEP
  
  192:zJfFQBTidO4veM7x0KDWpHFtH6cAAANa3Gy2sE9jBFKWJfsHRzt8oOT3ip0lL:lfF6iddHvDGFtart8E9VFK4ittEipoL
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/ApplicationID.dll
- Size
  
  55KB
- MD5
  
  fdc0338e6faeaf6f7c271982e103473b
- SHA1
  
  9a41f7932abe8be7e32c6371f085cf14de355d00
- SHA256
  
  a9dad9fdaae93d10dc2ee346b231913445e731049554b8bb1506827e46f8a44e
- SHA512
  
  a766eef11db4c94b1445d1cd70cf1d3b6141d6b3973562e9fa8d81c79195886b884dbc9b9f6952f8a6e8619534a6bf2d615d539d2cace9c8843dc19415051cc0
- SSDEEP
  
  768:oY+N1V9Ek9B/3I2IIk85ZLa342QpIK0+KE1zRBoSLDGFo+EAM:oY+LpI2IIk85Fs+LNRBo1oyM
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/Banner.dll
- Size
  
  14KB
- MD5
  
  2b3f617f22f70710aaf7f27efab15c40
- SHA1
  
  66c2397748b46c0aa03f0de1d3b1ef0598512f7c
- SHA256
  
  2393ee61dff10c520fea62b5d6dc1c3a559fcad55f5cf15b22e1f408692a35f8
- SHA512
  
  69295601e8c20a97b512a99afec2609997b589d46a507b2738a6c974ee5b68bde0e56fce150ab1fc4355aa561e8125335378a9c648bbc533bc5b44de1b85b3e5
- SSDEEP
  
  192:bAfhCpBEyMW7x0KDWpHFtH6cAAANa3Gy2sE9jBFKWJfsHRnSMR+4pCC:YCJMUvDGFtart8E9VFK4iZSr4cC
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/CityHash.dll
- Size
  
  53KB
- MD5
  
  2021acc65fa998daa98131e20c4605be
- SHA1
  
  2e8407cfe3b1a9d839ea391cfc423e8df8d8a390
- SHA256
  
  c299a0a71bf57eb241868158b4fcfe839d15d5ba607e1bdc5499fdf67b334a14
- SHA512
  
  cb96d3547bab778cbe94076be6765ed2ae07e183e4888d6c380f240b8c6708662a3b2b6b2294e38c48bc91bf2cc5fc7cfcd3afe63775151ba2fe34b06ce38948
- SSDEEP
  
  768:jfXngOuwVTROMOZbPg9ao/wxsfJM3JuNUgo3BDGFo+EA3:j/hPVTRBO9NJYMMnomoy3
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/ExecInExplorer.dll
- Size
  
  14KB
- MD5
  
  f165b8df6ba6cf4e929ba3a6818d1161
- SHA1
  
  90973888586d1f466a09fc813a3483b39357e471
- SHA256
  
  0d65131958d7ef898982f5772edef1b1491ed24fcc5c454712775b7bbb8edebc
- SHA512
  
  8b01857dfe8408af5a33ec8ec82507af35fe02bab534560f9b883bc3233ef250b44a8c07fe9cfb2e393b6f4763291a91ac015fcfa4e12306e4847e7cc204021c
- SSDEEP
  
  192:gXpVutvFD2jndC7x0KDWpHFtH6cAAANa3Gy2sE9jBFKWJfsHReNOJVv3B7mu:3Jh2BIvDGFtart8E9VFK4iIUtlt
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  25KB
- MD5
  
  fd249bc508706f04a18e0bc0afddec82
- SHA1
  
  b94efda9f41c89fc6120ed385867125d03f28bea
- SHA256
  
  c34f095e200db420ce9af5489c3e392be285e43c3f4c9fbe34686b1f0a1531ad
- SHA512
  
  c820c06ad5ae21101602d9e7864fed9b470b25fa9a0ee025d05e72697d88c7e03cbee7ad476f4e3d5b6e467248b8ad1fefa2710c76011e2156b85068961404ba
- SSDEEP
  
  384:EAC43tPegZ3eBaRwCPOYY7nNYXCA/YosaNvDGFtart8E9VFK4ivDGb:EdTgZ3eBTCmrnNAEYDGFo+EAy
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/InvokeShellVerb.dll
- Size
  
  14KB
- MD5
  
  79eedad48e956f125b4b518f5351db5f
- SHA1
  
  2bb8c4952a3310244394fa28b91797521ff7d154
- SHA256
  
  2bcab0487134238f5109d1f4364b99b6d03941c2c091fba6d660eb2b92f65adb
- SHA512
  
  bbab20281bd48b9ef285651c0fef385143465082254ec99435710e14d7389efbc93c6f4d571ada9d92e9e7648b230abf83d5a17b286f698c751026b8e8aa6f55
- SSDEEP
  
  192:YpqLDCV7x0KDWpHFtH6cAAANa3Gy2sE9jBFKWJfsHRspFQChL:ZLDCXvDGFtart8E9VFK4iqpCE
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/PinToTaskbar.dll
- Size
  
  3KB
- MD5
  
  70016ab449dd0034333b0df88193cb82
- SHA1
  
  add0b693b75f14e7f9a063d0de1921c3bc8d1a52
- SHA256
  
  6bec8a69845fe9012a0622e79b63328fb611151fd24f198a779d781a36dce5a3
- SHA512
  
  1295dbe8596a37d0799b51c3be011b2aeb499d382bd860bba784dbe5a580f6d2e1116830c4c619ef32df9c5f7af0aceb600c2c7a29e321cf8e355c73627ffc71
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/ServicesHelper.dll
- Size
  
  14KB
- MD5
  
  b9e8c2212ac8dae4b0eaf97c048529fa
- SHA1
  
  331d172323480b0518abdb0cc9e256dc7f46c357
- SHA256
  
  d6f6758adac2c073bec481e8de762af3a5574789bce3f43de02356afc9911e0f
- SHA512
  
  d93aa032e27c8268a4f6883711cf41f7ee2b5d33673a26d78db24456f2c548af39b7b98ed4b4737245c278d524fffb3e4bf708b6815dc866acd371427ff6be96
- SSDEEP
  
  192:UIHxGS7x0KDWpHFtH6cAAANa3Gy2sE9jBFKWJfsHR5tHPk6NM:UR4vDGFtart8E9VFK4i/9kSM
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/ShellLink.dll
- Size
  
  14KB
- MD5
  
  fa94d120efb029b43217c66bbc8c650c
- SHA1
  
  1fcf2d76adf69b403b7400681ac91d50ed20385f
- SHA256
  
  5f6f414b412c72b10f49eb92af1d368ede531b58fb200d539fd2b45e371612db
- SHA512
  
  07ed0771d5bbb651ea7421a5f6b08fa234f9cc041315d9360a7135ba12180064fc99a27725385a8ecd3ceb25bed5c00de169f7dabb3ccf6e987f45254dff8158
- SSDEEP
  
  192:46J7JQCdiaR+7x0KDWpHFtH6cAAANa3Gy2sE9jBFKWJfsHRqt8kzN0eM2s:LJ7JQG2vDGFtart8E9VFK4ictvU2s
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  22KB
- MD5
  
  b361682fa5e6a1906e754cfa08aa8d90
- SHA1
  
  c6701aee0c866565de1b7c1f81fd88da56b395d3
- SHA256
  
  b711c4f17690421c9dc8ddb9ed5a9ddc539b3a28f11e19c851e25dcfc7701c04
- SHA512
  
  2778f91c9bcf83277d26c71118a1ccb0fb3ce50e89729f14f4915bc65dd48503a77b1e5118ce774dea72f5ce3cc8681eb9ca3c55cf90e9f61a177101ba192ae9
- SSDEEP
  
  384:78+Qlt70Fj/lQRY/9VjjgLZvDGFtart8E9VFK4ietffvtlh:7SqFjm6YL1DGFo+EA6tlh
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/UAC.dll
- Size
  
  28KB
- MD5
  
  d23b256e9c12fe37d984bae5017c5f8c
- SHA1
  
  fd698b58a563816b2260bbc50d7f864b33523121
- SHA256
  
  ec6a56d981892bf251df1439bea425a5f6c7e1c7312d44bedd5e2957f270338c
- SHA512
  
  13f284821324ffaeadafd3651f64d896186f47cf9a68735642cf37b37de777dba197067fbccd3a7411b5dc7976e510439253bd24c9be1d36c0a59d924c17ae8e
- SSDEEP
  
  384:2lqVibvTh4qnFP+OPEzinclP++vDGFtart8E9VFK4iBSaXrwz1k:EqVavVfPkzhlmIDGFo+EAzrn
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  $PLUGINSDIR/UserInfo.dll
- Size
  
  14KB
- MD5
  
  610ad03dec634768cd91c7ed79672d67
- SHA1
  
  dc8099d476e2b324c09db95059ec5fd3febe1e1e
- SHA256
  
  c6c413108539f141bea3f679e0e2ef705898c51ec7c2607f478a865fc5e2e2df
- SHA512
  
  18c3c92be81aadfa73884fe3bdf1fce96ccfbd35057600ef52788a871de293b64f677351ba2885c6e9ce5c3890c22471c92832ffc13ba544e9d0b347c5d33bfd
- SSDEEP
  
  192:PmTH+kPMC7x0KDWpHFtH6cAAANa3Gy2sE9jBFKWJfsHRGz6ot87n5/:PWH+SvDGFtart8E9VFK4iczNwn5
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  $PLUGINSDIR/liteFirewallW.dll
- Size
  
  19KB
- MD5
  
  f31ba98a8d87faba153eea134968c854
- SHA1
  
  da0865cc1a86a39367f22897e1f9fbf4fb1f804f
- SHA256
  
  708fb54cffb6aea3547fc5ac745d1435ecc814df563bef59ba7a94f57d082bbb
- SHA512
  
  d991a2dd5ef537b25898afd7b7e73274a3cb8e6f5fca1621af22ee2761b82baf220aecb0c84434566742e2ab00b2f57a3740ce9831e76d4e1829bac3e044c8e9
- SSDEEP
  
  384:3HHrCQSJeR10wWK8vDGFtart8E9VFK4ik8+qL:3nrlSQcEyDGFo+EAp
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32