a5f647be9200c9cd82fd0bdd8b86fa6a8ed958fbc7e1651ea7e921c282a17f1f

Sharing

Copy URL

Twitter E-mail

General

Target

Obsidian-1.6.7.exe
Size

235.7MB
Sample

240902-mzrl3szblc
MD5

10c9af896fed767968d8cb2a4c746d61
SHA1

b3024d7d6af4bf5342fcc1f51a41a5f9861f8c44
SHA256

a5f647be9200c9cd82fd0bdd8b86fa6a8ed958fbc7e1651ea7e921c282a17f1f
SHA512

4b759fb874759b7843ef034630f3396c889bbffd624d31206f8083d64973d88932dd7b48d67ccdbd9147ae5b0102dc55cca92385be5fb050548f80a37ff668ae
SSDEEP

6291456:SC4P708jjjYRCJyC4Pc0L2Muzez4tL9qu39qKfC4Poo0D6Zu5W3OmWR:N4AqQRCJt4RFuu4ZLZq4aG34

Score

4^/10

discovery execution

Malware Config

Targets

- Target
  
  Obsidian-1.6.7.exe
- Size
  
  235.7MB
- MD5
  
  10c9af896fed767968d8cb2a4c746d61
- SHA1
  
  b3024d7d6af4bf5342fcc1f51a41a5f9861f8c44
- SHA256
  
  a5f647be9200c9cd82fd0bdd8b86fa6a8ed958fbc7e1651ea7e921c282a17f1f
- SHA512
  
  4b759fb874759b7843ef034630f3396c889bbffd624d31206f8083d64973d88932dd7b48d67ccdbd9147ae5b0102dc55cca92385be5fb050548f80a37ff668ae
- SSDEEP
  
  6291456:SC4P708jjjYRCJyC4Pc0L2Muzez4tL9qu39qKfC4Poo0D6Zu5W3OmWR:N4AqQRCJt4RFuu4ZLZq4aG34
Score

4^/10

discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/StdUtils.dll
- Size
  
  100KB
- MD5
  
  c6a6e03f77c313b267498515488c5740
- SHA1
  
  3d49fc2784b9450962ed6b82b46e9c3c957d7c15
- SHA256
  
  b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e
- SHA512
  
  9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803
- SSDEEP
  
  3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  0d7ad4f45dc6f5aa87f606d0331c6901
- SHA1
  
  48df0911f0484cbe2a8cdd5362140b63c41ee457
- SHA256
  
  3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca
- SHA512
  
  c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9
- SSDEEP
  
  192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/UAC.dll
- Size
  
  14KB
- MD5
  
  adb29e6b186daa765dc750128649b63d
- SHA1
  
  160cbdc4cb0ac2c142d361df138c537aa7e708c9
- SHA256
  
  2f7f8fc05dc4fd0d5cda501b47e4433357e887bbfed7292c028d99c73b52dc08
- SHA512
  
  b28adcccf0c33660fecd6f95f28f11f793dc9988582187617b4c113fb4e6fdad4cf7694cd8c0300a477e63536456894d119741a940dda09b7df3ff0087a7eada
- SSDEEP
  
  192:DiF6v2imI36Op/tGZGfWxdyWHD0I53vLl7WVl8e04IpDlPjs:DGVY6ClGoWxXH75T1WVl83lLs
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/WinShell.dll
- Size
  
  3KB
- MD5
  
  1cc7c37b7e0c8cd8bf04b6cc283e1e56
- SHA1
  
  0b9519763be6625bd5abce175dcc59c96d100d4c
- SHA256
  
  9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6
- SHA512
  
  7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  ffmpeg.dll
- Size
  
  2.6MB
- MD5
  
  55ce3dbee30681dcc0c831c69a1df138
- SHA1
  
  cfbca094beaab8306c07940b9c15d019405996e6
- SHA256
  
  0eb65055867ba5413d61490017df4e68e5d5ce70a7b97c35a17f62d86b6df08d
- SHA512
  
  ef29dbaa780a3eb9aee2399009e2a8ace55fe1b680d61fe7253c24e11a7373408f792a7c20457459b228fdc7e217be953fb543df105f537e7c156996922057ed
- SSDEEP
  
  49152:1C8lp7/1UNZrhOP9YJQHUOWwGen6yfW0OfShPdb5xV:ihOVYJiUOWwQaPBV
Score

1^/10
behavioral11
- Target
  
  libEGL.dll
- Size
  
  491KB
- MD5
  
  41a94c707a10b0b3e7856ce85c15da43
- SHA1
  
  8aac38bb57f26b88b09c8f8a9a945c4db26becc8
- SHA256
  
  9e46e85474f2fea425b11e23a1d7432a94060589f15d36eda1b859c7448d0dfa
- SHA512
  
  978b78abc86a53bdee5035450203893af3df09b912dd55d0363892f2930e10cb5a2c32619a4516d028de67a31441c3146cb149c2fb40ffdc23a1913e921df5f5
- SSDEEP
  
  6144:qmfOX/zRR8yWTDLMoqbAIbqkpXy0/KQPJjIJAGyYhY:3czRSyWTDY6IlpXy0/3hOHyu
Score

1^/10
behavioral12
- Target
  
  libGLESv2.dll
- Size
  
  7.6MB
- MD5
  
  e3f0ad50d545a27ce052cb5b7863a05c
- SHA1
  
  9c3445aaba37c871143a227854292599001840ca
- SHA256
  
  7a580bb001748527a3c5d15fe229019d58a00d22aacdb6a674db0ebcd0e0131c
- SHA512
  
  0ac5b62a7fee6fee8e95fd117e72da1216106a57dc4666bd803a4a9d304cbff39d6be0bc8cbdd94d46e596d1f07cbcc99519d35bac13d74e896a4aaac8e95f28
- SSDEEP
  
  98304:olaVNd6hP9OPvwfWm6sGnoDgCXm3o7KXWR:TClGwpvGngCuKO
Score

1^/10
behavioral13
- Target
  
  resources/app.asar
- Size
  
  1.1MB
- MD5
  
  26097e720dd807a5f20d5b27fcd706c0
- SHA1
  
  369d23f64e586e9670507b87ca42459a0955e9db
- SHA256
  
  4e6cab84d7d1ff5f63e6cb8fe742e99a8522cf4ee0d3e6c22495fb49928d2ad0
- SHA512
  
  b5ef1b6b01dcf7ee51b2da07e6a44b0345282f93df8f2fb8db192f913dbd630147389a9c25ec3305cb59e4449e799ed900193aff1d3d7d01de1637d39c16dc6b
- SSDEEP
  
  24576:/9Ho8mhRN/QNpDNsmHr7N11YZmJEQ6dOJnwFfG67UzI/6438tqB9QbeOPahWdRHL:/9Ho8mhRN/QNpDNvHr7N11YZmJEQ6dOp
Score

3^/10

execution
behavioral14 behavioral15
- Target
  
  resources/app.asar.unpacked/node_modules/btime/binding.node
- Size
  
  118KB
- MD5
  
  e9adc55381174562a26b0212966c7969
- SHA1
  
  3119dd90d115dcba46010abc0281f90bf7568400
- SHA256
  
  98087173112cf7e08fa742d4b9a07ace1f3305480384f67e000d7df086ba2f7d
- SHA512
  
  2fbef59d96bc60404dc4063f1e5f313e236b7d65f97d61a3061ca3bab7669736b8139367ef9a16e54d723bcef33d294a867124cedc6df8921936cc805d43cd31
- SSDEEP
  
  1536:guNqtRgWgxuKXjCeESPmvceBTHLAVW84/JRsW/d09dlARhtwAB7T:5NVWgbXueESveBHLAV2/vMywAB7
Score

1^/10
behavioral16 behavioral17
- Target
  
  resources/app.asar.unpacked/node_modules/get-fonts/binding.node
- Size
  
  125KB
- MD5
  
  671f821115e0499d4ebed86c83c100ed
- SHA1
  
  f268e65c5db56d67dd764ca4793e6fa39f7ea585
- SHA256
  
  a63da776e0a10bfee9109ee03ff3fe3b14fa82b4166de48857243a1ea7991890
- SHA512
  
  d2f95820bf3f8252486ed8b4d2b6ba0f1cb89a9c97dd9d3267f2f2039940ff066c5b4614d7a404ae43347eea0d5523bd3b258ad24157ec62e4780db43418a20b
- SSDEEP
  
  1536:/7fuD1g0RHZIvUq+caOuFFhK5ySskeOTwyvJcEOeJgJsW9d09dlsH+PvKi:/7f8RHlq+caOSa5ylQTwyvJCeeMKe6i
Score

1^/10
behavioral18 behavioral19
- Target
  
  vk_swiftshader.dll
- Size
  
  5.1MB
- MD5
  
  d96100628e1061d3fc99301012b49f44
- SHA1
  
  fd820523f89eca5540fe9334d814c3e306ad97b9
- SHA256
  
  c4636e1c13dc5f037806d7fd80e8e076e3aa14f1b58be51412cf266f35add848
- SHA512
  
  f1aefb6a58fb9b57ea292567811a485d3f05e88d14284b76f7864e94bc07deb076296a645ee6ceeec1f930012ff78800c31db11e9a38390af58234a181f470ee
- SSDEEP
  
  49152:9oaTaX1+4J7dN1uB/t4ABL5V1v+3+mFcpZBqtpM5KZwFlox0ikAiJb1XQGBliYD9:jeX1+qULMSx17nb24Z
Score

1^/10
behavioral20
- Target
  
  vulkan-1.dll
- Size
  
  956KB
- MD5
  
  985c0d87a4d1e0ee6391ca23d623768c
- SHA1
  
  263470a314d534a39dcc17c0397c0dad866d7278
- SHA256
  
  a0c781d3e3155d167d958c8d9e8cc6f717854d4723764867c2379892d8745601
- SHA512
  
  af74aba7332d719fc94cff5f43783bb8592ff66dc777e9b593cde90d2ac7203e747954b74625205ec131b1925cbd79d4a8c6a32e11a6cd3a8a2c6c0d57d26228
- SSDEEP
  
  24576:k7t2bkeR6V9+8T28zEQ6Z5W1DYsHq6g3P0zAk7mNUbZwRL:kYAeR6VY868zEQ6Z5W1DYsHq6g3P0zAV
Score

1^/10
behavioral21
- Target
  
  LICENSES.chromium.html
- Size
  
  9.8MB
- MD5
  
  0ff177fbf2a3873dd573077840e0b8f5
- SHA1
  
  03d06bc7cd894399a5fc6600a0210f6e3226f92a
- SHA256
  
  c4771c9158e31855293ee565db76c9b2c52f84c8a37eda4700cfb149a17fd7eb
- SHA512
  
  3264becd3103c905ab7f9cc034320885f18cbecaa45f582a4a9567ca4bcd620d64dc59fb03532964e775c35f07928a4497f5529cf1b9dc18379e4e9cff02ff8a
- SSDEEP
  
  24576:K+QQM6Ms6x5d1n+wRhXe1BmfL6k6T6W6b6f6V6GeGj/3BIpx:LUzeGdY
Score

3^/10

discovery
behavioral22 behavioral23
- Target
  
  Obsidian.exe
- Size
  
  158.9MB
- MD5
  
  c711fb6f17f7ca3d48861f26966d9589
- SHA1
  
  62bbf9695e3576151d216f309fc0a34fea931d19
- SHA256
  
  5d0c0beb2b80c0c9cb905480f2f71ab9f287903d58bce5b791b5c55544803a1c
- SHA512
  
  dd0bbdd92e33f7e3e49fd51f2db16d2a37b2fbad7519ea52919174cc314e10a97b6dbd71f8d9d5d5ad271d80dd347b0690536e0efb947ed3b23ff4624b3d8ff6
- SSDEEP
  
  786432:k41INjmLrqb57g5TE64z71jKhnVy89nI2FOFI/vpPcVwc4lW7OxsmQdaCKHBpkID:MYb5gl2T/vpkHOOIE28BNyGLYZL
Score

1^/10
behavioral24 behavioral25
- Target
  
  d3dcompiler_47.dll
- Size
  
  8.4MB
- MD5
  
  0321fdd72b44dd298bf993e0f4b8c53f
- SHA1
  
  8cc9c37e78c55902958f78b7503330a220dcedf9
- SHA256
  
  aabadd898a0f986cc43ce71e0dfdfa7421d17c77986a1560ecead208b94fdf83
- SHA512
  
  ac8afd392e7897c13569065345136f39b9473f15fe6ee3d2894117ebe1d602bc42c66078014e083503d8190331a8dc05108214653011ea39ec3edee539bf51ee
- SSDEEP
  
  196608:5YZCulG/ERQQo7jHBhzEZiv4u9BMylm1R:HJ4
Score

1^/10
behavioral26 behavioral27
- Target
  
  ffmpeg.dll
- Size
  
  2.2MB
- MD5
  
  5162e17290afdd7ea4175486dac88695
- SHA1
  
  6f9ed962f9a1a337605ce0d98a4b5b3cc54413a9
- SHA256
  
  d148c94f1f9ccb1087732a80633ba55557bd0afb146cffc9b1d7091d3b3faa7a
- SHA512
  
  f30dfada3f316342a6d359ecd706019979b3639f5e446c26dd371677f1e47f59feb6b2b58a9541d8abf4cd201d9c365e881445ae74b8b1780c29e7e6c98150e3
- SSDEEP
  
  24576:7oSHht06DD/AmaXNSl0Y/dD2f7nHqsTChq3n8lxxulh0/8w97GC+/Z4HdoNkJM0h:MSH3XAQ1/8W+GHM0HePwt/
Score

1^/10
behavioral28 behavioral29
- Target
  
  libEGL.dll
- Size
  
  469KB
- MD5
  
  0325ac7d613a9c1a34ec5e9825c0ef48
- SHA1
  
  69f58dabe9bf99e7d0dba70409ff46b35b7ddeef
- SHA256
  
  5e3b35285a2a52c4cb0a26101e527041934e46441b80f3bf962ec8ba7f7a98f6
- SHA512
  
  022c538001895b8bddef49229e1d9404c3a95aedab5dbec9b594fba73a50486b2dac78311b9d6e7d4c4f29101f51d4a064b773506547d037563e0b1a7df3a5b3
- SSDEEP
  
  12288:TWFyMyCnHI/mfKN6brg/iZSUOfssLyuMfe8901DDJwEUkMdYeTBnHiOcpkY:TWFyMyCnHI/mfKN6brg/iYjfssLyuMfk
Score

1^/10
behavioral30 behavioral31
- Target
  
  libGLESv2.dll
- Size
  
  6.6MB
- MD5
  
  58ea230620ec9b9e0d6bf0c77119aa35
- SHA1
  
  b059424b780770952ef00a90ee248c3d8fe2710a
- SHA256
  
  9901c781be942c1d37eadafde5c06866b16a3f80ac997af53e1910922a408575
- SHA512
  
  4745a7442fbbb88a209f61fa92fe2d55d016f20fe08f7a7e0cd9da53e4f41c90077fef6775ce29e5999a4a301ecd6a3a0ad57d3a353d210f476b51f18484c63c
- SSDEEP
  
  49152:u6xs1PxwafSTtUSbipokLvq4kXAwQUqZ9QXBw7n3DYNlCeifLRPcVcH7cX:ZmSa6PiWcq4kBYZqXm3
Score

1^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32