98a7fccdb0443b44fa3afabc5c673d4419014668992e531766a18b9f4bcb133d | Triage

Sharing

General

Target

liquidlauncher_0.3.0_x64-setup.exe
Size

6.1MB
Sample

240902-wzh5davdkq
MD5

488e15c06c044be1eb8a42b1396d4768
SHA1

f1e56df200072ce90811b4b985c33dd851526433
SHA256

98a7fccdb0443b44fa3afabc5c673d4419014668992e531766a18b9f4bcb133d
SHA512

f7d99054d446e67a6bfa0ffe2bbfff0120186f0c04ae4c7230c1e1a7d9525dfc10099be677b37ebb93e3ad827733742ad5ee120d15d520318826d710bb7d6320
SSDEEP

196608:xxaBup4JrgUFFDG7U6uqLYkzzGZ4R0K8MNFUtfik:xAgp4JrXGwMFpTjOfn

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  liquidlauncher_0.3.0_x64-setup.exe
- Size
  
  6.1MB
- MD5
  
  488e15c06c044be1eb8a42b1396d4768
- SHA1
  
  f1e56df200072ce90811b4b985c33dd851526433
- SHA256
  
  98a7fccdb0443b44fa3afabc5c673d4419014668992e531766a18b9f4bcb133d
- SHA512
  
  f7d99054d446e67a6bfa0ffe2bbfff0120186f0c04ae4c7230c1e1a7d9525dfc10099be677b37ebb93e3ad827733742ad5ee120d15d520318826d710bb7d6320
- SSDEEP
  
  196608:xxaBup4JrgUFFDG7U6uqLYkzzGZ4R0K8MNFUtfik:xAgp4JrXGwMFpTjOfn
Score

8^/10

discovery
- Downloads MZ/PE file
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/NSISdl.dll
- Size
  
  15KB
- MD5
  
  ee68463fed225c5c98d800bdbd205598
- SHA1
  
  306364af624de3028e2078c4d8c234fa497bd723
- SHA256
  
  419485a096bc7d95f872ed1b9b7b5c537231183d710363beee4d235bb79dbe04
- SHA512
  
  b14fb74cb76b8f4e80fdd75b44adac3605883e2dcdb06b870811759d82fa2ec732cd63301f20a2168d7ad74510f62572818f90038f5116fe19c899eba68a5107
- SSDEEP
  
  384:7py18oahashajPmIYInUJggBOZgAHhUKijb:7py18oafmeggBOCAHpij
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/StartMenu.dll
- Size
  
  7KB
- MD5
  
  d070f3275df715bf3708beff2c6c307d
- SHA1
  
  93d3725801e07303e9727c4369e19fd139e69023
- SHA256
  
  42dd4dda3249a94e32e20f76eaffae784a5475ed00c60ef0197c8a2c1ccd2fb7
- SHA512
  
  fcaf625dac4684dad33d12e3a942b38489ecc90649eee885d823a932e70db63c1edb8614b9fa8904d1710e9b820e82c5a37aeb8403cf21cf1e3692f76438664d
- SSDEEP
  
  96:h8dPIKJhMuhik+CfoEwknt6io8zv+qy5/utta/H3lkCTcaqHCI:yZIKXgk+cx6QYFkAXlncviI
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  cff85c549d536f651d4fb8387f1976f2
- SHA1
  
  d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
- SHA256
  
  8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
- SHA512
  
  531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88
- SSDEEP
  
  192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  6c3f8c94d0727894d706940a8a980543
- SHA1
  
  0d1bcad901be377f38d579aafc0c41c0ef8dcefd
- SHA256
  
  56b96add1978b1abba286f7f8982b0efbe007d4a48b3ded6a4d408e01d753fe2
- SHA512
  
  2094f0e4bb7c806a5ff27f83a1d572a5512d979eefda3345baff27d2c89e828f68466d08c3ca250da11b01fc0407a21743037c25e94fbe688566dd7deaebd355
- SSDEEP
  
  96:o0svUu3Uy+sytcS8176b+XR8pCHFcMcxSgB5PKtAtgt+Nt+rnt3DVEB3YcNqkzfS:o0svWyNO81b8pCHFcM0PuAgkOyuIFc
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/nsis_tauri_utils.dll
- Size
  
  28KB
- MD5
  
  a573dcf90cb9d9e30624eea14018980e
- SHA1
  
  01e48d6429b48b640230c6ce8f257c84758943aa
- SHA256
  
  2fe7953cd06cd9ab1d5e91834ecfe70bcf7a9ed6b2c40aebc21c98c6f96eb89c
- SHA512
  
  823a79f1b1e6e64481f0c305e189d95b51528b6ce87a2330e2199a33ebfe074a6e39382c79cb28d89c89294205031f0519bff5aacd2334813a74d32529d2eaa7
- SSDEEP
  
  384:sq6F316ZZDGeN/b42AHrKLHxEojKCKpnbOMdjdhQD7bGh+qkzAGj:sq6Fl6ZICb3ercFKpnq0jdhK7W+q4
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  liquidlauncher.exe
- Size
  
  17.2MB
- MD5
  
  51140997b3be1fca581064d4ec286612
- SHA1
  
  824de0f9423169bacc25d80760e4e74e734791b0
- SHA256
  
  b288cae4f82117c611fafb15eea67211ae8e3858b6b232b2b1a0ca03afe5b8b6
- SHA512
  
  0a8306b4f42a4b70f99c88cf777a7e85efe8b8367e6f485949f44422cce1cf483a20ffe1d0d4a9a6ad69675fc14432c58531a4b991dc2fcd0cc9e26d99509f1a
- SSDEEP
  
  196608:BZyLKBQMnSYUAsStOHCqvQryeYh9ZaIvuR:B7tSYUAsS0HCqYryeYrZaI
Score

1^/10
behavioral13 behavioral14
- Target
  
  uninstall.exe
- Size
  
  73KB
- MD5
  
  94f76f791bfd3eff7deeaf6b5be9c96d
- SHA1
  
  fb5908c74adbc08f42dda5060ce170b49c89c568
- SHA256
  
  0cb4a8528e62e43af13c271ccacc641ae1dcd9e21f8576ad629dcbafc1feced3
- SHA512
  
  7c96de0581ca2b3d280cefff83f7f19ccca923befcc5882503613f8f20a7877aab9ce6758783e99033930de79b5038e2226d51f2d6bc63c1731936456adf19f2
- SSDEEP
  
  1536:HmsAYBdTU9fEAIS2PEtuTgdLeAyNxu6/qP78SBc2ZZ4a0KEfo/:GfY/TU9fE9PEtuTceAv97/Co/
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  68b287f4067ba013e34a1339afdb1ea8
- SHA1
  
  45ad585b3cc8e5a6af7b68f5d8269c97992130b3
- SHA256
  
  18e8b40ba22c7a1687bd16e8d585380bc2773fff5002d7d67e9485fcc0c51026
- SHA512
  
  06c38bbb07fb55256f3cdc24e77b3c8f3214f25bfd140b521a39d167113bf307a7e8d24e445d510bc5e4e41d33c9173bb14e3f2a38bc29a0e3d08c1f0dca4bdb
- SSDEEP
  
  48:S46+/nTKYKxbWsptIpBtWZ0iV8jAWiAJCvxft2O2B8mFofjLl:zFuPbOBtWZBV8jAWiAJCdv2Cm0L
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  cff85c549d536f651d4fb8387f1976f2
- SHA1
  
  d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
- SHA256
  
  8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
- SHA512
  
  531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88
- SSDEEP
  
  192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/nsis_tauri_utils.dll
- Size
  
  28KB
- MD5
  
  a573dcf90cb9d9e30624eea14018980e
- SHA1
  
  01e48d6429b48b640230c6ce8f257c84758943aa
- SHA256
  
  2fe7953cd06cd9ab1d5e91834ecfe70bcf7a9ed6b2c40aebc21c98c6f96eb89c
- SHA512
  
  823a79f1b1e6e64481f0c305e189d95b51528b6ce87a2330e2199a33ebfe074a6e39382c79cb28d89c89294205031f0519bff5aacd2334813a74d32529d2eaa7
- SSDEEP
  
  384:sq6F316ZZDGeN/b42AHrKLHxEojKCKpnbOMdjdhQD7bGh+qkzAGj:sq6Fl6ZICb3ercFKpnq0jdhK7W+q4
Score

3^/10

discovery
behavioral21 behavioral22

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22