Overview

overview

7

Static

static

3

release/x6...re.dll

windows7-x64

1

release/x6...re.dll

windows10-2004-x64

1

release/x6...ui.dll

windows7-x64

1

release/x6...ui.dll

windows10-2004-x64

1

release/x6...ge.dll

windows7-x64

1

release/x6...ge.dll

windows10-2004-x64

1

release/x96dbg.exe

windows7-x64

7

release/x96dbg.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    snapshot_2024-08-30_23-04.zip

  • Size

    33.4MB

  • Sample

    240906-awbp8sxaqd

  • MD5

    aa6cc56cc9a2672a544f69748531f3fb

  • SHA1

    2739639567c1c5d8a1f23378ff476e349bc64996

  • SHA256

    87a559aed5a8f9b9bff640ad19eda0e85b31577a4f4a3a7b1464fa766b9b011a

  • SHA512

    e8b3da124238222c209c21150db4a6578b45af7767d05963e8db72288e1ea67f6c80a9f78e9f21cdf014e3ccf990ec3c7a3e61b55711ffe848ed6c35691eb0bc

  • SSDEEP

    786432:ykql1iQIw2R/4+AtidzN0bwBdgazhqGAKrE/+9p11vNlN6l:y9l1ik+4bihnW6RAKIYj5i

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      release/x64/Qt5Core.dll

    • Size

      5.3MB

    • MD5

      2f997eb6ba34065496cb088f1489aebb

    • SHA1

      29fd1c8a3e71cfbc49c9f160dce2749cecaf0cb6

    • SHA256

      7a4cb4ced60598ed0a4f31dfdc01a8019df5cca6cbbfd3ec7f629edd99db6007

    • SHA512

      4b1fd309cae1205bd3eff3b48b21893a20211356779b29c9f7739bbe6eabfa3e83e256e8406aa0af0b223b1376ec139e9605a0451359c0cccd21d3360477c233

    • SSDEEP

      98304:4WcwN5Gs2OJsv6tWKFdu9CwCGNcqCWHfUr:4WcwN5GspJsv6tWKFdu9CwLNcqCWHfA

    Score
    1/10
    behavioral1behavioral2

    • Target

      release/x64/Qt5Gui.dll

    • Size

      5.7MB

    • MD5

      0097fe1fdf80e2b515ab5ab2f6bad47c

    • SHA1

      fce79b37dfc8b142dfd32c233c9ac9eec248bd6d

    • SHA256

      3506bd2e291fe85a675d268e705f46dd0da7c274ec43dcb2330b8cee2b8c1d24

    • SHA512

      cddb67a0d4bc60d7c26dfb4f03fbccc7d82ace7605b9d8fa20b46a970ffca134d5904303b91caa1e19b9c153a4b61ece3bde27095075dce344835e2cdbc531fc

    • SSDEEP

      49152:08S02e0os7wJ/mpFdnTQWQNaRItxDfhPwcD2XB4/nHUWHNFSQDnxq2Nlnftvg32N:I0R0oetTbQQRIfD0Wt0szfbbmDQ

    Score
    1/10
    behavioral3behavioral4

    • Target

      release/x64/x64_bridge.dll

    • Size

      20KB

    • MD5

      12fedb7f9dc4e86621d3b019ef98e946

    • SHA1

      a21cd96ac142aa80f85724e01a451c7613bf4fe8

    • SHA256

      31ed3f4d03818dee8aad6a630ddbb6b1ad32ff58b00182dfb4b03f5728ebdfb6

    • SHA512

      663270b99c4b0aed9d30c0743e275d23c3ea60c42e638515c58a533c9494a39182cb28f45945417f9cd45d7b20ca6bd0b6a3fbfc65a188e406f76e50876757e3

    • SSDEEP

      384:3b7R23UV0/rDaTc6EpwKNsEkhs7Lq8ZpH3GCJEYdun:3bt23UV0/4Ek672iRBE5n

    Score
    1/10
    behavioral5behavioral6

    • Target

      release/x96dbg.exe

    • Size

      156KB

    • MD5

      fde3d2793268e77ff8d4acd974cb8619

    • SHA1

      228da82828035494bbd7b4adbb800bd7a223f0ae

    • SHA256

      ab55cbe3aa7b0a3cc0d2707bd231a4dc02e5ef7f2bff944d1678791a5d6780cc

    • SHA512

      049cf976b7fd58a052e6573c557dd1ef4bd1249438a41ad336c644706151e927de0b9727ae781f0a2495da7b884125f4b1e48115a14bebd529744db6f8adf1ac

    • SSDEEP

      3072:zwu3TMJ4J+hgMPH73jsIo4iFk9K5+ZQJ7u:3QosxLj1iv+Z07u

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Modifies system executable filetype association

      persistence
    behavioral7behavioral8

MITRE ATT&CK Enterprise v15

Tasks