9d98abb75b0c7b587d3ccf35284d022161b909351bfed0b7b0f60514cb9600d0

Sharing

Copy URL

Twitter E-mail

General

Target

obfuscator-executive-x86-v5.0.25-installer.exe
Size

2.1MB
Sample

240908-vmkxrszdpg
MD5

11ebd9213f11aefb32c33a2b4374a26d
SHA1

92d3285fcad6354f3f3486a796f76b31a341bafb
SHA256

9d98abb75b0c7b587d3ccf35284d022161b909351bfed0b7b0f60514cb9600d0
SHA512

90456ecc6c97546b55fd1fffbf9547fc4dc3a84c838a7a02d95644c71b10d6a72cb29f0562a39e7409a911c0db34a964e83b4de9e58789df8bd955a6b028f1e7
SSDEEP

49152:l/YKtc4ooTgXNkMzxqVVJt7O2vzqj1EIvWhdJGN:lgKtc4oo2B9qVVJvrY1pvWhdu

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  obfuscator-executive-x86-v5.0.25-installer.exe
- Size
  
  2.1MB
- MD5
  
  11ebd9213f11aefb32c33a2b4374a26d
- SHA1
  
  92d3285fcad6354f3f3486a796f76b31a341bafb
- SHA256
  
  9d98abb75b0c7b587d3ccf35284d022161b909351bfed0b7b0f60514cb9600d0
- SHA512
  
  90456ecc6c97546b55fd1fffbf9547fc4dc3a84c838a7a02d95644c71b10d6a72cb29f0562a39e7409a911c0db34a964e83b4de9e58789df8bd955a6b028f1e7
- SSDEEP
  
  49152:l/YKtc4ooTgXNkMzxqVVJt7O2vzqj1EIvWhdJGN:lgKtc4oo2B9qVVJvrY1pvWhdu
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  15KB
- MD5
  
  d095b082b7c5ba4665d40d9c5042af6d
- SHA1
  
  2220277304af105ca6c56219f56f04e894b28d27
- SHA256
  
  b2091205e225fc07daf1101218c64ce62a4690cacac9c3d0644d12e93e4c213c
- SHA512
  
  61fb5cf84028437d8a63d0fda53d9fe0f521d8fe04e96853a5b7a22050c4c4fb5528ff0cdbb3ae6bc74a5033563fc417fc7537e4778227c9fd6633ae844c47d9
- SSDEEP
  
  192:EyGQtZkTktEQUrJaZfuyCnSmUsv3sY7L7cW8Y6Q86QvoTr11929WtshLAzgSrX8:EyNt+4t7uJalUnGesY7Lt8nCr/Yosa
Score

3^/10

discovery
behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  4add245d4ba34b04f213409bfe504c07
- SHA1
  
  ef756d6581d70e87d58cc4982e3f4d18e0ea5b09
- SHA256
  
  9111099efe9d5c9b391dc132b2faf0a3851a760d4106d5368e30ac744eb42706
- SHA512
  
  1bd260cabe5ea3cefbbc675162f30092ab157893510f45a1b571489e03ebb2903c55f64f89812754d3fe03c8f10012b8078d1261a7e73ac1f87c82f714bce03d
- SSDEEP
  
  192:VjHcQ0qWTlt7wi5Aj/lM0sEWD/wtYbBjpNQybC7y+XZv0QPi:B/Qlt7wiij/lMRv/9V4bvr
Score

3^/10

discovery
behavioral3
- Target
  
  $PLUGINSDIR/ioSpecial.ini
- Size
  
  211B
- MD5
  
  e2d5070bc28db1ac745613689ff86067
- SHA1
  
  282e080b4cf847174c5c11e4f9157b8c338ecb19
- SHA256
  
  d95aed234f932a1c48a2b1b0d98c60ca31f962310c03158e2884ab4ddd3ea1e0
- SHA512
  
  a50ca2014869629135b54e848f03cb4983ad8029cd811300d02b0fc54de0436185f418fea4d3db888eb0f3170e33a59d486aa885f024ab29e630e9bc0ae1a2de
Score

3^/10
behavioral4
- Target
  
  $PLUGINSDIR/modern-wizard.bmp
- Size
  
  150KB
- MD5
  
  cce22a4e6932c0dc9d7176fe0a2f73fc
- SHA1
  
  f4f60597f710488948a8c14f25796b4bebc4fd90
- SHA256
  
  b5bc38a2703f1693e1042d786f5aec1a804111871d9af20b278167c3743c9fc8
- SHA512
  
  dfc643ab6f290239b5cb8ea21b73078c63805b8b10981e94adadfee36fc169fea96c5d5b39799043275f755cf35b6f1c7423d923f5cfee770f15d55bf3a05ee3
- SSDEEP
  
  3072:5dpJFmVtMPi91H+ZnZhnD0eRyv6ZszmUgY0aJgm4ZSe3wA7s:Dp2Xs81H+1zuosz2aJgm52Q
Score

3^/10
behavioral5
- Target
  
  $R0
- Size
  
  1.3MB
- MD5
  
  88ef14f379e050e8df3ba9a9462945e9
- SHA1
  
  b965d2bd4e3528d7b76ad465ae2c75a83507cf4e
- SHA256
  
  0202ddcf449dc8a0b4c56e786222da56c23c97bdc721d751fb169881df2626fe
- SHA512
  
  5efe90bd5ad79b833f94ce51a4b6fafbe26e09497ecbefff03bff7a8d9d2d4c4dbd30c74ac445e53cbce183fd992176226a3408cbbb677c6e69ba10d1b6f683c
- SSDEEP
  
  24576:CnsZfH8WK6FuXqt5K8whx12tnqIVB62ezzV8d/v3HTYTcfzBRKdfg6:Cim7x12tnq+62ezzVK3HTYoai6
Score

3^/10

discovery
behavioral6
- Target
  
  $R2/NSIS.Library.RegTool.v3.$_5_.exe
- Size
  
  5KB
- MD5
  
  48b4f7d95dbff3dfc74fe3d9e41524b8
- SHA1
  
  7bfc27a6eac4796029e841f9d5a61d37de6b34be
- SHA256
  
  fc6f7befdd834ccf59aa660497f197d85776f3d95736337d1b9f4417e1db8d6e
- SHA512
  
  c51d21f3d76d915086324ecaf54f6da7b4fcd2aec9161812fde63e70f6aa1b30709cc6ae5d30abfcfe9141edd6e9e44d49de83a06753cbc5d37ad0d658cc740d
- SSDEEP
  
  96:qBg4ARDDMDQB4dtVfhxr+qOspqME3zpHC5:isDDcQWd/hxaq/sMsC5
Score

3^/10

discovery
behavioral7
- Target
  
  changelog.txt
- Size
  
  4KB
- MD5
  
  38cf12a937955284769dac380b48ecb1
- SHA1
  
  c2c798f6372a78d7122f96db9c12b8eaa5c9b380
- SHA256
  
  e55a5d24fd0dc14865eb5d19b1eace40dedb69d6fe57d7cac2b42361965ef5f8
- SHA512
  
  74f867232647948795a1a4dbad08d3fd640851111950a871c46ba1355add57d75e5bfa18ed03e407149310b9d59cfeddd27719da6a384ae155b44776b7216525
- SSDEEP
  
  96:XvqNUWwbZpN3r5p9+pFBilraAipxXXfW0SG:XvqNUjbvN3hG5tj
Score

3^/10
behavioral8
- Target
  
  license.txt
- Size
  
  8KB
- MD5
  
  60a0ce1978255735f404e4c5241925bd
- SHA1
  
  ac19c8f0295ebf0c930301bd95a3b1765809ef73
- SHA256
  
  bbffc4a9a1bd4040047f0552968b1d24fbb83f3976dd108d6b8f027ca552c486
- SHA512
  
  83dc59c24ad2f6e748e02fbd168933ce6f2c1c480baec7ced9538499cb9ae81e89a977d7375b34acacb03e4d0318317ad4e25a07ea9c22665a0507fe0054aa79
- SSDEEP
  
  192:DfSCVmMVKW0I3w0E1RyGVlJtGoDqr+gbb1Tpk0C2FRzdjq1/KOKo:D6CVdKPI3w0IRRbGQqr+gn1THCkRzhqt
Score

3^/10
behavioral9
- Target
  
  obfuscator-executive-v5-eula.pdf
- Size
  
  95KB
- MD5
  
  a3a16569d3db43efbe0bba2621251cb9
- SHA1
  
  84339cfb54f46224f6c03031bf4dfe6d92cd7ce2
- SHA256
  
  fd9919101b5250a544142152ca88d44215715e7516ce2c191d1ccc4bee6b7793
- SHA512
  
  d2e203187d6e6e92ece7777234ce4bbe227fae2ce1887aa2309980299b6d78abe3bc5c09c11d62557a9149043967f0c699438ae586359e01f5344bb650b1e18d
- SSDEEP
  
  1536:VG97TmGahSKPFq442v7418rZ10nXLCcNrFlZRT9e69pdLtr+OkQaHxnkJ5yj:VG97SPSyFq44U74qtinXLCcNTZRQ87tK
Score

3^/10

discovery
behavioral10
- Target
  
  obfuscator.exe
- Size
  
  1.8MB
- MD5
  
  3248437118cdd909b7586a6420052a87
- SHA1
  
  9fd1d526ac648f70c7f724eebbedf34a8bbbb050
- SHA256
  
  c21f4d533e6bf34dbf403faee89f840fad87ea7c03ec08df28ce6d62703495f7
- SHA512
  
  75dadbc4c9b95c483f1917e320e5369515b3d209753bb3d9d5d551c514dd7d1d989fe47811ffe07adb5cd2214737637f2823897eef8487601d854718c7cbbfcd
- SSDEEP
  
  24576:9dPPwk6nukwKlsi2tOhCYKITswLVnpywAh7BJ4YexEDMYKoYuLMBW5FDFO:nPPJkvls44YKITCwAh7BmYeCwYKCLXQ
Score

3^/10

discovery
behavioral11
- Target
  
  obfuscator.ico
- Size
  
  142KB
- MD5
  
  18f960c3adfc0c88cf308c00da3227a6
- SHA1
  
  16cacf970da839db9dcdf0781dd9f12b2d2f953a
- SHA256
  
  9fc61f114c1beb065243f29de877d48e0be771a1860bf0a0ca8e8fed8ed696d7
- SHA512
  
  82d2897d372148022533dbdbf10c66df8d90d36c3421e6188c3f10654b252661b657fc84debf792aed87f1e6cfdb484d52335136a30173296775605d9c86a9ef
- SSDEEP
  
  1536:lHhT+GLBO+A0vP2LR+TE4N3lNG0YKd/GKPx3tjxpmcc2Kqpnuipxo9+kI/eH:thNAn5+TVltYKAKXNpmcccuhAR/0
Score

3^/10
behavioral12
- Target
  
  readme.txt
- Size
  
  1KB
- MD5
  
  d07412add18b41999c57d3d8e96be9bc
- SHA1
  
  2f6a41f7ceb26320f8ed78a0f7bc36a4f4e8f9c1
- SHA256
  
  7a9b70c0bc5e26cc450e24025ca932e8d8a27d69f091291b65808d607ec9cdc4
- SHA512
  
  93239f860f1713547932f6d7b078589a80288d4f9c8500f0653399efee2d667e1a1e988b7d5daeae35e1270ef2554dacc513200bebdc7229a0384369a28bb098
Score

3^/10
behavioral13

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Checks installed software on the system

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13