477b0286ea489f872a3f3f3b01cef1829098da69e7e386d4a41ecbe51542db32

Sharing

Copy URL

Twitter E-mail

General

Target

ffdec_21.0.5_setup.exe
Size

13.5MB
Sample

240911-qnae7sshkg
MD5

a79bd1d5e8a82111c3819ff42d7ea32f
SHA1

8432eb8fbeebed423e3b42b086291b42c2e54c6b
SHA256

477b0286ea489f872a3f3f3b01cef1829098da69e7e386d4a41ecbe51542db32
SHA512

0f1077e6c60c8af490033ff8700cdb9318d45505fa6adbe8abc325db58ff9ed215fd25d0189b7fb38f32f490b50f333d20956b6269e1f55699c02c27008c9a94
SSDEEP

393216:oO/v8b0Ygk8WjI/yF/WNaqzY42dpmmDr8pc8XerWcYN:p/vPYci/WN6Rpm2yf4g

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  ffdec_21.0.5_setup.exe
- Size
  
  13.5MB
- MD5
  
  a79bd1d5e8a82111c3819ff42d7ea32f
- SHA1
  
  8432eb8fbeebed423e3b42b086291b42c2e54c6b
- SHA256
  
  477b0286ea489f872a3f3f3b01cef1829098da69e7e386d4a41ecbe51542db32
- SHA512
  
  0f1077e6c60c8af490033ff8700cdb9318d45505fa6adbe8abc325db58ff9ed215fd25d0189b7fb38f32f490b50f333d20956b6269e1f55699c02c27008c9a94
- SSDEEP
  
  393216:oO/v8b0Ygk8WjI/yF/WNaqzY42dpmmDr8pc8XerWcYN:p/vPYci/WN6Rpm2yf4g
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  8KB
- MD5
  
  6a4ce8d10efd06369f368898462546e0
- SHA1
  
  79b9c182afcfddb4687663f287327fb968731c1b
- SHA256
  
  42c46cde21b03935314697ef444b01d85e319fc443519bde35fec90c8b21fc98
- SHA512
  
  8a5f1d1bf6fef5ed5b51f41129715bdad0ebabb539c0260b080e567a101db7acdba722a9df5e55527ccdd2bf05a009bfee3c4a3745825c953f3348ef55e61918
- SSDEEP
  
  96:e0nLo47eYkrGj23kBTPEa8ir2qUuRkNB/RMZCabEe/2/HdNfdpX2N:foZYkrGj20tEEeYkv/RaCw/2/9h2N
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/StartMenu.dll
- Size
  
  12KB
- MD5
  
  a4d8b943600bf97605adb398b109b70c
- SHA1
  
  2a42ed2c74e6ee39cd45d7e8ae4fff6ac38d7035
- SHA256
  
  a3740dcb49a6f6f09c2f3c85f34b1fb585066ba41a36ec164008813b4ace9daa
- SHA512
  
  3806fcef42e7cc9e3d50e04aab6a896c5f6e8bb8b00a81126310861a637360e36615bf3c12c931412b8b90eecf84931ae469e3c22d23f8f592e03d03b22ba365
- SSDEEP
  
  192:s1BTusyjbI05hbvNuw8Ykv/RjyE+lpP93/:yyA0DJuw8Ykvtp+lp13/
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  28KB
- MD5
  
  4a82832a6209cdc3a2447ab2de137542
- SHA1
  
  21f334bf90566e3a94a712b68f2cbc32746711d4
- SHA256
  
  b07a12c5ced6a1ece5e7dc4103f8b3e15bf77f5edb70daef115b9a77bcf55885
- SHA512
  
  6bceff4d3eba26a84029d09f6e403f3fc0c95a744f4d6bfde22accf480a724a0f38960d848a5255258a6a57d3ec9b384847acf167b485ff67f7161aac04300f0
- SSDEEP
  
  384:AGEs6MVKQq0DwRiGUaLYuAXLaMoy4m973uwYkv56YPewyy1Eiu8IuFd/9:AGEQKZ2wRiGUcY8TBsdvkdwyyvIs
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  14KB
- MD5
  
  8b11196dc49c4df98c6f97457c97e590
- SHA1
  
  7ee6c21506ac68a1ecf36be5d632ee339311d51a
- SHA256
  
  47a1976b7736371b9b2e073ef0dd49db3bdbe604ec9ee77e50621e5f19d9ae7b
- SHA512
  
  4c77005b35f9c9c3cd64d5dba178f45ed250974848086e9da283d539add6aa70bb9ec44782f69f115ab87d1d1d723a63698f9b9db817710b52ab836a87e654b7
- SSDEEP
  
  192:RlWWck581HwPRLG/CocFR1w5nEYkv/RGl5Boi6+6SZSM3CU:mdk5SoRLG/CocFR62Ykv8l5Boi9XyU
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  ffdec.bat
- Size
  
  786B
- MD5
  
  128f871f94216f847a3f119e333f1940
- SHA1
  
  955a125f9594199fccbdeca60c630e8f3e15f365
- SHA256
  
  12b1b10c3b375720eb3d90b42cfa43e0771d0997e0d94cf304b81d058164fd32
- SHA512
  
  de1da5b61ed289177aab1097831f0ac93a79893ca5d2b5a8604d452aaed0398c750fcee93b83b45ff891d2155806410ebe16ab610cec1898c043b81f87c4aa89
Score

7^/10
- Loads dropped DLL
behavioral11 behavioral12
- Target
  
  ffdec.exe
- Size
  
  394KB
- MD5
  
  c1c196b87e88e0ee86295f0ab6a7c17f
- SHA1
  
  101a02625c0f80caeb412298c020cee417c47d93
- SHA256
  
  b66b0182373a4992244284fb2aa6bdb1a72a3bfa442b6a34421d6e51915681c3
- SHA512
  
  305a1db83a69ac713cc6b05707e38675221db2159f64789175098c72d571b34b7c4453c0f9b9e851c44d63e17e555a273f0c9e7e42977bcb5740e29138c8c4c9
- SSDEEP
  
  12288:iCUf7M6OfVLh4vzzzIuYzzzczzzzuREe/tzzzzzztLWz1j1Eqp:idf7rOfVLh4vzzzIuYzzzczzzzuREe/I
Score

7^/10

discovery
- Loads dropped DLL
behavioral13 behavioral14
- Target
  
  ffdec.jar
- Size
  
  3.3MB
- MD5
  
  ce68866da54a8bea83bb85ac9a4cd166
- SHA1
  
  2f349705a5c6bb75076554b3160148b865275c65
- SHA256
  
  9627cd4dfd3da95a4cbefeabf7d526a916f772786eb4250328c1a052e99fd0b3
- SHA512
  
  39865dafaa2fe105084c9ea26a32c099bb641f6373c2b8d19699b86243947fb90e1f6f03aac010a4f09e6d93cc3223bf30eaa1bfe23d4a2b48c521cb728cce2b
- SSDEEP
  
  49152:wFey/gyYQxFYcWtx53jtglcZs0pb/T/ghvCWfx+iVwjCBT0UR3r8RjZUs:ceIYTJBkYhv8KAnVTBT99eZUs
Score

7^/10
- Loads dropped DLL
behavioral15 behavioral16
- Target
  
  lib/JavactiveX.jar
- Size
  
  1.1MB
- MD5
  
  94737b7083301b12623034e9c0ba3133
- SHA1
  
  58a5264f44dab213dc2878c5eafa50a9cda68032
- SHA256
  
  8c8d643077b93e1d792b32415703ae3800c4689bce05bb3700cae20c26f86631
- SHA512
  
  c353814d37e5de0fd1e91a4f71842223d2b1516cf1e4071cff2b510c1aeebccd8a1b909788866e074bd61cc12f7f09dd6c42d8b2b972bffbf87b42f9a059a992
- SSDEEP
  
  12288:E5WUjBOD3aE64NzK2gclfWA4f5h+XZTpPDnYQ4/8husDUXxslchWbrt0ByFcNMVI:SWUjBOJtK2dLYQQsDUXxslTh0kFbVK
Score

1^/10
behavioral17 behavioral18
- Target
  
  lib/LZMA.jar
- Size
  
  89KB
- MD5
  
  2b88cd078cb73908da811e00e097ce81
- SHA1
  
  41cae389f8a90378840587afadfee05da520e79b
- SHA256
  
  2604dab00935023b183d82d9a5c5198ae34d40112c7524e75be20e4528798e95
- SHA512
  
  df9dc730915327ed3097169dc6a6577a4063d8276adfe13df2e265faf234b1e71b574bd1b87f2f57ceafe3af7b6e94f479d1f85efd8a32714ff99ff6eb2af6c0
- SSDEEP
  
  1536:+/tcU5GNFMB2QD9hRmBVuAq8Ynf8I8GKpIeTM/E+yseAZz7YrGM3ZpFklQCrFc8C:+aU5GnMB2WhR9T8Ynf2TpXM/sseqz7Yb
Score

1^/10
behavioral19 behavioral20
- Target
  
  lib/avi.jar
- Size
  
  210KB
- MD5
  
  1cc96ab1334e68d8547a5316b951037d
- SHA1
  
  4b91a380488498e9a02f2f6ad3c82c70193e2f9e
- SHA256
  
  7b8da48be20447ca3a840ae1136541841e1a44915a6edf924d83529362bd40ff
- SHA512
  
  91614631203f6e80aee8971d75ee2031cddff5a7d5f48c4b700a6fc6f51a7d107221580313079b4ebf179a5b92897d86b86e5e2a28b11da8caec4f1f3ce71db0
- SSDEEP
  
  3072:Hn+1ZFvo+PmSjvUIEqHYgwvjPh42zTPmVYgmo8sAJ5t8HX+rfdaiQl5HQI1QaJmo:qrjMvhrnP6fYrjCe2daxZysELo8V+OJ
Score

1^/10
behavioral21 behavioral22
- Target
  
  lib/cmykjpeg.jar
- Size
  
  88KB
- MD5
  
  d81f8ff9a1f01f36a33801810a9836da
- SHA1
  
  95d9cd2deebf49ef0fd1f7ed9a87ae7ca2ce082a
- SHA256
  
  0ae56cee0cca3f2c54593b08dd2f450f6f8fea5dd9054b9949b9f08f34e98b5a
- SHA512
  
  2d9682317a06c6c58c8b25f3854131039172b6d4ad65fbe34c8d3d3ff5c73383604c667cb190e2b855bfc8e8a3069bcc64b56e40c13c59002bc786b4d8d8b5c2
- SSDEEP
  
  1536:1qK53R6tXC7Wd/IklG8EnDKGu4DOM1WF0TzduVomomLF:1qSh6tXC8/jG82Hu4DOkWF0vduemoy
Score

1^/10
behavioral23 behavioral24
- Target
  
  lib/ddsreader.jar
- Size
  
  7KB
- MD5
  
  8317cebf5d6b539b7c63d61522964f20
- SHA1
  
  2349473ed81dba7a0017d8431ed100849a5a3a81
- SHA256
  
  b64bd5bbb4bad9092c4f4109795c41ce513b24f1fad9f6886492d976482b1603
- SHA512
  
  47a53b15a24481d5241f251dddc318cfd3225b9ec74fdb1ef418b2716514aef25b2b4ec6caf6156dcc44d67d2ace7c07589af94018c0a689825377890cf50eb3
- SSDEEP
  
  192:dZPtFIcPBD/hUuITjG6DJgvXmFxq6I4Jis+G:bFFIqR/jCjBgvXkxBxJiO
Score

1^/10
behavioral25 behavioral26
- Target
  
  lib/decimal.jar
- Size
  
  42KB
- MD5
  
  9b7fbce0e41bc9b508b26e2204ac7623
- SHA1
  
  92d0f6bb97993193c71330bcc132bfce33c08656
- SHA256
  
  feeb9f89f44cd6a921a9a4701358c8c63e3e677424fb2953ddba6e15872c0e91
- SHA512
  
  7bb6f5f5c7e1677f8f3a9e37a676a08867e16811e25be050cefbb98768ef758bf4512db7eb94b64eaa6314d170d2d4173b0d7b840f093948041063e647f9459f
- SSDEEP
  
  768:kboQ1RmbL8g5OUS3QIPYYpoEyVaMRH+T5d26x8lkwKDdQHJ:kbbmZ5OUuQ4YYpoVVaMRH+FYQVwEdoJ
Score

1^/10
behavioral27 behavioral28
- Target
  
  lib/ffdec_lib.jar
- Size
  
  4.5MB
- MD5
  
  cc7bbea6d588380b2581ac60b24378c6
- SHA1
  
  28f2d85e418fff793ed7bc6af7bec2447a4899d2
- SHA256
  
  6ed16396a03725f1080d416d8ccf28f07e39ab5c4302d8424fe38623f5c97d3e
- SHA512
  
  e177024b6248744dc132bab9edff66284fdb6ac7acc22ec9c578c9159683daf60685e733d56c4c1ec85f20ce61b0d3fd9d6c8351e8d5ef443a912da4f6c67dc8
- SSDEEP
  
  98304:tnfS/B+cz1b8ZM9aNYMh64nmcOoeokIV2jxZXXcYqAZZp6h3xtPKZ:I/8A1+M9aNHh6yOXJ7MNA7UDiZ
Score

1^/10
behavioral29 behavioral30
- Target
  
  lib/flamingo-6.2.jar
- Size
  
  1.2MB
- MD5
  
  fa1eef5cd9a84bf71687c283e28186e0
- SHA1
  
  1ce035148bc16ead9897686a472a38df1eb14b83
- SHA256
  
  5baee0ef62342a53952116548aa3434db5b629af76c9a267d8c23b34db3a479c
- SHA512
  
  caae31ba2c8c4e3a8bf0aee1a3185506dc4cea8f44c6e8212039aa0bb66187957299c7b22545db30058717048bdf28b8cd4e1cc166a94e4c7f6f9ad87230b53c
- SSDEEP
  
  12288:UlsjH7taq310WOw1pliNNeJcm3ZuGTWWQZlMrzYz0:4sHtaq3102lYm3ZuGTWrg
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Loads dropped DLL

Loads dropped DLL

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32