dcfad8bdca06504f19960d54a403ac8a2715c47f9986eb68762c97a2542353e7

Sharing

Copy URL

Twitter E-mail

General

Target

ChiaSetup-2.4.3.exe
Size

278.6MB
Sample

240912-h2yqysxfnc
MD5

acfbccbb8eb2390602336bc2e66ffe46
SHA1

e6dbaa56bb709e0efd424acfeb51f28fccb225f0
SHA256

dcfad8bdca06504f19960d54a403ac8a2715c47f9986eb68762c97a2542353e7
SHA512

52257212918bd8e9bcf4be427237af6cbd86e23207117f9d8d133b942b82b0abe40d93b21d90e93b98c347cfb8b948044c18479695ccbcdc33924c2dea772595
SSDEEP

6291456:SC4gEkvloUIjlBb2rE3U7HAf+FL6SX79L/akB8XaWp:N4f0ubR3UaEL6Sr9L/akBcai

Score

7^/10

Malware Config

Targets

- Target
  
  ChiaSetup-2.4.3.exe
- Size
  
  278.6MB
- MD5
  
  acfbccbb8eb2390602336bc2e66ffe46
- SHA1
  
  e6dbaa56bb709e0efd424acfeb51f28fccb225f0
- SHA256
  
  dcfad8bdca06504f19960d54a403ac8a2715c47f9986eb68762c97a2542353e7
- SHA512
  
  52257212918bd8e9bcf4be427237af6cbd86e23207117f9d8d133b942b82b0abe40d93b21d90e93b98c347cfb8b948044c18479695ccbcdc33924c2dea772595
- SSDEEP
  
  6291456:SC4gEkvloUIjlBb2rE3U7HAf+FL6SX79L/akB8XaWp:N4f0ubR3UaEL6Sr9L/akBcai
Score

5^/10

discovery pyinstaller
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1
- Target
  
  $PLUGINSDIR/StdUtils.dll
- Size
  
  100KB
- MD5
  
  c6a6e03f77c313b267498515488c5740
- SHA1
  
  3d49fc2784b9450962ed6b82b46e9c3c957d7c15
- SHA256
  
  b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e
- SHA512
  
  9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803
- SSDEEP
  
  3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v
Score

3^/10

discovery
behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  0d7ad4f45dc6f5aa87f606d0331c6901
- SHA1
  
  48df0911f0484cbe2a8cdd5362140b63c41ee457
- SHA256
  
  3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca
- SHA512
  
  c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9
- SSDEEP
  
  192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6
Score

3^/10

discovery
behavioral3
- Target
  
  $PLUGINSDIR/UAC.dll
- Size
  
  14KB
- MD5
  
  adb29e6b186daa765dc750128649b63d
- SHA1
  
  160cbdc4cb0ac2c142d361df138c537aa7e708c9
- SHA256
  
  2f7f8fc05dc4fd0d5cda501b47e4433357e887bbfed7292c028d99c73b52dc08
- SHA512
  
  b28adcccf0c33660fecd6f95f28f11f793dc9988582187617b4c113fb4e6fdad4cf7694cd8c0300a477e63536456894d119741a940dda09b7df3ff0087a7eada
- SSDEEP
  
  192:DiF6v2imI36Op/tGZGfWxdyWHD0I53vLl7WVl8e04IpDlPjs:DGVY6ClGoWxXH75T1WVl83lLs
Score

3^/10

discovery
behavioral4
- Target
  
  $PLUGINSDIR/WinShell.dll
- Size
  
  3KB
- MD5
  
  1cc7c37b7e0c8cd8bf04b6cc283e1e56
- SHA1
  
  0b9519763be6625bd5abce175dcc59c96d100d4c
- SHA256
  
  9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6
- SHA512
  
  7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f
Score

3^/10

discovery
behavioral5
- Target
  
  resources/app.asar.unpacked/daemon/licenses/natural-compare/README.md
- Size
  
  3KB
- MD5
  
  d2535adafd95c4ff1a0816f2cc1b862f
- SHA1
  
  fff31ec2ce4749da2c7afe5b00f98b7e48556522
- SHA256
  
  ced6cb1fe6ee15a32c63ea8c7e0425454e80456a890c6df3909429530566d40a
- SHA512
  
  3482712eb1a569b366e8dbee1c5066aeec5bb6e08ce304fd9f01145e04d6485f4cbed5cf4292738f84f5b36ec124a8b0c866e085fa0feefd72a58229c97d5f12
Score

3^/10

execution
behavioral6
- Target
  
  resources/app.asar.unpacked/daemon/licenses/react-use-timeout/README.md
- Size
  
  4KB
- MD5
  
  982966937b657773b46857dace467fca
- SHA1
  
  c40bd414b85c0be9b4b04a2abc9276f4539a32cd
- SHA256
  
  3d6d412b8dd4f338172d3a1f1cb6285cdaa3196fec3f1f3a318bd62a76b82ae9
- SHA512
  
  7b3372c09935d110a3ba14b86a1a03ebd887dc9f60ac51a734e7e2a2b6b7e07933a4f6b2b8ba485d7145d75731a2de8d570eec35a9eae2c8cf997c9f3a1d29b7
- SSDEEP
  
  96:0yX7BCQ9YK/kyXVHpSgMwmWU9xPkMoSxkbpfkoX8XowX1p+X44:VL37kyFUvdWywD
Score

3^/10

execution
behavioral7
- Target
  
  resources/app.asar.unpacked/daemon/licenses/seedrandom/README.md
- Size
  
  11KB
- MD5
  
  4e08ddf7f21d126cba4e6372e51ae25f
- SHA1
  
  57ed12301ac99eb2e4f1861a83aa5078129dd184
- SHA256
  
  4f42a296eee4f5ae3a8dadba94c2b0b5fb57662b96b8749f4d5288d4629b6240
- SHA512
  
  26c8cc12ef802a34720dc49bc76e5434d2ecb014a79a96a03ed543de6503f33b5af6634829087ef7400418edc47f554ead7a2020bf9fd7707d4fe746054c0ff9
- SSDEEP
  
  192:u2RgEQm+KAUZsw55BFF+/03Fj3Gnqn623Xbv4ivzqGjSCwXBjd2rwpqWlQIbQmbU:u2NQm+KFD5bFF+/03hCsXLzqG2CwXBjy
Score

3^/10

execution
behavioral8
- Target
  
  resources/app.asar.unpacked/daemon/licenses/socks-proxy-agent/README.md
- Size
  
  4KB
- MD5
  
  b2c1c47506aea412ea0c18edcc956c96
- SHA1
  
  9755efb75f7e35649bf30c602a79136d3c423d5e
- SHA256
  
  26a3d1035dcf8da7fc75fccf184deeeb5fdf11eae31f0ff1f98994753155b586
- SHA512
  
  9c109d14cc5b57c4438b2e84c6c0a9aa05962f73d004536fae9e0b287d5848657530bd8033ed4b66117e3c516fcc34675da11e49367d49d4d3176233d95e2957
- SSDEEP
  
  96:LxZu4HtjraCUM4waioxJG5+r7kdiExJga5+rUuNWJp20r0xR1iw47cdPut0CcHX3:VZtjrT6JG5+rQ5Jga5+raJpTrYR1z4wn
Score

3^/10

execution
behavioral9
- Target
  
  resources/app.asar.unpacked/daemon/licenses/spdy-transport/README.md
- Size
  
  2KB
- MD5
  
  4b815e604cc6b356c5104fed7b55aa42
- SHA1
  
  e5ac3544a7ac6a73e06d572c624826c71b7b7d50
- SHA256
  
  2c755439e435c32a487c46b03c08d2bc56e357641bcee66135d3d0e769ac129c
- SHA512
  
  3eb80da61396a2847dda61ccf6eee5777ae5e2b421e383e15968fb31d24d4ab4c0acb5bec7a4c73945eaf2bfb04b8013191541d33b1314c606b2200d8da8fd75
Score

3^/10

execution
behavioral10
- Target
  
  resources/app.asar.unpacked/daemon/licenses/spdy/README.md
- Size
  
  8KB
- MD5
  
  01fbe6296d15fd3141becc4ea5faacd8
- SHA1
  
  92b98859fd16b5081d0bb17ade6810a92a5764fd
- SHA256
  
  7f9908e43926bb78af94ff700f8536fa6a57a2c3a16f2885ba6cdbac5a8eb7d1
- SHA512
  
  ff65a4201581f05cc0022d2a3d71c8b04e678f327f19c5b7117e91f77446a563b0f42ea3d171b57fce68a58195c1dfa469d42efa246601848116a3ec5ad72bb0
- SSDEEP
  
  192:NIUNz14FJ5AVfUWbXRevBimJS7HfnujtK6AEx+MqlLAXQH7Y:WFjAVfUWbwv+fnujtKREcFA6Y
Score

3^/10

execution
behavioral11
- Target
  
  resources/app.asar.unpacked/daemon/licenses/toggle-selection/README.md
- Size
  
  547B
- MD5
  
  9bf40b8e464b417dc044dd531907dafe
- SHA1
  
  3c75f5e1fd4bafc012977262a219646ca333dafa
- SHA256
  
  7479eef62fd8fd10a629b4403172e9db730f0e94cb0e7e1f7a6507d0760f1083
- SHA512
  
  986d15ca6b7a7f70e39b7a7583eb185b0e2476d0e67a9937dbc6d26bac89504e15f9daac8790e8f2d17a79c7be53a1d9821a92c9827a40c5176768e359ef8a7f
Score

3^/10

execution
behavioral12
- Target
  
  resources/app.asar.unpacked/daemon/start_crawler.exe
- Size
  
  11.2MB
- MD5
  
  5b29cf0f1a7cf9cfe929106ca84df02f
- SHA1
  
  16968cb9b7e03f2a057f5db54091ff8240149c3a
- SHA256
  
  40ef208d4d2a0a672d3c32f46bf5fdc41e5f1d906d174eca7c18776962b22320
- SHA512
  
  eb114eaf48a69280935a9fe982618375272e07071d6247cf613404c0fb1882f4d6af78d6e5ba4f300a5a055547a3b6299562f15df106d82eacfe356f4ed05f5b
- SSDEEP
  
  196608:FHs1+XomR8upvqAuwo6bVF2Ap6W7IArZXK38lciyNh7fFPkjkDkJF:SMXqu8iXbVF2c6W751638Q5ZIE+F
Score

1^/10
behavioral13
- Target
  
  resources/app.asar.unpacked/daemon/start_data_layer.exe
- Size
  
  11.2MB
- MD5
  
  bb1ff40b68dd27a5335a2828d040d15a
- SHA1
  
  c610a96bd7990b9ee3c4e8d21e353bc83f769150
- SHA256
  
  515f5616033b452192c76208acbc7eb896de4757a8e3e73e91092ab53e5a1a1d
- SHA512
  
  3e542adff05efe02d05fb93e80ed3db99fd5399381cbeb07d88f87171c4356f81d3ca2353607b55c5aac5b18aec87eceafb989e088d38ab5c16d41f00198163d
- SSDEEP
  
  196608:as81+XomR8upvqAuwo6bVF2Ap6W7IArZXK38lciyNh7fFPkjkDkJJ:6MXqu8iXbVF2c6W751638Q5ZIE+J
Score

1^/10
behavioral14
- Target
  
  resources/app.asar.unpacked/daemon/start_data_layer_http.exe
- Size
  
  11.2MB
- MD5
  
  f5865bed468a9d23e338eb4ce9270c70
- SHA1
  
  e274de7e650d3a999a2dccb401f7eff8bcd75933
- SHA256
  
  e9643df9a491bcaa0e42cd9d09cb96a76754cb50e61cf23e9c95af3e25021967
- SHA512
  
  774ebdc223d04dba472e0c3499b34eb594c26840a2992930491d553d992e032c82c5474924c19d9b9eb5a645c2752564fc644bbbc64fe6cbb40b34aaf260ec5b
- SSDEEP
  
  196608:K/21+XomR8upvqAuwo6bVF2Ap6W7IArZXK38lciyNh7fFPkjkDkJk:3MXqu8iXbVF2c6W751638Q5ZIE+k
Score

1^/10
behavioral15
- Target
  
  resources/app.asar.unpacked/daemon/start_data_layer_s3_plugin.exe
- Size
  
  11.2MB
- MD5
  
  e8fa87aa2da7b83c974bf88e4421af90
- SHA1
  
  7711ecfc71d9e9f4231c4ec9573ec850665d6b55
- SHA256
  
  063d2998703e30d6b0d128d716f7d58ed98b7e3f5ca82ba1623ce813116c6e90
- SHA512
  
  4d4ccbdb2e7b30664699f0062c5b9df973a3e6d2baea6eab933bb8f634e2e9f4ac272aad8c687bb1a377a7a4b340161858a0c8e700310524c8644d37fec86690
- SSDEEP
  
  196608:0AA1+XomR8upvqAuwo6bVF2Ap6W7IArZXK38lciyNh7fFPkjkDkJ5:AMXqu8iXbVF2c6W751638Q5ZIE+5
Score

1^/10
behavioral16
- Target
  
  resources/app.asar.unpacked/daemon/start_farmer.exe
- Size
  
  11.2MB
- MD5
  
  ba5b3e6d88e639acf28bd497a1c423f3
- SHA1
  
  429040b4e66f285f065a8f46eece00629e3d09cd
- SHA256
  
  6805c4b8da25c1d89a5fb2c23ed97e82214797c35a4462cc75ff4d5ab8507359
- SHA512
  
  5a61d6ef563d2d5dbee52e915d556d65a35f5ea8d1ff19a7b72148ffd330703a542f56250aa91c9ea78a24bf37be1751d3ea570a4f009793baf668daaf04ddde
- SSDEEP
  
  196608:KN01+XomR8upvqAuwo6bVF2Ap6W7IArZXK38lciyNh7fFPkjkDkJh:DMXqu8iXbVF2c6W751638Q5ZIE+h
Score

1^/10
behavioral17
- Target
  
  resources/app.asar.unpacked/daemon/start_full_node.exe
- Size
  
  11.2MB
- MD5
  
  275e7df82505e42cf2274cd2e9ed68c9
- SHA1
  
  6f5810d0d2bd75b7d019af92b7d42784de137590
- SHA256
  
  6a97a260153b4028bfbfceaa90afa07f4ad3099b5c69bf1c161083d819cb28ed
- SHA512
  
  08fd284ff956223c0f10339cd16909eddd277f80e1ffcbe23e3c3d905994dcf60c85627d4ff0c834a7ef2af3c09b1846deb4d027a81aa6de1922ac0f35b1a15d
- SSDEEP
  
  196608:gXV1+XomR8upvqAuwo6bVF2Ap6W7IArZXK38lciyNh7fFPkjkDkJr:2MXqu8iXbVF2c6W751638Q5ZIE+r
Score

1^/10
behavioral18
- Target
  
  resources/app.asar.unpacked/daemon/start_harvester.exe
- Size
  
  11.2MB
- MD5
  
  7efd505cdc092aba3806fc329d063a68
- SHA1
  
  bb3c7c5034770969eebec1e4fd696b3f69c638b8
- SHA256
  
  561bf42ba81fe2a16f53c2d20d2323c2103b35be7f3680bc09233fe342a31562
- SHA512
  
  74637aa91c53280f3b43a00b6833f69b9ff053206fd6e89646a3f1947eb39a7de4899fc802299ea16e2289d37bf509f871b25ae1ca22e3cef12d515209de68e0
- SSDEEP
  
  196608:E+b1+XomR8upvqAuwo6bVF2Ap6W7IArZXK38lciyNh7fFPkjkDkJT:FMXqu8iXbVF2c6W751638Q5ZIE+T
Score

1^/10
behavioral19
- Target
  
  resources/app.asar.unpacked/daemon/start_introducer.exe
- Size
  
  11.2MB
- MD5
  
  668887ccb3345c629bafd7b457d0a97d
- SHA1
  
  d5bceef9ac985439f858151590a9c1c834479ae5
- SHA256
  
  f90cbb160798b9598170087d2e651e4831de4a30d47dce003fc246d8c877ca0c
- SHA512
  
  3c45d1c310ffd9633597b0dc6d69f282a3ddf3f7ee90bf59ea820335b69ee3217768b92718e7a80eec5dc0ec1c04aca1ff37c848cba3ce52944d26e2c96bbf9d
- SSDEEP
  
  196608:rh61+XomR8upvqAuwo6bVF2Ap6W7IArZXK38lciyNh7fFPkjkDkJ+:oMXqu8iXbVF2c6W751638Q5ZIE++
Score

1^/10
behavioral20
- Target
  
  resources/app.asar.unpacked/daemon/start_seeder.exe
- Size
  
  11.2MB
- MD5
  
  bcb0488b6c1cf5e74ab41ef093081865
- SHA1
  
  aa39729ab1b65df7ef9b3035a1c3cd538343a9d3
- SHA256
  
  bc0057a2e483c8b0870d3ee595249677cba95b13ad6b6d9836d272dbf5b1e2c1
- SHA512
  
  4325e07bbbfd9df8b228e7f96eebbb536c6e0b31f98551c31d3ded4bebaadb79224902471c3b613a0228332fa15571b6cd8355299ef97a5a6bc985b8b0b49a2e
- SSDEEP
  
  196608:8rG1+XomR8upvqAuwo6bVF2Ap6W7IArZXK38lciyNh7fFPkjkDkJx:TMXqu8iXbVF2c6W751638Q5ZIE+x
Score

1^/10
behavioral21
- Target
  
  resources/app.asar.unpacked/daemon/start_timelord.exe
- Size
  
  11.2MB
- MD5
  
  af012119bc6555e592f719de37ef6684
- SHA1
  
  f930d390bc49142b965696bfe8a0d32418a53365
- SHA256
  
  4cee0fccbae1709ce9e49e13bbcb5e4010e2cabadff5b300b4dd4318fc69d8b7
- SHA512
  
  b735d11ef448d69afa8bcdb9aec45d75d1128c44af216716aaf9df553c9842e6cb9051182c684f18daea2584e02f1c113747c371200637723e6f727c30c93bc4
- SSDEEP
  
  196608:uoL1+XomR8upvqAuwo6bVF2Ap6W7IArZXK38lciyNh7fFPkjkDkJY:tMXqu8iXbVF2c6W751638Q5ZIE+Y
Score

1^/10
behavioral22
- Target
  
  resources/app.asar.unpacked/daemon/start_wallet.exe
- Size
  
  11.2MB
- MD5
  
  1874df2df5f6feed1a795546d1c343d8
- SHA1
  
  54c5301ac9d2349524d798fcb1f9469485fa5dfd
- SHA256
  
  6de4f105e4430a6550410049a4d440bb7663cff820927eaffbf6de9196036e26
- SHA512
  
  48950f129525b1d36805cc6f146daaceb6376c8b23420b25f5bc6861fc2f7a3c2e0dcf419d6fff80523c6b9c446dd792f9a56d02cab769b01e9abfe10628569a
- SSDEEP
  
  196608:/Ff1+XomR8upvqAuwo6bVF2Ap6W7IArZXK38lciyNh7fFPkjkDkJ5:NMXqu8iXbVF2c6W751638Q5ZIE+5
Score

1^/10
behavioral23
- Target
  
  resources/app.asar.unpacked/daemon/timelord_launcher.exe
- Size
  
  11.2MB
- MD5
  
  cbf01ee8e69a74137520df0cc186815c
- SHA1
  
  8342e80289aa37fcedafa3f2ebc6ea6eac80fc7d
- SHA256
  
  8f77e9b6186475c4924ec3b590e2fbb4d3d53c9677d601b906e4ceb096e817d9
- SHA512
  
  026c7271151f59564514d54ee1623d781cb704546944d626f613eb51f15895a0e0dd74fe404c8b6631f28d63443c85dd7df9d83dfdcda1795c8313fea624480a
- SSDEEP
  
  196608:KvG1+XomR8upvqAuwo6bVF2Ap6W7IArZXK38lciyNh7fFPkjkDkJo:jMXqu8iXbVF2c6W751638Q5ZIE+o
Score

1^/10
behavioral24
- Target
  
  resources/elevate.exe
- Size
  
  105KB
- MD5
  
  792b92c8ad13c46f27c7ced0810694df
- SHA1
  
  d8d449b92de20a57df722df46435ba4553ecc802
- SHA256
  
  9b1fbf0c11c520ae714af8aa9af12cfd48503eedecd7398d8992ee94d1b4dc37
- SHA512
  
  6c247254dc18ed81213a978cce2e321d6692848c64307097d2c43432a42f4f4f6d3cf22fb92610dfa8b7b16a5f1d94e9017cf64f88f2d08e79c0fe71a9121e40
- SSDEEP
  
  3072:1bLnrwQoRDtdMMgSXiFJWcIgUVCfRjV/GrWl:1PrwRhte1XsE1l
Score

3^/10

discovery
behavioral25
- Target
  
  vk_swiftshader.dll
- Size
  
  5.1MB
- MD5
  
  61ebe426afe4f9d447a230b1da9a3190
- SHA1
  
  a45b10c35cd04e86078c0b46a906ea6514176dff
- SHA256
  
  a876d22c0d5ac885665b1a226e792480efc78b4d36a478a1bad48f38546e44d3
- SHA512
  
  2da9aee7dc6b8334dfb5f5e4358232b26b5679bd4f7ee6982c517a30b73c70cb861abc65448673a578b8b5df9e87b76c2a2f8c1cd863365de239e9d0b328283a
- SSDEEP
  
  49152:0oaTaX1+4J7dN1uB/t4ABL5V1v+3+mFcpZBqtpM5KZwFlox0ikAiJb1XQGBliYDi:meX1+qULMSx17nb24
Score

1^/10
behavioral26
- Target
  
  vulkan-1.dll
- Size
  
  935KB
- MD5
  
  b0a4ec4fca688236937ea9c6b584f4ed
- SHA1
  
  9f32af0d03ea5829338848926328c32e7e536325
- SHA256
  
  d97d35b5391e9eb4a6c72fd439ae6ac83096d7242d4ae4d6e81e46a0e80cf580
- SHA512
  
  e7030fa09e22e2115c9619c10b8aa6061ce3e206381cdf4ad98d54d3c00cdab509d6ba1c7d1c0318b4d518d499c9ef63bcbd1c3c83be71e574a13806dfc82b59
- SSDEEP
  
  24576:v7t2bkeR6V9+8T28zEQ6Z5W1DYsHq6g3P0zAk7mNyb:vYAeR6VY868zEQ6Z5W1DYsHq6g3P0zAC
Score

1^/10
behavioral27
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  466179e1c8ee8a1ff5e4427dbb6c4a01
- SHA1
  
  eb607467009074278e4bd50c7eab400e95ae48f7
- SHA256
  
  1e40211af65923c2f4fd02ce021458a7745d28e2f383835e3015e96575632172
- SHA512
  
  7508a29c722d45297bfb090c8eb49bd1560ef7d4b35413f16a8aed62d3b1030a93d001a09de98c2b9fea9acf062dc99a7278786f4ece222e7436b261d14ca817
- SSDEEP
  
  192:olsHeylO012En8pqHtcE0PuAgkOyvIFc:oATI0d8pUP0WAgkBvIFc
Score

3^/10

discovery
behavioral28
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  6KB
- MD5
  
  ec0504e6b8a11d5aad43b296beeb84b2
- SHA1
  
  91b5ce085130c8c7194d66b2439ec9e1c206497c
- SHA256
  
  5d9ceb1ce5f35aea5f9e5a0c0edeeec04dfefe0c77890c80c70e98209b58b962
- SHA512
  
  3f918f1b47e8a919cbe51eb17dc30acc8cfc18e743a1bae5b787d0db7d26038dc1210be98bf5ba3be8d6ed896dbbd7ac3d13e66454a98b2a38c7e69dad30bb57
- SSDEEP
  
  96:YjHFiKaoggCtJzTlKXb0tbo68qD853Ns7GgmkNq3m+s:JbogRtJzTlNR8qD85uGgmkNr
Score

3^/10

discovery
behavioral29
- Target
  
  $PLUGINSDIR/nsProcess.dll
- Size
  
  4KB
- MD5
  
  f0438a894f3a7e01a4aae8d1b5dd0289
- SHA1
  
  b058e3fcfb7b550041da16bf10d8837024c38bf6
- SHA256
  
  30c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11
- SHA512
  
  f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7
- SSDEEP
  
  48:Sz4joMeH+Iwdf8Rom/L+rOnnk5/OCnXeAdbdOAa4GPI+CJ87eILzlq7gthwIsEQW:64c/eFdfS/SSnkxNa4G+ueqPuCtGsj
Score

3^/10

discovery
behavioral30
- Target
  
  $PLUGINSDIR/nsis7z.dll
- Size
  
  424KB
- MD5
  
  80e44ce4895304c6a3a831310fbf8cd0
- SHA1
  
  36bd49ae21c460be5753a904b4501f1abca53508
- SHA256
  
  b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592
- SHA512
  
  c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df
- SSDEEP
  
  6144:aUWQQ5O3fz0NG3ucDaEUTWfk+ZA0NrCL/k+uyoyBOX1okfW7w+Pfzqibckl:an5QEG39fPAkrE4yrBOXDfaNbck
Score

3^/10

discovery
behavioral31
- Target
  
  $R0/Uninstall Chia.exe
- Size
  
  553KB
- MD5
  
  c2f3074e9fdc87a2149fe0dce7413682
- SHA1
  
  c5dc52949aaac3eadeee65bccc3502d465bb1166
- SHA256
  
  0416185714513f5284ea25cb0a2558ad74918d08f8373c15a5914b8883226898
- SHA512
  
  08c6350ae37158bb4a8b29143addfb5b586f2be0c75910db904b3a558d0e599af786520ee1b59d58ee87360885c890a50b1358c92cd80e2a2c22445227464fdd
- SSDEEP
  
  3072:en77v00hEoDEtauZJ1Km+C84mYrW/MSea2MNUa8b32tvhOEA1RJCir86SrSrv6It:e740INAC8xYrW/Ml2Ua8T2t0EyL+ya2
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32