1e60513b4ee71a15d21c32ca13e163733eaff9a7dadf2eb989320548a4c13b78

Sharing

Copy URL

Twitter E-mail

General

Target

Zorara2.5(WaveUI).zip
Size

26.2MB
Sample

240914-1e5vvsxemp
MD5

8f20a411b46454e8046dcb4d710f1e45
SHA1

ca6d50457d0d8f2d3fd19f7519923008618eb260
SHA256

1e60513b4ee71a15d21c32ca13e163733eaff9a7dadf2eb989320548a4c13b78
SHA512

42dfe1feb21a12f3b6a6cb751aa5fbda06c94becefa1dd8050ffe93d134a335dbe13d57860f6bde710f0bb831bf5b25330d2da79f7d86bd6d5becf14ba35b8ad
SSDEEP

786432:ii0uEo7eE4NMas9BVAcGV67PHucp6A4VX00OvsycOOqntgZc:ii05xEiUBVAce67PHJ1GOEyOqntgZc

Score

6^/10

discovery execution

Malware Config

Targets

- Target
  
  Microsoft.Web.WebView2.Core.dll
- Size
  
  557KB
- MD5
  
  b037ca44fd19b8eedb6d5b9de3e48469
- SHA1
  
  1f328389c62cf673b3de97e1869c139d2543494e
- SHA256
  
  11e88b2ca921e5c88f64567f11bd83cbc396c10365d40972f3359fcc7965d197
- SHA512
  
  fa89ab3347fd57486cf3064ad164574f70e2c2b77c382785479bfd5ab50caa0881de3c2763a0932feac2faaf09479ef699a04ba202866dc7e92640246ba9598b
- SSDEEP
  
  12288:6CxswUBor35JrpQ322zy+uFKcDoRFNCMmeA+imQ269pRFZNIEJdIEY0lxEIPrEIE:6Cbmv
Score

1^/10
behavioral1
- Target
  
  Microsoft.Web.WebView2.WinForms.dll
- Size
  
  37KB
- MD5
  
  8153423918c8cbf54b44acec01f1d6c2
- SHA1
  
  f0c3c5412b809725e6d4809230adb15cc7d83ad2
- SHA256
  
  5696366f7458da940cc986dc5d3d4549a2368512acd769014ecbb07b47bd88b4
- SHA512
  
  f3dc771e37c71479d332142ec5a9c5c3f39ca71937f595a0f7482ae5aaaafd92e932efc9b0363d4511d547f3c8b2e0497ebbf8356e7d07fc344f4e5715b0ee87
- SSDEEP
  
  768:1sjCEEHJ9l0EeFZ2sxIHzttZDgcEST3p4Jjrjh2jJ+SG2au8vxJKia5/Zi/ZGQKk:wCEB15azttZDgcEST3p4JjrjaJ+SG2a/
Score

1^/10
behavioral2
- Target
  
  Microsoft.Web.WebView2.Wpf.dll
- Size
  
  50KB
- MD5
  
  4a292c5c2abf1aab91dee8eecafe0ab6
- SHA1
  
  369e788108e5fb0608a803fa2e5a06690b4464b5
- SHA256
  
  b628d6133bf57b7482a49aa158e45b078df73ee7d33137ac1336d24ac67ed1b4
- SHA512
  
  ca22adfff9789730e4c02343e320d80b8466cfc5a15f662cefe376b7ee29dea571004c1c26cd3f50c0d24e646f2b36b53fa86835678f46f335d65eec52431cde
- SSDEEP
  
  1536:gpGhWMhWLF9jwKi8LDP/ryEH0GBy4JjrD1aah/UaOzk6hKKa5/Bi/IGCv0Z0T6Cc:taBi8LDP/b0GBy4JjrD1aah/UaOzk6hz
Score

1^/10
behavioral3
- Target
  
  Zorara.dll
- Size
  
  12.3MB
- MD5
  
  f4788ae5475be2894d79eaf6d5f8efd4
- SHA1
  
  545597ea55b56eb5a2475ab7bbdf336f6a9d7355
- SHA256
  
  71a60f2158f4f5cc391e491d6bc081c7b772c1ef5cffa603db5e5da6c4ca9cbe
- SHA512
  
  002954a07745cdc6cf6fd05c040b5fc99677c736fbcc7c0f10409c41dcca6bef2ab63f21208ac6d1b1822107a0d1a5519b493fd39065c2b4057bb014ad4f4ea1
- SSDEEP
  
  196608:S5cT4GRVBljcpCKROUiX9DTXIOCUgHIC+849ooGEA2YII8ec6NTo+wEx:3R4gUOkOCU9C+849Ti2YIPecIeEx
Score

5^/10
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral4
- Target
  
  ZoraraUI.dll
- Size
  
  305KB
- MD5
  
  b55d7fa01e6fe6690183b404ba3d2da1
- SHA1
  
  01ea7cef752322175f5c0b1b0b9c4e6384e111fe
- SHA256
  
  421c3f7b7820f4e948e4304ced5b2b73358022b574334dac125b6e7f3a35d824
- SHA512
  
  2fcafcb6211c8afdc1a83065476b4f988b1932b0baeb8121f55166c4214171b429a3f468d902180999bb8042720ec76538f2b0f0e204c22ffcdcb36969436b44
- SSDEEP
  
  3072:lso2x6acTOwgQY6Xx5SH79KNgmYwSKiIwOby643mYwSKKIf6:lso2x6acawgBeU79K+N8by643N
Score

1^/10
behavioral5
- Target
  
  ZoraraUI.exe
- Size
  
  254KB
- MD5
  
  b297f569ee42cb928b335194d22cb1da
- SHA1
  
  d4bfa90ef319dd8b93ffa235a6f84d55d74270cf
- SHA256
  
  42e67a231a0be71c51d556fb6a0ee10c8c30fe279c68fa4e70799f0d773b57d7
- SHA512
  
  d78d95985481cb408c4d5e8cd8e751f72bea450783d2049d8daaf494574f9579b67852bedaa7a75f13a90f844d833eafae021f25d25408dd481e9380c5640ec9
- SSDEEP
  
  3072:ejK4UGDHXrQ8hy7qgpHulWD9ZvZ5Pf3Ca10xuZ04ntfOBhBuKmYwSKgIw8:ejK4TDUqgpqWDLZ5H+xuZ04ihAKN
Score

1^/10
behavioral6
- Target
  
  ZoraraUI.exe.WebView2/EBWebView/Speech Recognition/1.15.0.1/Microsoft.CognitiveServices.Speech.core.dll
- Size
  
  2.6MB
- MD5
  
  0ee2b50c85a110689352fccfa77b5b18
- SHA1
  
  d9ecc4b12d2d50e3cbce40e75edad804c9988b25
- SHA256
  
  62a13d8459e0992c311dc3551bf3c2d1ce167ea7fa40f0ec62193f3bd760b36e
- SHA512
  
  a4f94a05a69b5ae3a0ecf8bdb7592f698d0df81e2f1fae679f38890ad04a2384883837bc792c73848955ff4af7afed49d38839f7ab174454e61919ed78655bff
- SSDEEP
  
  49152:NodIJ85qaIU7ui8DDR5s8L0Oty8CvFqwsNcrCY2/YUZzQ7L9qhV6O8mOn0k10:gEDRwrcAwDl
Score

1^/10
behavioral7
- Target
  
  ZoraraUI.exe.WebView2/EBWebView/Subresource Filter/Unindexed Rules/10.34.0.55/adblock_snippet.js
- Size
  
  2KB
- MD5
  
  f5c93c471485f4b9ab45260518c30267
- SHA1
  
  ee6e09fb23b6f3f402e409a2272521fdd7ad89ed
- SHA256
  
  9aa899e0bf660ee8f894b97c28f05db06cc486915953b7f3b2ff9902fa8da690
- SHA512
  
  e50a1baf20db9bc867e85ab72f9976430e87d8516ca552f9342a5c91822c9e1404e4f915042d48d841cca3fb16fd969bf0aa01195791ce29de63c45814fcdcda
Score

3^/10

execution
behavioral8
- Target
  
  Microsoft.CognitiveServices.Speech.core.dll
- Size
  
  2.6MB
- MD5
  
  0ee2b50c85a110689352fccfa77b5b18
- SHA1
  
  d9ecc4b12d2d50e3cbce40e75edad804c9988b25
- SHA256
  
  62a13d8459e0992c311dc3551bf3c2d1ce167ea7fa40f0ec62193f3bd760b36e
- SHA512
  
  a4f94a05a69b5ae3a0ecf8bdb7592f698d0df81e2f1fae679f38890ad04a2384883837bc792c73848955ff4af7afed49d38839f7ab174454e61919ed78655bff
- SSDEEP
  
  49152:NodIJ85qaIU7ui8DDR5s8L0Oty8CvFqwsNcrCY2/YUZzQ7L9qhV6O8mOn0k10:gEDRwrcAwDl
Score

1^/10
behavioral9
- Target
  
  adblock_snippet.js
- Size
  
  2KB
- MD5
  
  f5c93c471485f4b9ab45260518c30267
- SHA1
  
  ee6e09fb23b6f3f402e409a2272521fdd7ad89ed
- SHA256
  
  9aa899e0bf660ee8f894b97c28f05db06cc486915953b7f3b2ff9902fa8da690
- SHA512
  
  e50a1baf20db9bc867e85ab72f9976430e87d8516ca552f9342a5c91822c9e1404e4f915042d48d841cca3fb16fd969bf0aa01195791ce29de63c45814fcdcda
Score

3^/10

execution
behavioral10
- Target
  
  bin/Monaco/index.html
- Size
  
  164KB
- MD5
  
  0f76256876f7c781074734134b53d080
- SHA1
  
  5d279e84c67a40c59f8a93ee0ca7071bb7518042
- SHA256
  
  5b28a84344bae9286b83f9ac8e1c16185a8b9608d8801b2389b12ceff0614ef5
- SHA512
  
  0b589afa314e70c98d2116c70d2af4f8e329dde743810e04c9af0f7448214ccc7c9a86ef498639ae33c3a77903a35be08db9ca264aff4caa57e5398ac6f230d7
- SSDEEP
  
  3072:gKl34J09UmmJv8kBpZaFD48VOAGUWYPjDZlLJbRBiPEP8yKUz2Ojmjr8zM3KP7pJ:d4J09BA3pZaFD48VOAGUWYPjdlLJbRB1
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
behavioral11
- Target
  
  bin/Monaco/vs/base/worker/workerMain.js
- Size
  
  133KB
- MD5
  
  d0ac5294c58e523cddf25bc6d785fa48
- SHA1
  
  1b3661b6db36f1b14fd80dc9a739bfc69c68dfe5
- SHA256
  
  e90d1a8f116fa74431117a3ad78dde16dde060a4bf7528dfe3d5a3ad6156504b
- SHA512
  
  fea07a1ea5d29a3b4c614248655f4d1ddd94c10c6a6b5c8b428a8b4c0cbec7e7492fa0665c5001e65ce167240ffdfc5ac2c2ed14da3d6f508ae8d8b3c8e8eebb
- SSDEEP
  
  3072:bzjH/zYJc5c/7tMLrJ78II4F9N8+em5W+:XjH/zYJc5c/76LrJ78I7BL
Score

3^/10

execution
behavioral12
- Target
  
  bin/Monaco/vs/basic-languages/lua/lua.js
- Size
  
  4KB
- MD5
  
  eebda1fdd970433750c115eae2f03865
- SHA1
  
  3f1a1cddb99dead013eac825eb418241656d4bf0
- SHA256
  
  ac729efb3164f48d6b08f74d4b15060c126a30d40fb4cd4fc9cc94f2e19bd7c7
- SHA512
  
  8b188f3ae73a14a9318dce9761312d9dd2360ab00ee36e83ca6b74288a109c91770954db7537fd84a76707a1e79528fffc97f3a718bcd924545b469a1363c9cb
- SSDEEP
  
  96:HDGAW6FJJJkCO8evcIWtdrvrg+1/sLMiWAOKjLobLMzD:BWCDqC20IWtZD92pzOKvomD
Score

3^/10

execution
behavioral13
- Target
  
  bin/Monaco/vs/editor/editor.main.js
- Size
  
  2.1MB
- MD5
  
  a7e3083cfe200263edfb4bf011b893a3
- SHA1
  
  18b52dc38e7a8a612892f5e60a08d9b19e1f472f
- SHA256
  
  9e2fb6171592f7a3c33d3b5baef58b516b36473ff7717bbd643574991923435e
- SHA512
  
  6bbb149102958e23c42accbbd18595fcfffd547bb826f2309956c036983692e83b7313567a42e50d98a1c946fab554e32b77ef4d0f8bc0cc7f0dda196fd7e23b
- SSDEEP
  
  24576:jFFExk98EXl2uRJxjP3Gdv6QLtQ2MbRpn:Yxk98EXl2ixjP3Gdv6QLtdMf
Score

3^/10

execution
behavioral14
- Target
  
  bin/Monaco/vs/editor/editor.main.nls.de.js
- Size
  
  46KB
- MD5
  
  d1fd2fb756c73970b9c5e0ba07bff708
- SHA1
  
  470057b3244886dccc9f6074297cc8bc2a9c1b39
- SHA256
  
  cb1c3416ff242a738c45c3b2590d7d222b159a95a69ce3b7b8d7c8d18ea70828
- SHA512
  
  db2432182ff4c85fcca5093d0e433ed9cf5bed3ea3db9ed82fedc87af4d260e0d0f29ff67f0b8ac78e162586a74998ad082a91e8f9a76717827a83d5b2f775cf
- SSDEEP
  
  768:ocuLC1xYdRB1a3Xq1GdigBoQqAaI/QQUEYPxFpXT1kF7bJZYmz7lehjDWMQRBk3Z:oclxgVuXq1GdiRQqAaI/QvEYPxFpDkbg
Score

3^/10

execution
behavioral15
- Target
  
  bin/Monaco/vs/editor/editor.main.nls.es.js
- Size
  
  46KB
- MD5
  
  36f546b28ca17ece9f8eb9bcf8344e13
- SHA1
  
  d43934b9041587799e332b2f568aa81666227258
- SHA256
  
  327437ee3793e9ae0686c78196b459592c282ed2e86f95ce28d32693b76d7654
- SHA512
  
  13f8cc23038c07b6840514db4fc7b503b7a38ae1ec3baab44f1bfbded40ac50ae03c05c754f9678eecd0c8fcefab958152b39b731068b8c2c976c4c57e97f36d
- SSDEEP
  
  768:oX8nKFyVgAYwTQG8zHqIkGMvnmvoKA9OfxjB3EVuU13pjbazPn0ANy7+IkLDKPp9:oMKFyVRcdzHqIkGMvnmvoKA9OfxjB3E5
Score

3^/10

execution
behavioral16
- Target
  
  bin/Monaco/vs/editor/editor.main.nls.fr.js
- Size
  
  49KB
- MD5
  
  1a29080733878dd44e0c118e84cd0c39
- SHA1
  
  60c158e23962b11918f6cae26445fad5b63bc65a
- SHA256
  
  6ed837dc1905c06a20d102921ff06a0bda003c5368ed0576bf7e69494e889ae8
- SHA512
  
  5cc68cabb583100320d7c875fd7c46f5c618c3968ac2a7c2b60f90ec74b29349a557049c17d5c851cabb54d5ef26cd65e8d2288d70b62ede06ee1762e25dbd60
- SSDEEP
  
  768:op8flgb2uZ5CcXQ6Q3edz3uzATaY3l0y+wj90TWIvkU5BkREPTtOjNjZocYV3A4k:owliv5Ccg67SATaYVKPkRskjNGBAa3k
Score

3^/10

execution
behavioral17
- Target
  
  bin/Monaco/vs/editor/editor.main.nls.it.js
- Size
  
  48KB
- MD5
  
  18e88f58301ad5ae926204507ab99c6b
- SHA1
  
  8eb03235312e88b941f3be212c0efa12b24e6d5f
- SHA256
  
  4fe2c4420294758883e134bdf7da9e6c2abf631d3a89c765f32f6c1d0f62653c
- SHA512
  
  f66283ec4182e9062f9f03a83acb3f2a49b98fb9ef67e48eaf5227236919ca279831b822fcb3ae252cfeafd81d12fe9c89a2843d91ab140a2b79b6bbc1d4f013
- SSDEEP
  
  768:opTEy7izsuMa01VaiYR2L8XoXNj8YtvnYbP4ymMb3d/gyKJdnPTrysribj5K3m05:of7fQ2qd4yq2FA1J1qn4VN7CgL
Score

3^/10

execution
behavioral18
- Target
  
  bin/Monaco/vs/editor/editor.main.nls.ja.js
- Size
  
  52KB
- MD5
  
  3bf851cc70f515cbbe1d39da93e4f041
- SHA1
  
  88fe6323bbe14b55b6eec078574318e8474be613
- SHA256
  
  1f3556ea7233843b9e08b3c97b6727c533d702563e195c2090a438070dc85f0f
- SHA512
  
  61ffe9ec3550d2f8dfbc30d7d61327584833bb714a9d2cfc9788449190089dbdeaa293bb9921a43da782e1c36b7d242e13ac052b46210d2e79793626e921169d
- SSDEEP
  
  384:hyd/PwPtm+04LZ+FFHr0ZA9qOSTvvIEveG1vz14NdahWMpA1Uj4vHbX3IPDScLBV:olP4LsIOCaT3lJr/Tvk6892vU1ssD
Score

3^/10

execution
behavioral19
- Target
  
  bin/Monaco/vs/editor/editor.main.nls.js
- Size
  
  38KB
- MD5
  
  e871d4d9539c26d7d2bf32801ebdecf0
- SHA1
  
  711460f619ef09fa23d272d97bfc00593a5319a8
- SHA256
  
  5ff0084e6a7eee82a735616239aaf2190ea9d90e89e19340831f3d590828016a
- SHA512
  
  b6b9bf96c132db9dfc99d70320231630fc46a8a83f500d8e4f677e2d03206364f2666946f69061dcba2e759f005261dae1ece73e054aa56b8210551bc353cced
- SSDEEP
  
  384:hy38McmvQkKEQq4xlX7lrp1E1bIJUeYB4jV87XfVGT3H6Sq6Q4wCJjoce1u6I7JS:o38M7fQq4xPj7+lJcYYKqkGSVetbesy
Score

3^/10

execution
behavioral20
- Target
  
  bin/Monaco/vs/editor/editor.main.nls.ko.js
- Size
  
  46KB
- MD5
  
  60fcd422ac97a1b645ff48cb6928f7af
- SHA1
  
  da5b57dfbd257720155e303f0e75e263f0e74190
- SHA256
  
  98e649fa40d8e2ccfdc212341feb8165a7d7bbec31e8a77d9819ad9474e4b8ba
- SHA512
  
  52439f47f1e12ccf37db40f9fa8fa4966579cd6b327cde1768187cd7fdc7ebdd444e1953e29ed09bdced40d764c2e8f7131d44908c00bfd350e856a9df661aa4
- SSDEEP
  
  768:oNOnmkUxK1pLkKgljQM1r0xXDj8kE6q2XlGZrAPPvzcDzr5u1QrWp4cX6go:o4ZUxKgKzxzrE63GZrAPPkrmQKp4cX6L
Score

3^/10

execution
behavioral21
- Target
  
  bin/Monaco/vs/editor/editor.main.nls.ru.js
- Size
  
  75KB
- MD5
  
  6e7d5b984917b00f131c47473ce2b866
- SHA1
  
  97f94134ff8f73ab48c0635550f2d8054c239c7f
- SHA256
  
  1bb069d95a395bf258d1f262814591aa762c4b30529adde32ccbcaa7c7ca508d
- SHA512
  
  f2595e7e1812073c50bfa058db3c7918dd8d7a6f0d20a576c68d854a4c61ed74bef3ad5ab23430567065677d737d81c7f17010055a069b9e38b5594d65e882a0
- SSDEEP
  
  1536:ox/PFmMhjpIMbBBKOXnPCSHhiaV6can9oA2yG+YQI/Y:QbhjpIcB8OXdHhiXcanGA2yGiI/Y
Score

3^/10

execution
behavioral22
- Target
  
  bin/Monaco/vs/editor/editor.main.nls.zh-cn.js
- Size
  
  36KB
- MD5
  
  05e49314cf801f5d3992b55243690ea7
- SHA1
  
  c20fca9f037adf2edec34ccf67a08e56d1d71bbf
- SHA256
  
  e9adc8ffca9853ef6e0bd4e955af9f395a570bc7772fc2dac0c0ff241aac864b
- SHA512
  
  7d499b41ae9bee2e72b721a49c0d053029624b19af1ede71a4378e14d3f6b407539c18d29422fb8d21681ce7dc160d2f11e80064017f5c8a5f645d6c1a77cc75
- SSDEEP
  
  768:oJbVMLHwwytIMTAlthuIjOP4CAz9NlL2/AdszzHsVBI/C4j00llmR+V66U:odPPZ+huIjTszzHs3IXj00llmMV6j
Score

3^/10

execution
behavioral23
- Target
  
  bin/Monaco/vs/editor/editor.main.nls.zh-tw.js
- Size
  
  36KB
- MD5
  
  becbf441d95b0bc1565faf47ce9de373
- SHA1
  
  f660a8a29dc9861f7ff7e228622d492f1630b873
- SHA256
  
  94a7ff81b8ec3217a46bc5cdebe2c6aee98f73e6e902b7d9cf394836d052bbe5
- SHA512
  
  feee8ef6e36984309186b8ff491982efe4f144859c3f48d147b26bd61af6af751e013a951e945f02a2057368b485204734f6dc50cd6fca6294426b7fbdbcaa4f
- SSDEEP
  
  768:ozietcy+xQHM2k00fZvOHRUJdFF/JlN+QVtWrn05IxXUeqJ1wrv6Vl900U1LjK1G:o3sxQHM24ZvtdFF/zN+Q2LUeqJ1wrv6y
Score

3^/10

execution
behavioral24
- Target
  
  bin/Monaco/vs/loader.js
- Size
  
  29KB
- MD5
  
  bc15bb48d4d5c60ce7f16819f4d988c4
- SHA1
  
  87c7f328aa357d52b68b2cea0a214365a40cdc36
- SHA256
  
  5c3cf09973404ba31d760952f267751ef2bb09f315331d13ca432b65ce2c480b
- SHA512
  
  b5d7481773cafd01f3d738949a54e49c166c9a8fea3a150f6f0eed7449176d630991e27544a4e7b23fdad29700ae7fbba5de42f97c69874b6f2ad374194a9853
- SSDEEP
  
  768:o7J6CgCAqoxgiwYeMX/so92s8hHlDmc0yvrCfS5kUN+WV+X7:oV6lC8fwYeFKcV5k
Score

3^/10

execution
behavioral25
- Target
  
  libcrypto-3-x64.dll
- Size
  
  4.5MB
- MD5
  
  a9c1f7ca15c65c139bc9d4bf57df2e1e
- SHA1
  
  1b1377139a6b289d43a6b1161cd1089ffc817cf9
- SHA256
  
  03ec9292dcdfda520638490e11baeefff5ab1b6eb22feb90a22fc771272ce116
- SHA512
  
  97f8745dba6330c196de9b822638bfe7f74a86bdcb6726f4bd1d3d917de54f9abcb05163c42255173eac3bde995f0d611af718dbcc0de432b67666bed0c0b073
- SSDEEP
  
  98304:Ml+f+K26t8Te5zUeP4xA1CPwDvt3uFGCCQ:4Ctt8Te5zUewxA1CPwDvt3uFGCC
Score

1^/10
behavioral26
- Target
  
  libssl-3-x64.dll
- Size
  
  802KB
- MD5
  
  51b0d5f42a82f6fa8739b403e9b8b81c
- SHA1
  
  75968c157628bb7aca9b5f2331f7a0c9a1d28865
- SHA256
  
  0bda7daeb4040c722b8c287dfd2307c9b8228576db1dbbbaac901c35cc8dc62b
- SHA512
  
  94fba90ad7bcf190079089dcc3af97c598c016eb359fe4d2ea439b5fbcd4a5489ab4422652223926aae64002beef1368d5b95874f68a2e5bc4971b4f9604d814
- SSDEEP
  
  12288:Mzjte0Fevo3VS1npHEDHLqjRmqWSTzt7opiTdEVB3S:M9e5o3VVZVSPtopwdEVB3S
Score

1^/10
behavioral27
- Target
  
  runtimes/win-arm64/native/WebView2Loader.dll
- Size
  
  136KB
- MD5
  
  8f2648cd543236ef1b4856715731e069
- SHA1
  
  c269e906556c160201fe229b9f6f3dde26888ac4
- SHA256
  
  77152af4472dc7741901ba69ce3a670992546eb2f5eda3db7fee135ee0037de0
- SHA512
  
  26bd06330e690dc73534ec2c54cd75149c0e96cbcfb34b9012532223db51d98b37b8b5c507d8d1a9b3829ea49493981d79cc1e5aaaa5b0d4b796a72f4420f2cc
- SSDEEP
  
  3072:VgpD1l8o58rpoJbMPN6OSBTj0zEtJW6hGo3:aphl8omrhlzEtJNhn
Score

1^/10
behavioral28
- Target
  
  runtimes/win-x64/native/WebView2Loader.dll
- Size
  
  161KB
- MD5
  
  c5f0c46e91f354c58ecec864614157d7
- SHA1
  
  cb6f85c0b716b4fc3810deb3eb9053beb07e803c
- SHA256
  
  465a7ddfb3a0da4c3965daf2ad6ac7548513f42329b58aebc337311c10ea0a6f
- SHA512
  
  287756078aa08130907bd8601b957e9e006cef9f5c6765df25cfaa64ddd0fff7d92ffa11f10a00a4028687f3220efda8c64008dbcf205bedae5da296e3896e91
- SSDEEP
  
  3072:7evoTTlTRTyiuPThTNTKm81SbbMYSPLNsknZiZ2HZ5AaliiT88FEtJ57dXSvlCW:HTlTRTyiuPThTNTKmFQdhsknZiMHfEti
Score

1^/10
behavioral29
- Target
  
  runtimes/win-x86/native/WebView2Loader.dll
- Size
  
  113KB
- MD5
  
  9d7744e15bb8e3d005079b18979c8544
- SHA1
  
  7b326c96e5f3f6baaf6e9390b119a4ffb3df2c64
- SHA256
  
  cc2f661aac9c05646933f717e629a69be93d8d06803066289d6dc1105aac6cd2
- SHA512
  
  732fd17714ec5ef0afd8f17d06adc895e93bea4585b6b1dabcf95c3fbe808e7b31a19c13cccfac0b30cd425cf96926749a0373a861f55fa8db442430803f4a25
- SSDEEP
  
  3072:rJ7FfqJR70vRq2KVsCKKa/gqeNZ/TvxEtJlAlp8Ugr4fm9IxK:r7fqJRQY0RKD5EtJeTMr2mV
Score

3^/10

discovery
behavioral30
- Target
  
  xxhash.dll
- Size
  
  46KB
- MD5
  
  249a5f6ca047df2a2f802782696c7f80
- SHA1
  
  6a1d96be0f497d689fb55de70284af83cac61f52
- SHA256
  
  2828e3014c3283caeb1b00d14145a42f4e347e7f547b40634540394892265671
- SHA512
  
  d2d0b6ba2ec95c33609d98788e5a4cce382d93721ea5dea61cde3f4c065b06530a0b01ae4909f7883a81d55529a36cb6a5820aa2afc320b5761f6f59a3a45f1f
- SSDEEP
  
  768:zziPp7yW4k3QDn24NuDUSu0MKQVMNKuxYAuogba4Mk3QimeSyygGz1K:zziR74kgDn2rDRuIrN5mAvgbTgi3SylI
Score

1^/10
behavioral31
- Target
  
  zstd.dll
- Size
  
  638KB
- MD5
  
  21dfe873f6ed38f2f713ecd43ad1ba41
- SHA1
  
  7648cb043587da0e85743f9da8dca8be621ccdf0
- SHA256
  
  2a2d63c48b6b3ac7768231ade30122c94a0a33e62e5d2725e11c95b3194aa997
- SHA512
  
  67b4f976f3511387ce2a4743e2281ac88533bd204d4e07a5c6751f0ec30a3463dfabcda18103a632541ec2a8b7b937806121e21e44959411c39106e22b739919
- SSDEEP
  
  6144:XbauYl+rrR8uT4uB5uWYfO16oMynnjDHMkYHbpk5tRCEybNFZemMBLx4eTTzp:XbauYGT5BYMxjDHMk0petRCEyb9emHW
Score

1^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Suspicious use of NtSetInformationThreadHideFromDebugger

Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32