ad76f55cc9758121c75f14c16d54bc98de61d5fd381f101522753811c158407d | Triage

Sharing

General

Target

ad76f55cc9758121c75f14c16d54bc98de61d5fd381f101522753811c158407dN
Size

1.2MB
Sample

240919-fkg1rssckk
MD5

8045f943941867de6c3704706c1271f0
SHA1

1596132ca55c0590df7cf5ea4dcf6b0449db5374
SHA256

ad76f55cc9758121c75f14c16d54bc98de61d5fd381f101522753811c158407d
SHA512

dddf99d2ed7a0efd6952a3c7910607682e42529fe7c530bdaeeff01223bdb7d07fa25ddde1c205acc78ec48efd29c96ed70889b0a3595435711ecc6be1b4d115
SSDEEP

24576:QjNyguooIjkFWpjzwkXiXHf+2g0NJMtrrqhv/Famxt:gtRRjkkXUHW4CrO1amxt

Score

7^/10

discovery execution upx

Malware Config

Targets

- Target
  
  ad76f55cc9758121c75f14c16d54bc98de61d5fd381f101522753811c158407dN
- Size
  
  1.2MB
- MD5
  
  8045f943941867de6c3704706c1271f0
- SHA1
  
  1596132ca55c0590df7cf5ea4dcf6b0449db5374
- SHA256
  
  ad76f55cc9758121c75f14c16d54bc98de61d5fd381f101522753811c158407d
- SHA512
  
  dddf99d2ed7a0efd6952a3c7910607682e42529fe7c530bdaeeff01223bdb7d07fa25ddde1c205acc78ec48efd29c96ed70889b0a3595435711ecc6be1b4d115
- SSDEEP
  
  24576:QjNyguooIjkFWpjzwkXiXHf+2g0NJMtrrqhv/Famxt:gtRRjkkXUHW4CrO1amxt
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/BI.exe
- Size
  
  81KB
- MD5
  
  c6606a373ecde7cfd604b9970c84edd0
- SHA1
  
  2ade77df0b5b02b60a98f60328914c44fb4e0e11
- SHA256
  
  e30c962b128d554c672d8f332874f43443529fa7c9cc2165affe403f14d83bb6
- SHA512
  
  8379c676d1fb229cf6661c07b9a14fc782261d6b74b35aff3223fdb9b7fe7afb1b33e6205ae35e420da80a22ed30d5b4f3daa6ef19c975caa7d44ea2a44499b4
- SSDEEP
  
  1536:kGarUa6LowvuhdNYh2Gf9rg6hzGPnZ91q7VbDmvscN7LX0agXRxD:m5BuYAVrgUCPnZWR3mlhgXjD
Score

7^/10

discovery
- Loads dropped DLL
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/DownloadACC.exe
- Size
  
  177KB
- MD5
  
  ef1e28f5e9a2e4a68edddf451587cea3
- SHA1
  
  7124b627682de48d80bc7b9aa1f06210505777dd
- SHA256
  
  ba09bdd11bad52fb039de42be4224739794c1941ddd159148df4a923a1327fd8
- SHA512
  
  d11e40fdb633596bd271899c6a7c5e88c7c6564b026db715c71e50c8972351cb7ac5ce7872a36184c55db897c6bca29ead04334e12a640ca4fa3f085888c44da
- SSDEEP
  
  3072:B4PC23aJFC0bPnCkgideNACz1utXret08FPGYcFZ78fqigbcZO56iG2pXbHnNeLn:NC0baDgeD1utXret08FPc8fqxFG2xnN6
Score

7^/10

discovery
- Loads dropped DLL
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/OCSetupHlp.dll
- Size
  
  842KB
- MD5
  
  3caac9864b3ba85933e6359ff44e2846
- SHA1
  
  733e0d02a297d8c269e7e47b05a0787352440606
- SHA256
  
  e6b62423d3cfe1e2d63393afc2eb2871cc82d7aa850a5de6ad199d871e95e06b
- SHA512
  
  45229afed54d9a5215c67eef1a2c2fa162c20636357463869afd133fe0758f0e9cf2baa9c311281ace55455e71cd0aee3be8f671d6ea412f6bd8c290f95bec76
- SSDEEP
  
  12288:N+wnK6z+X9XgFnDgQlOpmtZkYZYiWRREaQDEK/8MoSTLyU0CT36:UTdwZDgQ4p2ZkCYHtQIK/8M7TLyU0e6
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/ProxyInstaller.exe
- Size
  
  88KB
- MD5
  
  06826f8c75d1a05b8bffd183eb79e8bf
- SHA1
  
  59f8b4fe13b77525ae8213ecb0c24c725aa4fa50
- SHA256
  
  76d51fd7959167aed22d67c4b6819c69c6be00d3216ff11b9ddf5d6f8720c787
- SHA512
  
  5798be15a85743deed873c85b62b5e3ba28045e57758b4a6dca0899149278182c502769ebb551320078f51dc64b8fc50735d9e2ea987a63490819a2a37698b3a
- SSDEEP
  
  1536:KErPZ3IBZcbTfu1HlrJFCPcbPnLOR8Y5jzRE8euOXLcCz1utYo9iQjPANHB:5PC23aJFC0bPn6GY5HeNACz1utXzyHB
Score

7^/10

discovery
- Loads dropped DLL
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  17KB
- MD5
  
  ea466672af35f704f1e8738ce4381857
- SHA1
  
  245a02c01302cf0151c07d915f028e3d822846da
- SHA256
  
  54e5770328d8bc66ae751cba53eed2988cff81d9a0c627e006ee8de01ba71ed3
- SHA512
  
  619619a5fca42129087b597ef8ff3acb6f423e5c0f6add72d6c2709e6018c66933e16678dcc6e5716f191763cb23929f7cd8ae700f8c919bfa08fad8193dede2
- SSDEEP
  
  384:CJoiO8V2upW7vQjS/0nYPLWUHWteMy8+B:CJzO8V2uovQjjtI
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/WebApp/Css/PIE.htc
- Size
  
  39KB
- MD5
  
  a219e20e2678b66b24b9067a2e228a8d
- SHA1
  
  a942a10f546102c2e93919992619c28a17d140d6
- SHA256
  
  172eaf95ae8ee7073d7d2d20a11b13eaaf0a355d426f0c839a06296c534db344
- SHA512
  
  e43b5a432994b2508434520630282718cf6d2c83dce16f53f24279a199c5588b57216150f33c9ea16309fdb58b54b71562695583ee058ce76946cde244237ba9
- SSDEEP
  
  768:SjRVYqD2v6Bgpcb5J9Ohl9ohgQoieFViNLCZac9Z0A5v:SjRVcyu+b5Dmog1ieFRZp9ZJv
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/WebApp/Failed.htm
- Size
  
  4KB
- MD5
  
  a058c9da06c529b0130be68ef6faca46
- SHA1
  
  cb37a5276007cd3022e2cc90bb998240725c92ab
- SHA256
  
  a0b8f5ee67ee63cd5dda92da281126c717e507d4b846976eebe1b5e7d1e23b34
- SHA512
  
  85766e7e14fcb306cf88d65035a42385a0ab040d1099096e36d1dcc2e9fac49c678ba156fc0a7027cb84cc027a46cec68b2a6e2598699fbd1bee9ea46b8e4282
- SSDEEP
  
  48:QrAkQWWrRFHXcJ3EHEYQ5xBxw7z7yWEfpyyxgQvdvHlbFsGhLh48gpPPf:ySQ3EYXyyfpyyxgsHJh48gl
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/WebApp/Js/API.js
- Size
  
  9KB
- MD5
  
  0c1797a7fe8c65cf36ca5bc35aad0ff7
- SHA1
  
  b2754700c45211e641a59c1ddf55f47d55d43bdc
- SHA256
  
  85ec98a0fc8ff6c202e0a01142814a5a5438a71636a4025a2a8506cc7b22edba
- SHA512
  
  76e5eefc894f815099e8360d89253505b8f29974b71d63e0a5e0636e6db9f8793bf11e992140b89d478a856402741222ad0bf2acff72f95d13fb60b370b13231
- SSDEEP
  
  192:ukS/WVXrXxcuci15hDdAiMQEFp8BOFYR6j:ukSscNi1jdx28BNRu
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/WebApp/Js/ExternalParams.js
- Size
  
  170B
- MD5
  
  9bb9bbd6f5283938a2d39dc98ef9c788
- SHA1
  
  e64df5bbe2a82fba4f5b6574325699c2a9f06791
- SHA256
  
  7caa0ac51df1796f4cc081616124cbf227bf7d8d83379c39b693fb3701a45a65
- SHA512
  
  eb5f19f33939062a441259ef8424ec116026d7b042496228dbc5b8311e196b7824f2b15f0847975aae9a617890f47d81c9274f102aaf964f877a531524c3ae9b
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/WebApp/Js/PIE.htc
- Size
  
  39KB
- MD5
  
  a219e20e2678b66b24b9067a2e228a8d
- SHA1
  
  a942a10f546102c2e93919992619c28a17d140d6
- SHA256
  
  172eaf95ae8ee7073d7d2d20a11b13eaaf0a355d426f0c839a06296c534db344
- SHA512
  
  e43b5a432994b2508434520630282718cf6d2c83dce16f53f24279a199c5588b57216150f33c9ea16309fdb58b54b71562695583ee058ce76946cde244237ba9
- SSDEEP
  
  768:SjRVYqD2v6Bgpcb5J9Ohl9ohgQoieFViNLCZac9Z0A5v:SjRVcyu+b5Dmog1ieFRZp9ZJv
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/WebApp/Js/ProgressBar.js
- Size
  
  3KB
- MD5
  
  44c16c5226c1593c195f514057061fb7
- SHA1
  
  bb4bd98314ac68c40031b66d0f035762a1b6666b
- SHA256
  
  4e57a7a100fa635c7bb1a451633eb6b628edaba4b78c625c828450ad819478c9
- SHA512
  
  5bce64414d49a6fc9b2094d6214c3e767c12cebb262957693661c7c4e440bfe233ee23e6226b73536d848f53d25399de711cb302c824e106dabc361ce7e1d99f
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/WebApp/Js/Store.js
- Size
  
  5KB
- MD5
  
  2a9c08cfa638e2df0a2eb2670a42bd2d
- SHA1
  
  0ef46601f45f8ddf374606d8bfce726ad454420c
- SHA256
  
  ff6e4c551b8ddaf524442408be57c0ca17befd6aad9570897d7ed3f96a240394
- SHA512
  
  d8d6407f9f020f6e8a623e87ff36c3f528de9765706418c27d776838fc20a771837e146590e8acb1b6e9f017d8db4176d5c53c81777b89fc6ef60bc68e31bc63
- SSDEEP
  
  96:5xz3uYpl3U6bgcp1RSlDlKsDQxhlBHCk2HLksdP2QkHQZES+9sl/Ou5tpmIl0ZYC:L9QtDUCkGkb/U+9sf9aZ3Zb
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/WebApp/Js/jquery-ui-1.8.16.custom.min.js
- Size
  
  9KB
- MD5
  
  e89fc840e15cb20c7b1e22f86380465d
- SHA1
  
  84b3bfcd03a5072e68be92b64e34635d6486fcdd
- SHA256
  
  70807ec00aa70f6d3a654465c8b697ed039a8e3c1beb5419ad5b5e2516075b90
- SHA512
  
  51deb88b88b2ba9aa623563102b603eaa3f40ff5e42989f1367d734b36c12a9d0518dc1d6355f3345838296d7da1a8fcf16220ebdf0ba2aaab108b70ea59d619
- SSDEEP
  
  192:TUJs4PzMe5rvf/594ey2LdVop37bNrbj45EDxVja:TU+4PQe5rvf/L4eyKwnF4CDxZa
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  $PLUGINSDIR/WebApp/Js/json2.js
- Size
  
  3KB
- MD5
  
  9b8cf1c97726c080629c98ddec68bebd
- SHA1
  
  5d764a5bc2e5cbb5f2569336e4c0c5f472d07f35
- SHA256
  
  1b6c626d6a600be68b11133c7bcd32fbcc8015951037bb36beaa067914367715
- SHA512
  
  67c590d216e73d0dd58974567dc248e0adb363c59e318efe1e715960a38220c1cfb98328cdb69941888f9e039d60980fd1fcf11084498fcb46f80c135cb60d24
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  $PLUGINSDIR/WebApp/Js/script.js
- Size
  
  2KB
- MD5
  
  e2bb77ec7fe08e79678e423e9e9919c1
- SHA1
  
  f8e3d351b265045f149f459a3660567cb56bac79
- SHA256
  
  4c0f1e943239cb88229079adcf570211b3420d29012b5c193bd164a8200dad1b
- SHA512
  
  0ccced6d1f85b2c7c35fd60bcf555ef69237761d33eb002db4f2453deda0d8662a0880cf687f30fd3aa0c89b6f30fcd1540f659b0b551e478349cf04ae29de0b
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32