06c2dff99c92ad35dc3b83ac8608002a5b0fe080fcd9d321c223ed1a31267d61 | Triage

Sharing

General

Target

06c2dff99c92ad35dc3b83ac8608002a5b0fe080fcd9d321c223ed1a31267d61
Size

6.1MB
Sample

240919-kprszszdpc
MD5

90f2ab2f9236fccb1708a771eeeb9547
SHA1

527912f5f23ba9912431bbbb63894196e2848471
SHA256

06c2dff99c92ad35dc3b83ac8608002a5b0fe080fcd9d321c223ed1a31267d61
SHA512

ead3fe5a980285eaef617d0e037505acf6073c2a72a2d44d534f572224ea47c8ba219dae138fa9360f7edc7038d340ac7e1f253052eac56e82ea6013955349d8
SSDEEP

98304:he/3hibpt9qKcF/SuQSscKfYTPQQSWfOaDaWMSqXaWnpmnPqKSnX0wnk721FY0VL:hefopjq19SuzK+QQz5aXXDIgEGUwFYAL

Score

7^/10

discovery execution

Malware Config

Targets

- Target
  
  06c2dff99c92ad35dc3b83ac8608002a5b0fe080fcd9d321c223ed1a31267d61
- Size
  
  6.1MB
- MD5
  
  90f2ab2f9236fccb1708a771eeeb9547
- SHA1
  
  527912f5f23ba9912431bbbb63894196e2848471
- SHA256
  
  06c2dff99c92ad35dc3b83ac8608002a5b0fe080fcd9d321c223ed1a31267d61
- SHA512
  
  ead3fe5a980285eaef617d0e037505acf6073c2a72a2d44d534f572224ea47c8ba219dae138fa9360f7edc7038d340ac7e1f253052eac56e82ea6013955349d8
- SSDEEP
  
  98304:he/3hibpt9qKcF/SuQSscKfYTPQQSWfOaDaWMSqXaWnpmnPqKSnX0wnk721FY0VL:hefopjq19SuzK+QQz5aXXDIgEGUwFYAL
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/NSISdl.dll
- Size
  
  15KB
- MD5
  
  ee68463fed225c5c98d800bdbd205598
- SHA1
  
  306364af624de3028e2078c4d8c234fa497bd723
- SHA256
  
  419485a096bc7d95f872ed1b9b7b5c537231183d710363beee4d235bb79dbe04
- SHA512
  
  b14fb74cb76b8f4e80fdd75b44adac3605883e2dcdb06b870811759d82fa2ec732cd63301f20a2168d7ad74510f62572818f90038f5116fe19c899eba68a5107
- SSDEEP
  
  384:7py18oahashajPmIYInUJggBOZgAHhUKijb:7py18oafmeggBOCAHpij
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/StartMenu.dll
- Size
  
  7KB
- MD5
  
  d070f3275df715bf3708beff2c6c307d
- SHA1
  
  93d3725801e07303e9727c4369e19fd139e69023
- SHA256
  
  42dd4dda3249a94e32e20f76eaffae784a5475ed00c60ef0197c8a2c1ccd2fb7
- SHA512
  
  fcaf625dac4684dad33d12e3a942b38489ecc90649eee885d823a932e70db63c1edb8614b9fa8904d1710e9b820e82c5a37aeb8403cf21cf1e3692f76438664d
- SSDEEP
  
  96:h8dPIKJhMuhik+CfoEwknt6io8zv+qy5/utta/H3lkCTcaqHCI:yZIKXgk+cx6QYFkAXlncviI
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  cff85c549d536f651d4fb8387f1976f2
- SHA1
  
  d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
- SHA256
  
  8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
- SHA512
  
  531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88
- SSDEEP
  
  192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  6c3f8c94d0727894d706940a8a980543
- SHA1
  
  0d1bcad901be377f38d579aafc0c41c0ef8dcefd
- SHA256
  
  56b96add1978b1abba286f7f8982b0efbe007d4a48b3ded6a4d408e01d753fe2
- SHA512
  
  2094f0e4bb7c806a5ff27f83a1d572a5512d979eefda3345baff27d2c89e828f68466d08c3ca250da11b01fc0407a21743037c25e94fbe688566dd7deaebd355
- SSDEEP
  
  96:o0svUu3Uy+sytcS8176b+XR8pCHFcMcxSgB5PKtAtgt+Nt+rnt3DVEB3YcNqkzfS:o0svWyNO81b8pCHFcM0PuAgkOyuIFc
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/nsis_tauri_utils.dll
- Size
  
  29KB
- MD5
  
  8def0196223484f8aed4106148dd3f08
- SHA1
  
  e0fc0951deb0e5e741df10328f95c7d6678ad3aa
- SHA256
  
  c0f2b928bc4c81cc5ca30a8932a6dc8cd617dd016679c057e23355fe732b2333
- SHA512
  
  9ffa66181bce5aa5210da0fe5edc6c80aa9e46e2bd1fafd840f468965f4d06bc03f9a77e04b975ffc9f25c886c274196e3fedae6cfb57f366ef39f1e31e1ada7
- SSDEEP
  
  768:97F3QRyGmiZZ1FCeu2rcFKpnq0jdhK7W+qdxi:hJQRtmaF7YMX/q
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  JJSploit.dll
- Size
  
  1.2MB
- MD5
  
  6ee5f6f36c4cfc783050d6bea5c02c9c
- SHA1
  
  71a86686e19275f9efcf12b6995a7b9c8f64decd
- SHA256
  
  a13050ca0bb7936a305789338ec86d141cf74a0482fc0b2d29bc2d2e6a4d7bdc
- SHA512
  
  e686ebd6390003e0d4e8e84b561713b4e05faa4309d375aeeb18452cff85cf0de89e70202b2c4b91425cfccd6f5585a0d0bcc6c0f2e9a05c24f71bb06a09a9f3
- SSDEEP
  
  24576:x4uQZbSvsThU18DAuJtE5HRtI9hrj4EH:rQlSvs1U18rE5HgX
Score

1^/10
behavioral13 behavioral14
- Target
  
  JJSploit.exe
- Size
  
  10.4MB
- MD5
  
  bcbe97957824bc7ff26b65a98d930677
- SHA1
  
  2ccee678ff718dd61ba6e4afe7f95527fc6b9dd0
- SHA256
  
  277183d7af817b1a3e276031823a93206868c9a5994705d49124a5d2929c1e87
- SHA512
  
  d064d024f0eec0265b8b4627c6d859a694b6a99710562fd0542f4f104bb4225f5f0105a029c00f44c2e43a3febb62e3cbbd8247b6b86ee7ca3c599b4fc5a5112
- SSDEEP
  
  98304:Fpsvxbz3sysFBdHiy79mGs0ITIECwa99bUHpOVJdVZ7SrD+ahQkd:0vJ/sT9GY9bU4Vj72C
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  libcrypto-3-x64.dll
- Size
  
  4.5MB
- MD5
  
  a9c1f7ca15c65c139bc9d4bf57df2e1e
- SHA1
  
  1b1377139a6b289d43a6b1161cd1089ffc817cf9
- SHA256
  
  03ec9292dcdfda520638490e11baeefff5ab1b6eb22feb90a22fc771272ce116
- SHA512
  
  97f8745dba6330c196de9b822638bfe7f74a86bdcb6726f4bd1d3d917de54f9abcb05163c42255173eac3bde995f0d611af718dbcc0de432b67666bed0c0b073
- SSDEEP
  
  98304:Ml+f+K26t8Te5zUeP4xA1CPwDvt3uFGCCQ:4Ctt8Te5zUewxA1CPwDvt3uFGCC
Score

1^/10
behavioral17 behavioral18
- Target
  
  libssl-3-x64.dll
- Size
  
  802KB
- MD5
  
  51b0d5f42a82f6fa8739b403e9b8b81c
- SHA1
  
  75968c157628bb7aca9b5f2331f7a0c9a1d28865
- SHA256
  
  0bda7daeb4040c722b8c287dfd2307c9b8228576db1dbbbaac901c35cc8dc62b
- SHA512
  
  94fba90ad7bcf190079089dcc3af97c598c016eb359fe4d2ea439b5fbcd4a5489ab4422652223926aae64002beef1368d5b95874f68a2e5bc4971b4f9604d814
- SSDEEP
  
  12288:Mzjte0Fevo3VS1npHEDHLqjRmqWSTzt7opiTdEVB3S:M9e5o3VVZVSPtopwdEVB3S
Score

1^/10
behavioral19 behavioral20
- Target
  
  resources/luascripts/general/aimbot.lua
- Size
  
  80KB
- MD5
  
  54bcd5aeabefcf23be6cd1c2a96ceea7
- SHA1
  
  82e5906ed450085146a56df499c9239a66f9bfce
- SHA256
  
  c7e9f86ae5fe8787b3e690e13b463b00fe5d56aff2c1ed029c64183aec48db34
- SHA512
  
  ca52d63420acd2aa9b704554f79dbe039266a3a0ba1165e9d16d8259665c82d8c91ee97b6a0bcdff524677bedb86a7d91012363a60188807dcc02faa4a8d6372
- SSDEEP
  
  1536:vKnVOB5LmvK0d9DQ2JjYhOFW3ajLCSCtWT0y:voO92HFW+LCSM6
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  resources/luascripts/general/noclip.lua
- Size
  
  1KB
- MD5
  
  d6a6ee15ae62c9922ebfa6db81263288
- SHA1
  
  0e3526210d72a9a4da4591095ad797933a02b7a3
- SHA256
  
  9f4efc279d94977f92bd52165dfda141a43aff9149e044ed44742f7ef39cfe4f
- SHA512
  
  c1faea983c3b6bd7372195a65184c2a93d9703dff06aebbe62d05c731866cb325f85afa915334e5f49f1bdf38fe91e3df86c7eb0913a215b6b1764fb3d2b17bf
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  uninstall.exe
- Size
  
  74KB
- MD5
  
  2a1378d591f9835141df97955e87eece
- SHA1
  
  7d310b5aa3a0f505752a70d9e194a9f0fc9627f8
- SHA256
  
  be673d61bddf3ea627e583646b8ac9db11baca821a921e35955eaf6f9d1e8e53
- SHA512
  
  0f82d8c2c96b5b1ec0f65099bc7f880b30d2adc27955a29bb563ae6e117473a108440da8f43a6351523154d27fc42fc6a8f402bfcebfa94674153bde6dea6ff2
- SSDEEP
  
  1536:XmsAYBdTU9fEAIS2PEtuugdLeAyNxSwp8ghaOOqG+HX:WfY/TU9fE9PEtuuceArwp8tpGX
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  68b287f4067ba013e34a1339afdb1ea8
- SHA1
  
  45ad585b3cc8e5a6af7b68f5d8269c97992130b3
- SHA256
  
  18e8b40ba22c7a1687bd16e8d585380bc2773fff5002d7d67e9485fcc0c51026
- SHA512
  
  06c38bbb07fb55256f3cdc24e77b3c8f3214f25bfd140b521a39d167113bf307a7e8d24e445d510bc5e4e41d33c9173bb14e3f2a38bc29a0e3d08c1f0dca4bdb
- SSDEEP
  
  48:S46+/nTKYKxbWsptIpBtWZ0iV8jAWiAJCvxft2O2B8mFofjLl:zFuPbOBtWZBV8jAWiAJCdv2Cm0L
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  cff85c549d536f651d4fb8387f1976f2
- SHA1
  
  d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
- SHA256
  
  8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
- SHA512
  
  531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88
- SSDEEP
  
  192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  $PLUGINSDIR/nsis_tauri_utils.dll
- Size
  
  29KB
- MD5
  
  8def0196223484f8aed4106148dd3f08
- SHA1
  
  e0fc0951deb0e5e741df10328f95c7d6678ad3aa
- SHA256
  
  c0f2b928bc4c81cc5ca30a8932a6dc8cd617dd016679c057e23355fe732b2333
- SHA512
  
  9ffa66181bce5aa5210da0fe5edc6c80aa9e46e2bd1fafd840f468965f4d06bc03f9a77e04b975ffc9f25c886c274196e3fedae6cfb57f366ef39f1e31e1ada7
- SSDEEP
  
  768:97F3QRyGmiZZ1FCeu2rcFKpnq0jdhK7W+qdxi:hJQRtmaF7YMX/q
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32