Overview

overview

10

Static

static

10

stealer/jr...-0.dll

windows11-21h2-x64

1

stealer/jr...-0.dll

windows11-21h2-x64

1

stealer/jr...-0.dll

windows11-21h2-x64

1

stealer/jr...-0.dll

windows11-21h2-x64

1

stealer/jr...-0.dll

windows11-21h2-x64

1

stealer/jr...-0.dll

windows11-21h2-x64

1

stealer/jr...-0.dll

windows11-21h2-x64

1

stealer/jr...-0.dll

windows11-21h2-x64

1

stealer/jr...-0.dll

windows11-21h2-x64

1

stealer/jr...-0.dll

windows11-21h2-x64

1

stealer/jr...-0.dll

windows11-21h2-x64

1

stealer/jr...-0.dll

windows11-21h2-x64

1

stealer/jr...-0.dll

windows11-21h2-x64

1

stealer/jr...-0.dll

windows11-21h2-x64

1

stealer/jr...wt.dll

windows11-21h2-x64

1

stealer/jr...ci.dll

windows11-21h2-x64

1

stealer/jr...pr.dll

windows11-21h2-x64

1

stealer/jr...se.dll

windows11-21h2-x64

1

stealer/jr...oy.dll

windows11-21h2-x64

1

stealer/jr...em.dll

windows11-21h2-x64

1

stealer/jr...et.dll

windows11-21h2-x64

1

stealer/jr...a1.dll

windows11-21h2-x64

5

stealer/jr...a1.dll

windows11-21h2-x64

1

stealer/jr...la.dll

windows11-21h2-x64

1

stealer/jr...er.dll

windows11-21h2-x64

1

stealer/jr...ns.dll

windows11-21h2-x64

1

stealer/jr...ss.dll

windows11-21h2-x64

1

stealer/jr...te.dll

windows11-21h2-x64

1

stealer/jr...te.dll

windows11-21h2-x64

1

stealer/jr...of.dll

windows11-21h2-x64

1

stealer/jr...nt.dll

windows11-21h2-x64

1

stealer/jr...ss.dll

windows11-21h2-x64

1

Resubmissions

20-09-2024 04:14

240920-etxbdaydlk 10

20-09-2024 04:08

240920-eqd1maxgld 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    stealer.zip

  • Size

    79.2MB

  • Sample

    240920-eqd1maxgld

  • MD5

    ddfe5476065a6da0f3d3821d208db197

  • SHA1

    17712c07a1b3ba88e1ac0d08d44178831a14cc4a

  • SHA256

    f86ce218315cc11d333b8e13a9c63a04a99dc398c87e776cb0f365c96521d263

  • SHA512

    386a92344c68e049d2d7e5f43e56751a33d43448331240ff6553aef6d74d528fd54cffea5002d6bc1b516b3b4a76eb0a6e1f23805968341b9bd7fc2be1bde44c

  • SSDEEP

    1572864:nnu0SOpz132CjTrqHIOy/e5pxh1hXMg6Yfn2D2ixfQBLhxSNNAKbZvTJw58:u0Tpzh2PoN/eL1dM6ve8oF1vTJw58

Score
10/10
umbralpersistenceprivilege_escalation

Malware Config

Extracted

Family

umbral

C2

https://discord.com/api/webhooks/1255446681881935924/gRYfgvy5PUJSvSEKVIBTwClcrDYNNTYWbdq4ABW28G1MgE8sEIvS9WFO0VdZkLKmw4gc

Targets

    • Target

      stealer/jre/bin/api-ms-win-crt-convert-l1-1-0.dll

    • Size

      15KB

    • MD5

      4ec4790281017e616af632da1dc624e1

    • SHA1

      342b15c5d3e34ab4ac0b9904b95d0d5b074447b7

    • SHA256

      5cf5bbb861608131b5f560cbf34a3292c80886b7c75357acc779e0bf98e16639

    • SHA512

      80c4e20d37eff29c7577b2d0ed67539a9c2c228edb48ab05d72648a6ed38f5ff537715c130342beb0e3ef16eb11179b9b484303354a026bda3a86d5414d24e69

    • SSDEEP

      192:yjQ/w8u4cyNWthWYWf9BvVVWQ4mWhu1BVT/gqnajKsrC74m:8yNWthW9Np1IlGsrCEm

    Score
    1/10
    behavioral1

    • Target

      stealer/jre/bin/api-ms-win-crt-environment-l1-1-0.dll

    • Size

      11KB

    • MD5

      7a859e91fdcf78a584ac93aa85371bc9

    • SHA1

      1fa9d9cad7cc26808e697373c1f5f32aaf59d6b7

    • SHA256

      b7ee468f5b6c650dada7db3ad9e115a0e97135b3df095c3220dfd22ba277b607

    • SHA512

      a368f21eca765afca86e03d59cf953500770f4a5bff8b86b2ac53f1b5174c627e061ce9a1f781dc56506774e0d0b09725e9698d4dc2d3a59e93da7ef3d900887

    • SSDEEP

      192:vWOPWthWAWf9BvVVWQ4mWWbgftmP+CjAWqnajKsNURPblh:BWthWFN+f8P+CcWlGsNURzv

    Score
    1/10
    behavioral2

    • Target

      stealer/jre/bin/api-ms-win-crt-filesystem-l1-1-0.dll

    • Size

      13KB

    • MD5

      972544ade7e32bfdeb28b39bc734cdee

    • SHA1

      87816f4afabbdec0ec2cfeb417748398505c5aa9

    • SHA256

      7102f8d9d0f3f689129d7fe071b234077fba4dd3687071d1e2aeaa137b123f86

    • SHA512

      5e1131b405e0c7a255b1c51073aff99e2d5c0d28fd3e55cabc04d463758a575a954008ea1ba5b4e2b345b49af448b93ad21dfc4a01573b3cb6e7256d9ecceef1

    • SSDEEP

      192:WxSnWlC0i5ClWthWTWf9BvVVWQ4mW+hkKVT/gqnajKsrCw/:WxSnWm5ClWthW+NkK1IlGsrCY

    Score
    1/10
    behavioral3

    • Target

      stealer/jre/bin/api-ms-win-crt-heap-l1-1-0.dll

    • Size

      12KB

    • MD5

      8906279245f7385b189a6b0b67df2d7c

    • SHA1

      fcf03d9043a2daafe8e28dee0b130513677227e4

    • SHA256

      f5183b8d7462c01031992267fe85680ab9c5b279bedc0b25ab219f7c2184766f

    • SHA512

      67cac89ae58cc715976107f3bdf279b1e78945afd07e6f657e076d78e92ee1a98e3e7b8feae295af5ce35e00c804f3f53a890895badb1eed32377d85c21672b9

    • SSDEEP

      192:YFY17aFBRQWthWIWf9BvVVWQ4mWHhOP+CjAWqnajKsNngJ:YQtWthWNNdP+CcWlGsNI

    Score
    1/10
    behavioral4

    • Target

      stealer/jre/bin/api-ms-win-crt-locale-l1-1-0.dll

    • Size

      11KB

    • MD5

      dd8176e132eedea3322443046ac35ca2

    • SHA1

      d13587c7cc52b2c6fbcaa548c8ed2c771a260769

    • SHA256

      2eb96422375f1a7b687115b132a4005d2e7d3d5dc091fb0eb22a6471e712848e

    • SHA512

      77cb8c44c8cc8dd29997fba4424407579ac91176482db3cf7bc37e1f9f6aa4c4f5ba14862d2f3a9c05d1fdd7ca5a043b5f566bd0e9a9e1ed837da9c11803b253

    • SSDEEP

      192:m8qWthWLWf9BvVVWQ4WWLXlyBZr+YVqnajKsS1:mlWthWWN0uZfVlGsS1

    Score
    1/10
    behavioral5

    • Target

      stealer/jre/bin/api-ms-win-crt-math-l1-1-0.dll

    • Size

      20KB

    • MD5

      a6a3d6d11d623e16866f38185853facd

    • SHA1

      fbeadd1e9016908ecce5753de1d435d6fcf3d0b5

    • SHA256

      a768339f0b03674735404248a039ec8591fcba6ff61a3c6812414537badd23b0

    • SHA512

      abbf32ceb35e5ec6c1562f9f3b2652b96b7dbd97bfc08d918f987c0ec0503e8390dd697476b2a2389f0172cd8cf16029fd2ec5f32a9ba3688bf2ebeefb081b2c

    • SSDEEP

      384:rQM4Oe59Ckb1hgmLRWthW0N0JBJ1IlGsrC5W:sMq59Bb1jYNABHJc

    Score
    1/10
    behavioral6

    • Target

      stealer/jre/bin/api-ms-win-crt-multibyte-l1-1-0.dll

    • Size

      19KB

    • MD5

      b5c8af5badcdefd8812af4f63364fe2b

    • SHA1

      750678935010a83e2d83769445f0d249e4568a8d

    • SHA256

      7101b3dff525ea47b7a40dd96544c944ae400447df7a6acd07363b6d7968b889

    • SHA512

      a2a8d08d658f5ed368f9fb556bfb13b897f31e9540bfdfff6567826614d6c5f0d64bd08fec66c63e74d852ab6b083294e187507e83f2bc284dfb7ca5c86ae047

    • SSDEEP

      384:8A/kPLPmIHJI6/CpG3t2G3t4odXLRWthW/N5GlGswz3:3/kjPmIHJI6manp3

    Score
    1/10
    behavioral7

    • Target

      stealer/jre/bin/api-ms-win-crt-private-l1-1-0.dll

    • Size

      62KB

    • MD5

      d76e7aaecb3d1ca9948c31bdae52eb9d

    • SHA1

      142a2bb0084faa2a25d0028846921545f09d9ae9

    • SHA256

      785c49fd9f99c6eb636d78887aa186233e9304921dd835dee8f72e2609ff65c4

    • SHA512

      52da403286659cf201c72fa0ab3c506ade86c7e2fef679f35876a5cec4aee97afbc5bb13a259c51efb8706f6ae7f5a6a3800176b89f424b6a4e9f3d5b8289620

    • SSDEEP

      1536:2PMeDe5c4bFe2JyhcvxXWpD7d3334BkZn+Ppzh:2DDe5c4bFe2JyhcvxXWpD7d3334BkZnU

    Score
    1/10
    behavioral8

    • Target

      stealer/jre/bin/api-ms-win-crt-process-l1-1-0.dll

    • Size

      12KB

    • MD5

      074b81a625fb68159431bb556d28fab5

    • SHA1

      20f8ead66d548cfa861bc366bb1250ced165be24

    • SHA256

      3af38920e767bd9ebc08f88eaf2d08c748a267c7ec60eab41c49b3f282a4cf65

    • SHA512

      36388c3effa0d94cf626decaa1da427801cc5607a2106abdadf92252c6f6fd2ce5bf0802f5d0a4245a1ffdb4481464c99d60510cf95e83ebaf17bd3d6acbc3dc

    • SSDEEP

      192:uFdyqjd7NWthWxWf9BvVVWQ4mW+JZD7DiqnajKswzR1:YQsWthWkNfZGlGswzR1

    Score
    1/10
    behavioral9

    • Target

      stealer/jre/bin/api-ms-win-crt-runtime-l1-1-0.dll

    • Size

      15KB

    • MD5

      f1a23c251fcbb7041496352ec9bcffbe

    • SHA1

      be4a00642ec82465bc7b3d0cc07d4e8df72094e8

    • SHA256

      d899c2f061952b3b97ab9cdbca2450290b0f005909ddd243ed0f4c511d32c198

    • SHA512

      31f8c5cd3b6e153073e2e2edf0ca8072d0f787784f1611a57219349c1d57d6798a3adbd6942b0f16cef781634dd8691a5ec0b506df21b24cb70aee5523a03fd9

    • SSDEEP

      192:eUW9MPrpJhhf4AN5/KihWthWBWf9BvVVWQ4mWRXwsD7DiqnajKswzK:eUZr7HWthWUNkGlGswzK

    Score
    1/10
    behavioral10

    • Target

      stealer/jre/bin/api-ms-win-crt-stdio-l1-1-0.dll

    • Size

      17KB

    • MD5

      55b2eb7f17f82b2096e94bca9d2db901

    • SHA1

      44d85f1b1134ee7a609165e9c142188c0f0b17e0

    • SHA256

      f9d3f380023a4c45e74170fe69b32bca506ee1e1fbe670d965d5b50c616da0cb

    • SHA512

      0cf0770f5965a83f546253decfa967d8f85c340b5f6ea220d3caa14245f3cdb37c53bf8d3da6c35297b22a3fa88e7621202634f6b3649d7d9c166a221d3456a5

    • SSDEEP

      192:hA2uWYFxEpahDWthWDWf9BvVVWQ4mWR3ir+YVqnajKsSO:hIFVhDWthWONlfVlGsSO

    Score
    1/10
    behavioral11

    • Target

      stealer/jre/bin/api-ms-win-crt-string-l1-1-0.dll

    • Size

      17KB

    • MD5

      9b79965f06fd756a5efde11e8d373108

    • SHA1

      3b9de8bf6b912f19f7742ad34a875cbe2b5ffa50

    • SHA256

      1a916c0db285deb02c0b9df4d08dad5ea95700a6a812ea067bd637a91101a9f6

    • SHA512

      7d4155c00d65c3554e90575178a80d20dc7c80d543c4b5c4c3f508f0811482515638fe513e291b82f958b4d7a63c9876be4e368557b07ff062961197ed4286fb

    • SSDEEP

      384:jvEvevdv8vPozmVx0C5yguNvZ5VQgx3SbwA7yMVIkFGlPWthWXNjqujGlGswz7:2ozmT5yguNvZ5VQgx3SbwA71IkFFaJft

    Score
    1/10
    behavioral12

    • Target

      stealer/jre/bin/api-ms-win-crt-time-l1-1-0.dll

    • Size

      13KB

    • MD5

      1d48a3189a55b632798f0e859628b0fb

    • SHA1

      61569a8e4f37adc353986d83efc90dc043cdc673

    • SHA256

      b56bc94e8539603dd2f0fea2f25efd17966315067442507db4bffafcbc2955b0

    • SHA512

      47f329102b703bfbb1ebaeb5203d1c8404a0c912019193c93d150a95bb0c5ba8dc101ac56d3283285f9f91239fc64a66a5357afe428a919b0be7194bada1f64f

    • SSDEEP

      192:ENDCWthWHWf9BvVVWQ4mWG5xqcVT/gqnajKsrC/V:TWthW6N/xqc1IlGsrC/V

    Score
    1/10
    behavioral13

    • Target

      stealer/jre/bin/api-ms-win-crt-utility-l1-1-0.dll

    • Size

      11KB

    • MD5

      dbc27d384679916ba76316fb5e972ea6

    • SHA1

      fb9f021f2220c852f6ff4ea94e8577368f0616a4

    • SHA256

      dd14133adf5c534539298422f6c4b52739f80aca8c5a85ca8c966dea9964ceb1

    • SHA512

      cc0d8c56749ccb9d007b6d3f5c4a8f1d4e368bb81446ebcd7cc7b40399bbd56d0acaba588ca172ecb7472a8cbddbd4c366ffa38094a832f6d7e343b813ba565e

    • SSDEEP

      192:ZjfHQdufWthWCWf9BvVVWQ4mWMlUteSP+CjAWqnajKsN0c:ZfZWthW/Nd4P+CcWlGsN0c

    Score
    1/10
    behavioral14

    • Target

      stealer/jre/bin/awt.dll

    • Size

      1.3MB

    • MD5

      39a3de251306cbca47cf2fb10089ae9f

    • SHA1

      cc3f3d1bc3ad172c9646961b18fe1d7bf98b59a5

    • SHA256

      6d1c82cad959b7e4636d8fced4368f0f2c8da4ef609667396e8772ad8d63f736

    • SHA512

      351a02453659d04a2943abc1da2b9541f97982ed3f94d288679dfd8d962bfb4b0dcdef9b06d329bdad64e032b0372733ff7d1577c49952accf86b971aed86f7e

    • SSDEEP

      24576:or19iF8DpwAZGFCFcbtv5nHSaELVPwtDi6MDO6aBN1VWgerlE6:6XiF8tpGFJHwVoY6MDO6aBN1cLf

    Score
    1/10
    behavioral15

    • Target

      stealer/jre/bin/bci.dll

    • Size

      24KB

    • MD5

      a006952024c28abe7ec347e83de47430

    • SHA1

      5bae86cdf7cc277f5ca151539b063d031d377815

    • SHA256

      7da0abac575380695f6fc4ac9847c62ee8fc0c3b63d590b4ce3b408234a2f8a3

    • SHA512

      db4df82261a323b6c9947a6c2341e5926220cbf74d3477bf951e4635281cd84ee05c389543a4d2bb6381180836da58652871220eb7248c0728d6a6d2a20ede4d

    • SSDEEP

      384:QFX0YXgZqr5stZOG2TNM/ZfjIYi1or2RPxh8E9VF0Nys4t:ukYXss5ITsNiZfMYiKOPxWEma

    Score
    1/10
    behavioral16

    • Target

      stealer/jre/bin/dcpr.dll

    • Size

      162KB

    • MD5

      ed5c8d6861339522e415c81927881beb

    • SHA1

      b37eb2c684641d6930ce57f9383f9f85b230a2d7

    • SHA256

      c7bd77f6d275af7220554578f92c897aef1cb2430a69a5277c33f3eb8be8c60d

    • SHA512

      24b48ec6b1b6773f7f5e852718d97c9e57794509790d2de786a028f1a665efea0855fa1a6cddfb22c1c8c1b08c3d4422383ea976182104236b0916e6fe07785e

    • SSDEEP

      3072:uXBbLdDu6+ACPg66h5vLpcDmojGylYCE2Iu2jGLF5A9bE8LUegTH/oxSn:YxkklK3GgYCE2L1F5A9bEGUeU

    Score
    1/10
    behavioral17

    • Target

      stealer/jre/bin/decora_sse.dll

    • Size

      88KB

    • MD5

      c3cd959583f19c9a0695da619c4a2aea

    • SHA1

      e6ef5cf29d30f4a4f05dae1db018052473adf184

    • SHA256

      a66a3a6a3dd895947b55a8e57c142386b67f78e09bcb9e2de41ab48bc91447a3

    • SHA512

      392aa890310b372314e318eea5413a069bd29e02857e82ac3ccde09aadabeaa26d2fb4704bcd3f8f3d2597f0c0bb1fa58884c46e970affa326fbf6d3aee7fbc2

    • SSDEEP

      1536:2mPkTHoDu6TooFxWhNhPTOZVqH1Vs7BPxj:2mPkLdH2VqHPspxj

    Score
    1/10
    behavioral18

    • Target

      stealer/jre/bin/deploy.dll

    • Size

      575KB

    • MD5

      721ff15668138e68056de8562f79fd5b

    • SHA1

      a9e109ec4ecfad1b2d0cc222e715633a588c0a89

    • SHA256

      4cd0833982648e6898951344beb6f93dadb30c962e8282bb12b4357663a26d77

    • SHA512

      4f6d5d1c7b40d693f49185aae375bb6c9a4d8deeee647cc25a38c3632dfdaf058cd1c76490ce3d84d6539164ec07abb1e799ffe78d3566f943bf134b4128d27e

    • SSDEEP

      6144:S4ZglQK7vma8fHTvs7wAFGoJYwzkkhJ4S8741+KxvxIW12:VZglJx8fcwAFGoJYwxb4Sxvq+2

    Score
    1/10
    behavioral19

    • Target

      stealer/jre/bin/dt_shmem.dll

    • Size

      35KB

    • MD5

      c7b3c59250600043b8501098bdb38e84

    • SHA1

      22fb6d94523b15e048be32242b082a7b6d95b490

    • SHA256

      78973eb2698269ea6e52341ff1adedd6ff279e02aff5a03c67ffe96f88c5895e

    • SHA512

      e959397cd87440e15bcf3d8a9fbac5f75391d79eace7ac41fd21f97793f6339dfdd9e246595ead1e4e13f601595e348886c13640437a096b864b777365a46015

    • SSDEEP

      768:tUT9tCbTuGk7zIiWzKYvh2ZJWYii6PxWEQ0KB:tM9t+kWDh2ZI7i6PxwB

    Score
    1/10
    behavioral20

    • Target

      stealer/jre/bin/dt_socket.dll

    • Size

      31KB

    • MD5

      37e3c00ea8d2622d358f51c7f7310c6d

    • SHA1

      0993f971a839f28ced2242bade7423cb58d24025

    • SHA256

      9b47b38fd8770e57e93bf4eafad30061f4fe5a6142a0ce78e159744866b03c8c

    • SHA512

      ee06ad2898be1d6b8c764b9011e36b2bc24c599efd26da8d6b2ea4d81d43d02f3ebe1ef7698a36760b042c9c407280d327f2fe711cd9279a3d4e7d70293ab390

    • SSDEEP

      384:5eWTpTKk19h9+S8sD+R2hgp4GbIYi1ottPxh8E9VF0NylzRVb:cW1pssa4o4GkYiYPxWEn7

    Score
    1/10
    behavioral21

    • Target

      stealer/jre/bin/dtplugin/deployJava1.dll

    • Size

      1.2MB

    • MD5

      2c937101b876764ae379209d72120540

    • SHA1

      30ac1d97712cf9a56dc36176cee4ef398b6c395b

    • SHA256

      f258516d40b4ddce6fbb3da6791e71006aeca690b90e316e846d0336369cd1bb

    • SHA512

      966dde43cbaf7b905bbe24769b8d092ade97808028ad0fa346d10e02750bf893f57399d2ab3f2858d188555f36a66e1ff06fbdf88ca5a8de5fff8c59da6b5de1

    • SSDEEP

      12288:XXMEOOR48OLE3cvNvsV1wiAZSsrXxg0OSDDiU6ZJnL0oxQgSN2vChbOso6C6QJ1n:Xcg+8Qg2N0HwiAZhrq0OkDiU6ZJo2

    Score
    5/10
    persistenceprivilege_escalation

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

      persistenceprivilege_escalation
    behavioral22

    • Target

      stealer/jre/bin/dtplugin/npdeployJava1.dll

    • Size

      1.8MB

    • MD5

      f27b2a8e80c47eb4a74c71217a6044e0

    • SHA1

      8a6f8a2dbc9d8ef30f63645d75a22812b661b6b5

    • SHA256

      686466bfd1a44f76a5d7a8a9b2a25152d6295df9bd914a699acdbc02265dc08d

    • SHA512

      c327c3a18c8720b608635bd474ce71308858a4f593b0cbdbda5b51ee4b6dcc3bb40450d8e0285244815df69105c8e26b6ce6a8bf6e8d570b60e55c2a3165665b

    • SSDEEP

      24576:ONbsaoT3raP00pEUZTx/2KfL1yBK5QG7b2Z8eYxyaK:OalralqwdNfLQBuu2WT

    Score
    1/10
    behavioral23

    • Target

      stealer/jre/bin/eula.dll

    • Size

      160KB

    • MD5

      7ceafbd16d547f503e8a3fcfd57f620b

    • SHA1

      580abc2a23e599be26f4e289e860834da11595ef

    • SHA256

      04c50b97ed42fab91d7633a6a5e387f20a95996a1b0a3f2c454c8974f2dacde7

    • SHA512

      1839d48608cddfa7dc1ad219064af05dd90fc644a02b61470ef90195042101f9c423e6d2b4bd8a47fa7e6c38dfa9a64d4775ca03aa3d5e10a34f2c09b2cbee8e

    • SSDEEP

      1536:gw8hoSNkoerLb/GJgCv6HTqNrrsSh89tsSh8hsSh8yi9CMWVC/ayKOBLvN7QPx3:Woj/rigo6HTqNY96OyQCMWVea5OBR0x3

    Score
    1/10
    behavioral24

    • Target

      stealer/jre/bin/fontmanager.dll

    • Size

      300KB

    • MD5

      80f541f9da85e791626275a140d7f2d7

    • SHA1

      66eb0fb72d458a3c1eec721245b645fc43854ce8

    • SHA256

      889f837c011beea74573837a9c0316f375512b08a863bf1ee08032b72dae2bff

    • SHA512

      bc212eff3fe6f04b21f1e28d042bc5b192e4016578b9f7714bd996eeb5fee33b743248fbe5ef03ae5abfbbf10b263af77e7dc463e71d2847113233efebb43f10

    • SSDEEP

      6144:aegAcvjh+en79Eni6NTfgU+5FzHQUgi452LFGMReiDB+zjRnaaJ:3gAcV+eBEnisff+5FzHQUgiC2RGSoBaG

    Score
    1/10
    behavioral25

    • Target

      stealer/jre/bin/fxplugins.dll

    • Size

      185KB

    • MD5

      71da7f8faae64107c9bafd3cf02920ff

    • SHA1

      25c5d6bd960bff691dffad1d57d5523f6bd205af

    • SHA256

      9dfc493a5752b8ed098ec22707154f172e7352d228fc6b9845c8f8856a0ea737

    • SHA512

      3218e6aa13ff1ab01dd3d6b535327020372c9c87d9acdbe416c95f5323da3a604de981c90cde2b045bfedd09e6a3448d4f463eedb5091657e84d4b352863baea

    • SSDEEP

      3072:A7hvGErBLuriymoHlvZdgTcBweX2Ls+8Gw7w+MmCVCUGN5xxN:olG4urkg/l+8j7GVCn

    Score
    1/10
    behavioral26

    • Target

      stealer/jre/bin/glass.dll

    • Size

      260KB

    • MD5

      3f657ee2c3c717bea1f853568d1f0341

    • SHA1

      358e9dc8bfa09d23794b0a970283e70ac425bc34

    • SHA256

      5756fa17fca6530f0a623116687751d64151092cadbe9aa4519c8f2524201adc

    • SHA512

      7ec666709638479d716c48f086117725caf4819b431fac18894df7f814acc773de7679879c05a617a36d26a9667a322c26be2e380c70859c515cae862c420d22

    • SSDEEP

      3072:oa61YaJFkhTWz0DkbdGkYJ1m+3h5fUF5o10FDFDDHYs9pbH8Oxy:FpWzBdGk0E+3htSQQF/HY8pU

    Score
    1/10
    behavioral27

    • Target

      stealer/jre/bin/glib-lite.dll

    • Size

      624KB

    • MD5

      18434e78358970e713e267b5c756ceff

    • SHA1

      731f478f1476dad0d5d1edc5fd96719f02a23384

    • SHA256

      a372f9ce1344ea6f087444dcf3102d126d80b96be1986621eb3ed3bbd8c6fb39

    • SHA512

      e177b70a0bf222e39025262f316bc37f78a5a5957babdf02689b15f50c648fc378b9616227dad3513199177638503df836c2676ead38b13d4cf7e4d66ad39f71

    • SSDEEP

      12288:LXxX8+w2Yxz/tcgcjsxf+vEqXgfQVOed5IpvTbfl+eJcUGR:Txs+9+cLjsxf+vEU4ed5Ipfd+eKLR

    Score
    1/10
    behavioral28

    • Target

      stealer/jre/bin/gstreamer-lite.dll

    • Size

      942KB

    • MD5

      a83fcb77209b511122dbf49e53b8d852

    • SHA1

      90b1256771aa606338176ecd31be87b198ce5efb

    • SHA256

      0c7e00ba9b4255246890b8f0808a5936f3df75966cdd26546cda728bcc3f70fb

    • SHA512

      af6263fbc9bf90df5f7ade4fc552f632fcc9cc76151f1555a42d42c3e42928abc87fd3e8fe86974c10524e44521d6c7bb8ef79cee2f3b56afd63962007de4893

    • SSDEEP

      24576:2ytcyp0UqwyyXKfMZ0mNZe9PQgPwRlc+RwwCKe:Tc6qxyafjmNZe9PQg4R2+Rwz

    Score
    1/10
    behavioral29

    • Target

      stealer/jre/bin/hprof.dll

    • Size

      162KB

    • MD5

      ce0c71446e659fc9f91a46c713e89c7c

    • SHA1

      a49290ffbc59813293abe6688d5c94bc2dfc974a

    • SHA256

      639863e8eb012ff726d16b9eb0b6998949015f4a5b5e83f5a13a1ecdbf25cef5

    • SHA512

      d5c0e4a07b67c358edd0f519a52724d8327cd7cd0f58e5893fc8f630bd389efed354535c7c824345c357b3f4c6374cb90ebe6628ac80275486985dce2653f4a6

    • SSDEEP

      3072:aOfEJtZsgbJnC6EcsbEimyTzOtcWTsUy3ZUtB7CjSNJXt4SkuWxl:aOKs85ERHmyTzOtcWTsooqXtm

    Score
    1/10
    behavioral30

    • Target

      stealer/jre/bin/instrument.dll

    • Size

      194KB

    • MD5

      dc6c8deb29e12554905b44031a654da4

    • SHA1

      75bebb4208c1da3f97d7e9401ca762d7c8c74e9a

    • SHA256

      5f5a82550b5ef3ae7d245053b3e893d0d402ac26d502dbc17f97a10ed75dd2b1

    • SHA512

      a7d6e0bb619a8570d7799c5f536ca24bc57f594a4412ca588b0fbb8d2e1f3e77e34df95ed561c08ffc33546741bb72fb1f8c10377dab551e361ca8ec738603fa

    • SSDEEP

      3072:mECfZiNtnvDrZaIWybWY+PxxvJphuXlyOYar/F49bHlkxy:mECfM/3ZyybWY+JxvJlOYT

    Score
    1/10
    behavioral31

    • Target

      stealer/jre/bin/j2gss.dll

    • Size

      49KB

    • MD5

      8925f5e9f2076a89614fc57d6bd182ab

    • SHA1

      1e6e543998f30c40c0c76b6072fa2ceedbef533a

    • SHA256

      bd4d266836aba32853bdb4383cbb41c64e28401b1e73161e709f339f8f3fc1ec

    • SHA512

      5d115d5e56feb1964bd82abda62b464e8e14da1e8ede60237c24219b3b6f5cbf3bcee63b340b0853e96c84cc6344b42f55352958d4506a58ddf33c855e5b3741

    • SSDEEP

      1536:qBV3bm2svyCK3CEgCG+YDU1M5aQx7CPxl:mqzaQxyxl

    Score
    1/10
    behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

umbral
Score
10/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

persistenceprivilege_escalation
Score
5/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10