664555cf762648ba681ec342b9007d3d08a9c4e01754df5d350b81f6fb047585 | Triage

Sharing

General

Target

FF-Logs-Uploader-Setup-5.5.1.exe
Size

106.3MB
Sample

240928-my8h7svapf
MD5

2da5f5d0bf7830e9e928b951f0a92130
SHA1

6e04568945bc05df5931ec3ef6507cde104092fc
SHA256

664555cf762648ba681ec342b9007d3d08a9c4e01754df5d350b81f6fb047585
SHA512

67a4f632cd88d7c287fba3aef77ecf19080c5bc31071fee92a8a846ccb85173af7740b4cf919f2aafa283836cf7f4b9726e14d4fbf5fba434eb5cde9d025c269
SSDEEP

3145728:MbzwgoZAfllWbzxYQbHQx7YzwgDumNhMf4NB68mR0cA6a:RatlOKbx1mvxm0Ma

Score

5^/10

discovery

Malware Config

Targets

- Target
  
  FF-Logs-Uploader-Setup-5.5.1.exe
- Size
  
  106.3MB
- MD5
  
  2da5f5d0bf7830e9e928b951f0a92130
- SHA1
  
  6e04568945bc05df5931ec3ef6507cde104092fc
- SHA256
  
  664555cf762648ba681ec342b9007d3d08a9c4e01754df5d350b81f6fb047585
- SHA512
  
  67a4f632cd88d7c287fba3aef77ecf19080c5bc31071fee92a8a846ccb85173af7740b4cf919f2aafa283836cf7f4b9726e14d4fbf5fba434eb5cde9d025c269
- SSDEEP
  
  3145728:MbzwgoZAfllWbzxYQbHQx7YzwgDumNhMf4NB68mR0cA6a:RatlOKbx1mvxm0Ma
Score

4^/10

discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/StdUtils.dll
- Size
  
  100KB
- MD5
  
  c6a6e03f77c313b267498515488c5740
- SHA1
  
  3d49fc2784b9450962ed6b82b46e9c3c957d7c15
- SHA256
  
  b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e
- SHA512
  
  9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803
- SSDEEP
  
  3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  0d7ad4f45dc6f5aa87f606d0331c6901
- SHA1
  
  48df0911f0484cbe2a8cdd5362140b63c41ee457
- SHA256
  
  3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca
- SHA512
  
  c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9
- SSDEEP
  
  192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/UAC.dll
- Size
  
  14KB
- MD5
  
  adb29e6b186daa765dc750128649b63d
- SHA1
  
  160cbdc4cb0ac2c142d361df138c537aa7e708c9
- SHA256
  
  2f7f8fc05dc4fd0d5cda501b47e4433357e887bbfed7292c028d99c73b52dc08
- SHA512
  
  b28adcccf0c33660fecd6f95f28f11f793dc9988582187617b4c113fb4e6fdad4cf7694cd8c0300a477e63536456894d119741a940dda09b7df3ff0087a7eada
- SSDEEP
  
  192:DiF6v2imI36Op/tGZGfWxdyWHD0I53vLl7WVl8e04IpDlPjs:DGVY6ClGoWxXH75T1WVl83lLs
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/WinShell.dll
- Size
  
  3KB
- MD5
  
  1cc7c37b7e0c8cd8bf04b6cc283e1e56
- SHA1
  
  0b9519763be6625bd5abce175dcc59c96d100d4c
- SHA256
  
  9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6
- SHA512
  
  7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  FF Logs Uploader.exe
- Size
  
  104.7MB
- MD5
  
  cf525fe3000d4315a3f2e612b30950b6
- SHA1
  
  ed337ff5d78282595c077ded9241236408cbfe43
- SHA256
  
  7678c37efb6461b9b33a31593451d0d4ee3b36702c0777ce382e8891aa4b85b1
- SHA512
  
  161cb70a9159721f27ffde7049f327ff8337393a68564d49863c4d7b7bf5dee42022a1b39bf3847a29a2c72641b42cc131ae90233ef73a34293277f09de0dc8a
- SSDEEP
  
  1572864:UgMS3hWvz1iVquRGZkp2BcshFEe+xQxQ49UD3XMzS/g1Y7cZVLhHzLuu2eSia4Z9:UgM5HOxQxf9UD/o1QhN+wh1n6
Score

5^/10

discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral11 behavioral12
- Target
  
  LICENSES.chromium.html
- Size
  
  4.5MB
- MD5
  
  d4a79b5d46f0931b9eb7125fd40baff0
- SHA1
  
  3a38fb263dde2251b9fe157b5fddec7acb07c53e
- SHA256
  
  03f1d245e6a2facca9edbdaad108169e0765dd9101875bc2d123797994b9e80f
- SHA512
  
  17cf94805f11d499ff12d8e42cb262ceecbeb265f56338e0837d291f6a7ed7f8135a025dbe99fdb2e2bb299f2267bed9365976ea51269aafd4c3220cffef9339
- SSDEEP
  
  24576:thgBBmnLiLArZ62BrcrnKHq/kUkBAwi9QxruE:rYBmLAehN6KK+xV
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  d3dcompiler_47.dll
- Size
  
  3.5MB
- MD5
  
  2f2e363c9a9baa0a9626db374cc4e8a4
- SHA1
  
  17f405e81e5fce4c5a02ca049f7bd48b31674c8f
- SHA256
  
  2630f4188bd2ea5451ca61d83869bf7068a4f0440401c949a9feb9fb476e15df
- SHA512
  
  e668a5d1f5e6f821ebfa0913e201f0dfd8da2f96605701f8db18d14ea4fdeac73aeb9b4fe1f22eaeffcdd1c0f73a6701763727d5b09775666f82b678404e4924
- SSDEEP
  
  49152:sXMoHAsisjBFjJMLhHELxJm8ZU8W/GBj5Z535TMpinAizxkl/cD11bqCG7jHbOkD:srZOb8W/G5hnAizxz7NZy9AG
Score

3^/10

discovery
behavioral15
- Target
  
  ffmpeg.dll
- Size
  
  2.5MB
- MD5
  
  ed6c7c2ea17f06dc0d6b7629c0c06fd8
- SHA1
  
  e52223e12888e5c1247a106fb057d2a54465bcd0
- SHA256
  
  e3b4b2fac30360301ea81030718a5e6fe8e9f9500fc1c83a9a22fe7c3d2ee744
- SHA512
  
  5c60581cf9e6425a401cc5eedde642e8fc810d9222eb8f333adc805e13e0889f061051552231c9931721913053dba66aac79aa890372ebd0457f0a9ee64362de
- SSDEEP
  
  49152:wHX9HL2Iv1LDjOzm8H92kpGaWJlAtksQcUfI:sX9HLjdL/OzboAHWb6kDfI
Score

3^/10

discovery
behavioral16 behavioral17
- Target
  
  libEGL.dll
- Size
  
  358KB
- MD5
  
  28575fb69c6c5ee1927d36432bc5e830
- SHA1
  
  f5e0e0c740716120c6a4c2d50ec21ff57b2677f5
- SHA256
  
  20080fba83e198b014bf67af6c3651dbd731d56afc0eb1eb7017fe308902495a
- SHA512
  
  f4d5c0d8b5c3eacf4231134ee3be649ffe70a7db577a1b3346d703b0a8528f14adbaf6c2162e874d9bd254fc56e4b72fc7180d37738d8ee461690f113c75cf91
- SSDEEP
  
  6144:WesPGoRqGG68Zl1cCmYku/1haDuE4mbd2W8GgtSUIKrcO6+fBgCJNz/WuLF0hWbu:9sPGoVfgEimbMTGgtD6+fBHKuLF0ht
Score

3^/10

discovery
behavioral18 behavioral19
- Target
  
  libGLESv2.dll
- Size
  
  6.3MB
- MD5
  
  12a3aa86ade68097260930b0d52d9a4e
- SHA1
  
  38c46731b37033ac09a81adffa93848780cf88c5
- SHA256
  
  9581c39131fb9dd4ad65cffe2a412a76ac6b2f9ab856f0a63c286fe5da1f36ee
- SHA512
  
  7d3f2fa9c917d7461ca42f187615ff748262dc1fa7d42aebcb389dded5be16b1b274f1623a27c63cad08a481b46c516dd46cba118dbe2c4ded1bf228a65830df
- SSDEEP
  
  98304:lzFR9vt82CHGDL7cbR3qNYfUIQOAgZgrPSKQu2mJYTD8r:fnvw+cblAY8VOkSyJYU
Score

3^/10

discovery
behavioral20 behavioral21
- Target
  
  resources/elevate.exe
- Size
  
  117KB
- MD5
  
  feee36669aa8606db2385ba8cf040596
- SHA1
  
  1ebd53e4803bc2b528592c52454ad5d0d172a3d5
- SHA256
  
  11a9b32e214ac3b6cc4b1ba670e3ade69074e524ae7678377351b9b696e5cef3
- SHA512
  
  708fa3afc183e29e4e257dcd49a255f42723e45dbacea06b331cad712b8e592abf40376b332f01829beadedbce01fe533623fade04a97cb9ebd0b654f7d13230
- SSDEEP
  
  3072:VvbLnrwQoRDtdMMgSXiFJWcIgUVCfRjV/GrWlFBq:tPrwRhte1XsE1lC
Score

3^/10

discovery
behavioral22 behavioral23
- Target
  
  swiftshader/libEGL.dll
- Size
  
  379KB
- MD5
  
  6f0f25695880ca77908816a2d9379116
- SHA1
  
  17062bdb7d519527befe58c7f0e6a39862093de3
- SHA256
  
  59ff2787764a7ee5d2a3ad17e00d955b2decf266783d6a4d0083a02065eb748b
- SHA512
  
  2a67aa6ea15642d4e88057a33709a9c8c2ad55b577a977cc7e986f5cefc3139f3109d96857c06d2226a3857d71a36b84e84281b89804f0a75ccdd42e2897da75
- SSDEEP
  
  6144:fayLoJ01tUL3Q3LjSPu5FUuJiHMPyfV2Wf5gqIhCTQVBGXaZDseVMgfu1aNwqNrP:a01tSInGV26iPCTQVCaLfu1aNwGL
Score

3^/10

discovery
behavioral24 behavioral25
- Target
  
  swiftshader/libGLESv2.dll
- Size
  
  2.7MB
- MD5
  
  fb5bfa509b3342b6bbb873f9d13faf9f
- SHA1
  
  2b6af409a3d22c54bc7ed32315789ee660e3c866
- SHA256
  
  68030c6b64cf435ebe536c89702d3cc44bbd51520a5fd0891509025c031264c7
- SHA512
  
  639ea94529925bcc34d1243c601154cbd0a4b2661e512ecdd670d3fa467a2985c88c9c073ded0023eb380b2ba687f489634fd772dded2cf87130eef5d42ace18
- SSDEEP
  
  49152:IvRd9FO9MwdFA/w1s+Glqa/KxB2CgfFK1GokWFBB4PD6xABXGfSqnVjxSEhnR3qa:IRd/CcMxgUrXr1j12eJ4o
Score

3^/10

discovery
behavioral26 behavioral27
- Target
  
  vk_swiftshader.dll
- Size
  
  3.7MB
- MD5
  
  266c931ba12c2d4028639851b71d7f8e
- SHA1
  
  34fb38df8979f5b02450dfc1d58bcea718865cb0
- SHA256
  
  23c5cb11478899c6ce40a7322e2e8e8176a3730a6d1298fb0e6e54cf64b39227
- SHA512
  
  97a280226247333b79d81fe26ccf16c3d9d7be16fb53ebfd0ff7d97532b0d9e087c793c2492ac9e21eff8efdc0622f7778164b91cf8119d4a06b81b649e42b9d
- SSDEEP
  
  49152:CkCQYIV3ZtjgctGIW0yPC5X/23J2/8JrtVkjY0eGrtiOjhfwqeAztw3GjaWBeRnt:aBrPaOBtB+rtiOjhtMWjaWkRKNdh2
Score

3^/10

discovery
behavioral28 behavioral29
- Target
  
  vulkan-1.dll
- Size
  
  624KB
- MD5
  
  0f937b1b0f3f9760793cfcee0e58607f
- SHA1
  
  1a49c95539708db6788f972bdb434e5ffef12791
- SHA256
  
  f1297709eeed566996694a4b2aae6600242b1eb8d21eabda0fbfe9e5cbc3d5a9
- SHA512
  
  813189c73a4e57422876b74d7d73e943e6d81d2c541e2610706fd381fb4fae191eacb7c5fa6e23d1b8e38c6c443ba2280126d44e8f69d412bf9bdb967d7ca09d
- SSDEEP
  
  12288:9bHuIeVEXjDNOWx4ooMWRE72YcXVgnvVW+2c+xUpmuHrwYuulnYG9:JHuIIcc9RvAdW+D+upAu
Score

3^/10

discovery
behavioral30 behavioral31
- Target
  
  FF Logs Uploader.exe
- Size
  
  120.4MB
- MD5
  
  6a63ffc960eae0110988c2eba05bc53e
- SHA1
  
  bce4ae23d2f293f404db47adb13b896f82453722
- SHA256
  
  797bba78ca10fe875c03cdcd21b71f6e73e9c2f0bef68d85b4c55fb4adcc22b7
- SHA512
  
  2585bb841537abaca8b86b9d5ddac514ca039d0b04041f9adf2c8ffb1f69df9e55258a0fd062e7ad6edc1ddce264fc5c9ed6ad71231d8929f02eca1d2e6a8a3b
- SSDEEP
  
  1572864:OogF7swE5U3YlnuDcvgrQ7vXJIAgWzpYYHYYx0D+iQxs:23YJIY4Uw+Xs
Score

5^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32