7c5b449226d2c3e8e65341baffb10b9393282d53b7f6fb164ed788ca2967bb99

Sharing

Copy URL

Twitter E-mail

General

Target

antimicrox-3.4.1-Windows-AMD64.exe
Size

13.5MB
Sample

240930-31pf4s1cpr
MD5

1943da99ebbe840ac89c3045fe24babb
SHA1

a4ca3555efc9b12e515403a79d7316ccb69a7377
SHA256

7c5b449226d2c3e8e65341baffb10b9393282d53b7f6fb164ed788ca2967bb99
SHA512

462aa3fb349c23f7b44b6ca049f3f96f363c8ce0596f6f18a09bf45c0087088d3c92f0a7195aeb69cce7c89cec38cb0df2d85c39a5defc017bf48c5308cc07f5
SSDEEP

196608:OZh/vKV4AhS5RX0Ooll6Vv4eCklq7CZhKNbgANGvnU8T6slsWD7PdtSX6kcFCjuh:s/9AEuzC/rLWnNAnVmW/VtQ6kjjo

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  antimicrox-3.4.1-Windows-AMD64.exe
- Size
  
  13.5MB
- MD5
  
  1943da99ebbe840ac89c3045fe24babb
- SHA1
  
  a4ca3555efc9b12e515403a79d7316ccb69a7377
- SHA256
  
  7c5b449226d2c3e8e65341baffb10b9393282d53b7f6fb164ed788ca2967bb99
- SHA512
  
  462aa3fb349c23f7b44b6ca049f3f96f363c8ce0596f6f18a09bf45c0087088d3c92f0a7195aeb69cce7c89cec38cb0df2d85c39a5defc017bf48c5308cc07f5
- SSDEEP
  
  196608:OZh/vKV4AhS5RX0Ooll6Vv4eCklq7CZhKNbgANGvnU8T6slsWD7PdtSX6kcFCjuh:s/9AEuzC/rLWnNAnVmW/VtQ6kjjo
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  30KB
- MD5
  
  a7d3a18ddc6206b7d980a40700ea6619
- SHA1
  
  2da1598e44a0d7541c236d678bfffb28de805c08
- SHA256
  
  c555c346cc1f80ff0cb9aeaab8875a10c15ea4e5cf445a0f1597363fcf686924
- SHA512
  
  53bffcd80bf3b8da2c1576b57bf4f993abed8a8c45f3831db4a983f05651bb6c22678b903e0c66fe2bc303fa2c8ef9b333826a998e0bf96719e4914c62efa374
- SSDEEP
  
  384:U0gEkzxOCEhrPa9EGCuvLjMVAKZv7HTw+GkuKnb/N1f9J61j0G8mnWvr:U/0CE5a9ED6LWbcBkHpS
Score

1^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/StartMenu.dll
- Size
  
  11KB
- MD5
  
  65c301d9a85f4342cdef7fedeabafd5d
- SHA1
  
  10606ffc00f2400fb2f52d404b30115cb33137e9
- SHA256
  
  48765294aa273ec2fd55cc5f9301e138b4d56a9f6d00fcf24473788e64b52bfd
- SHA512
  
  0dcdd78d8f472168614200900afd479a60106c94deda18c9999c32b1af497c32d9fd41f6039d94bfa28855121e61fb4031e4464b2f074d9fb7024f5f74950efd
- SSDEEP
  
  192:fLB7OopThb4h9qRqsHUzKX9zvJkwTFkBo5BoE9c:fLB77pCh97s0zKZvaOc
Score

1^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  25KB
- MD5
  
  46de30b73f6fa1d4ef62ba7b169e0191
- SHA1
  
  59850382f1f5f30c840f502d8fc5fc228df33d6d
- SHA256
  
  322e35bcdd0dd61cad8810bb446c425d8b91ceeba897b13fa0f50f1f48f88056
- SHA512
  
  2e51a23297bbe74bb1b1ecc5a7257c546ea43d864e0691a437577431d022f6be5e653dc1ce186698095833245c869bb769c7088ece85851f539b9b763b2cef70
- SSDEEP
  
  384:1xnVPk9nL3P0CMxzPJJKZvZvUq5PKpkuKnbyFJVA+:1lBkhP0CMxFwpSkUJ
Score

1^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/UserInfo.dll
- Size
  
  7KB
- MD5
  
  5df25c042bdda748d1f396b4fe070ede
- SHA1
  
  e470ebe89bd49373f4175b5cf796c49ca1ee9a4e
- SHA256
  
  c9dd715d31c8cdf763f5edc92b8228df617bc528d7f558d6e531434c62a4b37b
- SHA512
  
  29bfd4d17200286bb84b9956f21f43aa8ae470870835064d60f2de2ef535535115c17a7bce75935518c0aec18db4bde700740d4b7227ba18a34ac57bbaa4657f
- SSDEEP
  
  96:8MaRo52x1kO2TPrdKX9zv+WI7jjPC2gwvTlQordUyJWRI:uRO7DJKX9zvmTDTlQ
Score

1^/10
behavioral10 behavioral9
- Target
  
  bin/Qt5Concurrent.dll
- Size
  
  72KB
- MD5
  
  f73eaa63146a4a389c6e12c204c4267a
- SHA1
  
  fba96e1c526577154b15a81eba6f9ff1d77efa08
- SHA256
  
  bee08138f9087edc8e4161a9a7717aefc948acea015eb5f00cbc3020df40b4b5
- SHA512
  
  bbfcb4ba6b4e083a50fd7152d8d9b51b15542c2e26f479d35ce05b2b4b188cfcf60cea93fce8401e1e9748e61be3ad5e17d256fd13391b3b3d730f1d6e7ae370
- SSDEEP
  
  1536:vsunFiMbHdlKP1UzWNrwYUkSwd8esXd2Mf2sF9dF/xUfH:0wWNT8esXd2Mf2sF9dFo
Score

1^/10
behavioral11 behavioral12
- Target
  
  bin/Qt5Core.dll
- Size
  
  7.8MB
- MD5
  
  f38f9d503157c6b2401801f9572fd048
- SHA1
  
  52f999e93532349d0fca73f49e7a4e987b4a5e1f
- SHA256
  
  858abb9ddcb3cd4fa15c01d3cd64ff4371a79516b02bc3df20590a82161fba55
- SHA512
  
  c31966139cb1d5df66ea5cfde65b09449d5f25d5c4fc146cd44f0e0124e8106eef124fc40e2522aaee571e4685e605ebbcab8305a23d00ab9d7828c70a7f1be3
- SSDEEP
  
  196608:N84evpspTjPCixOJsv6tWKFdu9CUGSFj+p:NNevpIT2TJsv6tWKFdu9C4g
Score

1^/10
behavioral13 behavioral14
- Target
  
  bin/Qt5Gui.dll
- Size
  
  9.2MB
- MD5
  
  fc7d92feb89f055f7f19169e7a1f3621
- SHA1
  
  5a0f1b5fa82f419020fb38010340032971495dcd
- SHA256
  
  8bcf807aaf2419843a778994187fa4a2fe9e2d926435ed8add3e670935b3f9aa
- SHA512
  
  e97dbc3afc7875dd753c10804aa1c98abc6462f4a295ef88f9f96292a620d607f8d67fb3172a4eca72664f7c0e928e2709dfff42586f516c4ba3567fa4a334e0
- SSDEEP
  
  98304:4jXCr0pPxu7Ve0VW0I4UZYS437MU1MXUDyfK:Oyr0pv0VW0qYDLMUX
Score

1^/10
behavioral15 behavioral16
- Target
  
  bin/Qt5Network.dll
- Size
  
  2.6MB
- MD5
  
  94da65cb700658388a9cc3478abee446
- SHA1
  
  d6eb041d57a730ca203a00c925281bc112a99fda
- SHA256
  
  7660849b5647d0cd1c893fd0f977474df7b968bfae17cec79dbc77359f4e01f3
- SHA512
  
  d71046b4a48ee6b085d10131a4bdd77045258685d6d10cff8626e7c5ed1a02218e095dc5e3a63b57868d84ab71b41e1265b7f8cf87fe462c90e8d7ec1248e699
- SSDEEP
  
  49152:duOO43/DCdP/4O5WPkryQ/HiCn3Ihf15PA3/ITe:dtFs/dn+hPI/ge
Score

1^/10
behavioral17 behavioral18
- Target
  
  bin/Qt5Widgets.dll
- Size
  
  8.3MB
- MD5
  
  f4cf06dedf04a732be32acd1291cf032
- SHA1
  
  8b9f8b822722537cf3043bc0e3a0069c33c1c66b
- SHA256
  
  f1cdc4e0717d054a654373c52d98b8730d4dfd48eac0e5d9f518d9cede45fcdd
- SHA512
  
  e0dd90285afafeef96776c268672283604c61502f7ca7d165b054654e6ca960f0e9087f56693fad48d4d18c78b44fe7e5f05988739e789a1712440c3a742dc3a
- SSDEEP
  
  49152:rSMPF2bpm2G9ZoRpLYAELJGZ+9gOfXFipQcwZR4XRDFT8wedoyq+QkniEDXvpTxW:rUpmSkLY+GDyC/qWjxLKg6fW+jVD8
Score

1^/10
behavioral19 behavioral20
- Target
  
  bin/SDL2.dll
- Size
  
  2.3MB
- MD5
  
  b2514da39175d249b3d74caf2fd64004
- SHA1
  
  0587d0f97c030d485fd6f8d4aa0b134873f58f00
- SHA256
  
  ae168d45449e24b4bafe6aeed16bfb89e01453db4b83d7d0ac884f9f33125ed1
- SHA512
  
  04ba13e696afccf7e71b6e6bb78ba31efd2fed275380dfe643e5566a28e8d9d3e78e8b7c7246405d6bdb62d0347df740941b81303c2db3a7a284ffd3d49681fd
- SSDEEP
  
  49152:JlqkzZJgT4aa2xQWpDAdB601qcuSZH2WFL/Pn90sMgRatmWZqJl:LRdB60qcu+2WFzPnebgRatTZqJl
Score

1^/10
behavioral21 behavioral22
- Target
  
  bin/antimicrox.exe
- Size
  
  4.4MB
- MD5
  
  74fb30272498eb73ef8376a973aef75b
- SHA1
  
  8809cb445f2b9c7fb79a6afe35c112c67a6d120c
- SHA256
  
  4d4d616c9345591e6d4832891a3634e151680aa84199623e8d92d2597957d52c
- SHA512
  
  90cd289c720cd034f023af53b3413dc0e37234e418389cd92d5d04a7e8510b24487b0f53dc6c0363c1465268dd537b2b3411ba69e4b6d715642096689a5fa403
- SSDEEP
  
  49152:Fo8S/MBg4pajysjYMOXJO4cSq7UamWZeUaGJz2el6HeLZ/qVxlsw7A7nDYn9D:OBEf/TMxSM7jJzD6Q4n9D
Score

1^/10
behavioral23 behavioral24
- Target
  
  bin/libEGL.dll
- Size
  
  67KB
- MD5
  
  2874582e39562af961a6d1c59447459c
- SHA1
  
  3cf7d154637aac69913b1f549938a21c7c4b16ba
- SHA256
  
  b1070d55627c2899d5928eff2f2e3187537162e93e189458fadd7ccfd6a2ca3d
- SHA512
  
  eeca63a7020346bda9a399b83f4e57b6b54bbb222c4a3cf7191ab7fe0271f6473bcc58f0e60ce5f7d5cbd57298b858ffa042b62ed9a9be0806e08e4c6f5c7091
- SSDEEP
  
  768:YCXkrV/vHAZmTi4V63ACh9/sfzjcdDGSUf2hC:Y//oWmz5rUf5
Score

1^/10
behavioral25 behavioral26
- Target
  
  bin/libcrypto-1_1-x64.dll
- Size
  
  3.3MB
- MD5
  
  f57fd8bbfab9f786ccb60d663745c864
- SHA1
  
  75b50bd80e01650f97119648f6aebfb736b89e99
- SHA256
  
  13071dc72a97cf3c84fa754714c99f3b91f3aa784393994401bec0a7869cdb51
- SHA512
  
  7fd8b7c323d52188575d6054cbf561a05bbc688d002f8d80a0c0d915a6cfc9537755d520482126dac334e6f08d4519977be5f97ed52964076d8ba992222c92a1
- SSDEEP
  
  49152:8VwASOryIU6ifZGtlqQ0Oh5PhTEeJ/nOCH0tpINuZdeKDYRTLaLa4NP6DN8831CB:Y1+4/mtO0a48DN8K1CPwDv3uFfJ
Score

1^/10
behavioral27 behavioral28
- Target
  
  bin/libgcc_s_seh-1.dll
- Size
  
  147KB
- MD5
  
  25d035933434a273b7916e6eb443d3b6
- SHA1
  
  f829301691214d24f6d989e7c948ffa8d8d64c37
- SHA256
  
  b22b954397a52703579d92db64b57812af70f2afcafe2e742a009c1640b9ec1a
- SHA512
  
  e3c1620bc24ea117279074ee01810e99be342649add6a80728b42ffc06e223e9eb65f16f6632ccec93e96f880304536a1b8dd4f0ac8c2ead1550290e11cea1c0
- SSDEEP
  
  3072:N8TG1KpEDJZkSjJDKW2R8cd6PM+MahQocoERNyN8B4M0F2:xKSjjJOBRw0bo0yo90F2
Score

1^/10
behavioral29 behavioral30
- Target
  
  bin/libssl-1_1-x64.dll
- Size
  
  670KB
- MD5
  
  7d8cd03c4d24a26d5e5b2f188773d852
- SHA1
  
  583613b44fc1bdd81559c15d281444ae82e9d9c4
- SHA256
  
  6ba837ce8bafe2bad595164f14bc3e85905e5c7fe88a0a0efb99a2ba9f025f72
- SHA512
  
  c50f14e5126b28ed402314a641b969c1a0f47a5856a5a607ff0df9b5bbcde44a7ead460cc5dece25ba3ec8e00c9d165183f4a6420d60ef56e12be4f2e4cc60a7
- SSDEEP
  
  12288:zofvFwEpp/ZYaDrN+9Qa3+YnkaZHEWFPTs73/MqFF8MXI/3ZtBPFj5U2lvz:ITp/JN+9Q1Gg73/ydRt35U2lvz
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Checks installed software on the system

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32