28293dada3c88336b2b53aca00adf59f85cabf1362f8386a8ffc6be5e1742836

Resubmissions

02/10/2024, 15:47

241002-s8mmdaxhng 7

Sharing

Copy URL

Twitter E-mail

General

Target

dupeGuru_win64_4.3.1.exe
Size

30.9MB
Sample

241002-s8mmdaxhng
MD5

d82ff512b88c1adc706abbb7bba938f2
SHA1

335ed3692ebe699ed907f8c96728f259652e37bb
SHA256

28293dada3c88336b2b53aca00adf59f85cabf1362f8386a8ffc6be5e1742836
SHA512

79fee28fa9c21e70dfc3f02877e8ea5dd388699ff0a26de55d98c4d7dc4745d58890abb4ff75d12bba33fc0c219fbd442ccf14a3d0f3ee0511d4e11ac19b3e7b
SSDEEP

786432:u7kuITM2/Y4IS+Ds0r7I7wQ6wyBTCivfhsu//4FpvuzJ:uMZ/ms0ruFpIeSh8k

Score

7^/10

discovery pyinstaller

Malware Config

Targets

- Target
  
  dupeGuru_win64_4.3.1.exe
- Size
  
  30.9MB
- MD5
  
  d82ff512b88c1adc706abbb7bba938f2
- SHA1
  
  335ed3692ebe699ed907f8c96728f259652e37bb
- SHA256
  
  28293dada3c88336b2b53aca00adf59f85cabf1362f8386a8ffc6be5e1742836
- SHA512
  
  79fee28fa9c21e70dfc3f02877e8ea5dd388699ff0a26de55d98c4d7dc4745d58890abb4ff75d12bba33fc0c219fbd442ccf14a3d0f3ee0511d4e11ac19b3e7b
- SSDEEP
  
  786432:u7kuITM2/Y4IS+Ds0r7I7wQ6wyBTCivfhsu//4FpvuzJ:uMZ/ms0ruFpIeSh8k
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  014a3be4a7c1ccb217916dbf4f222bd1
- SHA1
  
  9b4c41eb0e84886beb5591d8357155e27f9c68ed
- SHA256
  
  09acfc5ee34a1dfa1af3a9d34f00c3b1327b56641feebd536e13752349c08ac8
- SHA512
  
  0f3d1bf548e29a136150b699665a3f22c6ea2821701737363fa2920b51c391d735f1eae92dea8af655e7d07304bd3d06e4aff3f5a82fa22bcf5d1690013eb922
- SSDEEP
  
  48:S46+/iTKYKxbWsptIpBtWZ0iV8jAWiAJCvxft2O2B8mMofjLl:zsuPbOBtWZBV8jAWiAJCdv2CmfL
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/StartMenu.dll
- Size
  
  7KB
- MD5
  
  6b7073967487c24d08e88c208a1626fa
- SHA1
  
  f75f9dd095558b3c03b1647fe23c0869634bd9cc
- SHA256
  
  c91c61861cf22d1e9cd14dbba163573b2bd3d03dc72fcb1512879e4f3ab3b276
- SHA512
  
  31e1962b761bb0304905287f8ef33bf244b05ce1490723b98134dff0cc55956295d979086c350457fa5f6618868e431f1fc2d34afb4437ada15839ae4836f6f7
- SSDEEP
  
  96:d8dPIKJhMuhik+CfoEwknt6io8zv+qy5/utta/b3lkCTcaqHCI:eZIKXgk+cx6QYFkALlncviI
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  564bb0373067e1785cba7e4c24aab4bf
- SHA1
  
  7c9416a01d821b10b2eef97b80899d24014d6fc1
- SHA256
  
  7a9ddee34562cd3703f1502b5c70e99cd5bba15de2b6845a3555033d7f6cb2a5
- SHA512
  
  22c61a323cb9293d7ec5c7e7e60674d0e2f7b29d55be25eb3c128ea2cd7440a1400cee17c43896b996278007c0d247f331a9b8964e3a40a0eb1404a9596c4472
- SSDEEP
  
  192:nenY0qWTlt70IAj/lQ0sEWc/wtYbBH2aDybC7y+XBDIwL:n8+Qlt70Fj/lQRY/9VjjfL
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/UserInfo.dll
- Size
  
  4KB
- MD5
  
  98ff85b635d9114a9f6a0cd7b9b649d0
- SHA1
  
  7a51b13aa86a445a2161fa1a567cdaecaa5c97c4
- SHA256
  
  933f93a30ce44df96cbc4ac0b56a8b02ee01da27e4ea665d1d846357a8fca8de
- SHA512
  
  562342532c437236d56054278d27195e5f8c7e59911fc006964149fc0420b1f9963d72a71ebf1cd3dfee42d991a4049a382f7e669863504c16f0fe7097a07a0a
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  48f3e7860e1de2b4e63ec744a5e9582a
- SHA1
  
  420c64d802a637c75a53efc8f748e1aede3d6dc6
- SHA256
  
  6bf9cccd8a600f4d442efe201e8c07b49605ba35f49a4b3ab22fa2641748e156
- SHA512
  
  28716ddea580eeb23d93d1ff6ea0cf79a725e13c8f8a17ec9dfacb1fe29c7981ad84c03aed05663adc52365d63d19ec2f366762d1c685e3a9d93037570c3c583
- SSDEEP
  
  96:oFsvUu3Uy+sytcS8176b+XR8pCHFcMcxSgB5PKtAtgt+Nt+rnt3DVEB3YuNqkzfS:oFsvWyNO81b8pCHFcM0PuAgkOywIFc
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  MSVCP140.dll
- Size
  
  576KB
- MD5
  
  01b946a2edc5cc166de018dbb754b69c
- SHA1
  
  dbe09b7b9ab2d1a61ef63395111d2eb9b04f0a46
- SHA256
  
  88f55d86b50b0a7e55e71ad2d8f7552146ba26e927230daf2e26ad3a971973c5
- SHA512
  
  65dc3f32faf30e62dfdecb72775df870af4c3a32a0bf576ed1aaae4b16ac6897b62b19e01dc2bf46f46fbe3f475c061f79cbe987eda583fee1817070779860e5
- SSDEEP
  
  12288:xI88L4Wu4+oJ+xc39ax5Ms4ETs3rxSvYcRkdQEKZm+jWodEEVh51:xD89rxZfQEKZm+jWodEEP5
Score

1^/10
behavioral13 behavioral14
- Target
  
  MSVCP140_1.dll
- Size
  
  30KB
- MD5
  
  0fe6d52eb94c848fe258dc0ec9ff4c11
- SHA1
  
  95cc74c64ab80785f3893d61a73b8a958d24da29
- SHA256
  
  446c48c1224c289bd3080087fe15d6759416d64f4136addf30086abd5415d83f
- SHA512
  
  c39a134210e314627b0f2072f4ffc9b2ce060d44d3365d11d8c1fe908b3b9403ebdd6f33e67d556bd052338d0ed3d5f16b54d628e8290fd3a155f55d36019a86
- SSDEEP
  
  384:rOY/H1SbuIqnX8ndnWc95gW3C8c+pBj0HRN7bULkcyHRN7rxTO6iuQl9xiv:yYIBqnMdxxWd4urv
Score

1^/10
behavioral15 behavioral16
- Target
  
  PyQt5/Qt5/plugins/iconengines/qsvgicon.dll
- Size
  
  40KB
- MD5
  
  313f89994f3fea8f67a48ee13359f4ba
- SHA1
  
  8c7d4509a0caa1164cc9415f44735b885a2f3270
- SHA256
  
  42dde60befcf1d9f96b8366a9988626b97d7d0d829ebea32f756d6ecd9ea99a8
- SHA512
  
  06e5026f5db929f242104a503f0d501a9c1dc92973dd0e91d2daf5b277d190082de8d37ace7edf643c70aa98bb3d670defe04ce89b483da4f34e629f8ed5fecf
- SSDEEP
  
  768:VPs5g31JfDgej5JZmA0ZsEEC6lmn+4FdDGimUf2hr:VkC31ee7ZmA+sEEC6lmn+4FOUfc
Score

1^/10
behavioral17 behavioral18
- Target
  
  PyQt5/Qt5/plugins/imageformats/qgif.dll
- Size
  
  38KB
- MD5
  
  52fd90e34fe8ded8e197b532bd622ef7
- SHA1
  
  834e280e00bae48a9e509a7dc909bea3169bdce2
- SHA256
  
  36174dd4c5f37c5f065c7a26e0ac65c4c3a41fdc0416882af856a23a5d03bb9d
- SHA512
  
  ef3fb3770808b3690c11a18316b0c1c56c80198c1b1910e8aa198df8281ba4e13dc9a6179bb93a379ad849304f6bb934f23e6bbd3d258b274cc31856de0fc12b
- SSDEEP
  
  768:ygk2hM0GskFtvPCjEIxh8eDzFyPddeeGvnhotdDGPUf2he:yN2a05kfPOEMaeDzFkddeFnhotOUfh
Score

1^/10
behavioral19 behavioral20
- Target
  
  PyQt5/Qt5/plugins/imageformats/qicns.dll
- Size
  
  43KB
- MD5
  
  ad84af4d585643ff94bfa6de672b3284
- SHA1
  
  5d2df51028fbeb7f6b52c02add702bc3fa781e08
- SHA256
  
  f4a229a082d16f80016f366156a2b951550f1e9df6d4177323bbedd92a429909
- SHA512
  
  b68d83a4a1928eb3390deb9340cb27b8a3eb221c2e0be86211ef318b4dd34b37531ca347c73cce79a640c5b06fbd325e10f8c37e0cee2581f22abfbff5cc0d55
- SSDEEP
  
  768:vEip0IlhxTDxut3dnm8IyAmQQ3ydJouEAkNypTAO0tfC3apmsdDG9Uf2hU:vxvXxgVIyA23ydJlEATpTAO0tfCKpms/
Score

1^/10
behavioral21 behavioral22
- Target
  
  PyQt5/Qt5/plugins/imageformats/qico.dll
- Size
  
  37KB
- MD5
  
  a9abd4329ca364d4f430eddcb471be59
- SHA1
  
  c00a629419509929507a05aebb706562c837e337
- SHA256
  
  1982a635db9652304131c9c6ff9a693e70241600d2ef22b354962aa37997de0b
- SHA512
  
  004ea8ae07c1a18b0b461a069409e4061d90401c8555dd23dbf164a08e96732f7126305134bfaf8b65b0406315f218e05b5f0f00bedb840fb993d648ce996756
- SSDEEP
  
  768:zBXBEfQiAzC9Oh5AS7a3Z5OGrTDeV9mp7nnsWdDGgYUf2hi/:8JAzuOhy3zOGrTDeV9mp7nnsWjYUfz
Score

1^/10
behavioral23 behavioral24
- Target
  
  PyQt5/Qt5/plugins/imageformats/qjpeg.dll
- Size
  
  411KB
- MD5
  
  16abcceb70ba20e73858e8f1912c05cd
- SHA1
  
  4b3a32b166ab5bbbee229790fdae9cbc84f936ba
- SHA256
  
  fb4e980cb5fafa8a4cd4239329aed93f7c32ed939c94b61fb2df657f3c6ad158
- SHA512
  
  3e5c83967bf31c9b7f1720059dd51aa4338e518b076b0461541c781b076135e9cb9cbceb13a8ec9217104517fbcc356bdd3ffaca7956d1c939e43988151f6273
- SSDEEP
  
  6144:USgOWz1eW38u9tyh6fpGUasBKTrsXWwMmH1l3JM5hn0uEfB4:USPQTnastBRB4
Score

1^/10
behavioral25 behavioral26
- Target
  
  PyQt5/Qt5/plugins/imageformats/qsvg.dll
- Size
  
  31KB
- MD5
  
  c0de135782fa0235a0ea8e97898eaf2a
- SHA1
  
  fcf5fd99239bf4e0b17b128b0ebec144c7a17de2
- SHA256
  
  b3498f0a10ac4cb42cf7213db4944a34594ff36c78c50a0f249c9085d1b1ff39
- SHA512
  
  7bd5f90ccab3cf50c55eaf14f7ef21e05d3c893fa7ac9846c6ca98d6e6d177263ac5eb8a85a34501bcfca0da7f0b6c39769726f4090fca2231ee64869b81cf0b
- SSDEEP
  
  768:uOVKDlJJVlTuLiMtsKVG7TSdDG9Uf2h4e:hVgJVlTuL/tsKVG7TSQUfre
Score

1^/10
behavioral27 behavioral28
- Target
  
  PyQt5/Qt5/plugins/imageformats/qtga.dll
- Size
  
  30KB
- MD5
  
  a913276fa25d2e6fd999940454c23093
- SHA1
  
  785b7bc7110218ec0e659c0e5ace9520aa451615
- SHA256
  
  5b641dec81aec1cf7ac0cce9fc067bb642fbd32da138a36e3bdac3bb5b36c37a
- SHA512
  
  cebe48e6e6c5cdf8fc339560751813b8de11d2471a3dab7d648df5b313d85735889d4e704e8eec0ad1084ab43be0ebdfbacd038aeac46d7a951efb3a7ce838eb
- SSDEEP
  
  768:1lGALluUEAQATWQ79Z2Y8Ar+dDG2vUf2hF:TZl/EH8WQ794Y8Ar+hvUfm
Score

1^/10
behavioral29 behavioral30
- Target
  
  PyQt5/Qt5/plugins/imageformats/qtiff.dll
- Size
  
  380KB
- MD5
  
  9c0acf12d3d25384868dcd81c787f382
- SHA1
  
  c6e877aba3fb3d2f21d86be300e753e23bb0b74e
- SHA256
  
  825174429ced6b3dab18115dbc6c9da07bf5248c86ec1bd5c0dcaeca93b4c22d
- SHA512
  
  45594fa3c5d7c4f26325927bb8d51b0b88e162e3f5e7b7f39a5d72437606383e9fdc8f83a77f814e45aff254914514ae52c1d840a6c7b98767f362ed3f4fc5bd
- SSDEEP
  
  6144:V0jqHiFBaRe0GPAKwP15e7xrEEEEEEN024Rx/3tkYiHUASQbs/l7OanYoOgyV:0qqwP15bx/q7/yyV
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32