659c54979fa4c75840e4ee9b17393be08dd86c5e7c726493b7eb58a8623bb6a7 | Triage

Sharing

General

Target

imager_1.8.5.exe
Size

19.3MB
Sample

241003-qyz4lsycpm
MD5

1a1620e861f0a578783260e7e915e8f8
SHA1

b311b501a9b6a3f1635ef48be8118a028612072e
SHA256

659c54979fa4c75840e4ee9b17393be08dd86c5e7c726493b7eb58a8623bb6a7
SHA512

357a587f948afb92aa495ef2ebeb67fea795dd9ae8e0e4afe2ab6422025391d0af8c321063f6f25d3528a97745080188622bf156d3b63e084b2350a29af9de0e
SSDEEP

393216:u265BEBfTbWEkxnk+O0donJ6rHQOmOWoLeE4JTmdIrnw0+Cw:u/3kLT2BO2on+8GebTUIjwQw

Score

4^/10

discovery execution

Malware Config

Targets

- Target
  
  imager_1.8.5.exe
- Size
  
  19.3MB
- MD5
  
  1a1620e861f0a578783260e7e915e8f8
- SHA1
  
  b311b501a9b6a3f1635ef48be8118a028612072e
- SHA256
  
  659c54979fa4c75840e4ee9b17393be08dd86c5e7c726493b7eb58a8623bb6a7
- SHA512
  
  357a587f948afb92aa495ef2ebeb67fea795dd9ae8e0e4afe2ab6422025391d0af8c321063f6f25d3528a97745080188622bf156d3b63e084b2350a29af9de0e
- SSDEEP
  
  393216:u265BEBfTbWEkxnk+O0donJ6rHQOmOWoLeE4JTmdIrnw0+Cw:u/3kLT2BO2on+8GebTUIjwQw
Score

4^/10

discovery
behavioral1 behavioral2
- Target
  
  QtGraphicalEffects/private/FastInnerShadow.qml
- Size
  
  9KB
- MD5
  
  c2c13cc2208f6a6a30139cfa572a7067
- SHA1
  
  ededff0bbf7b6f6ff4a7e6b80a27dd4a6209dc8f
- SHA256
  
  c3edfda7c3677d94681e002c1ce62d1bea074a04a6232bc398534470f09e2578
- SHA512
  
  852b2408ee6f8bdf2250ca023a15253467bd3045bbe5ac992261b0b517b616fc6b6f43ec279d83e0ad823384450c6c793cd6e94341a3ba936dab1663ec7a7fa6
- SSDEEP
  
  192:ndscG1zlcCqBY9cNJGBRNaTiN/spNYZ4N1SblXyJA/R:nDG1JxmPcukyA
Score

3^/10

execution
behavioral3 behavioral4
- Target
  
  QtGraphicalEffects/private/GaussianDirectionalBlur.qml
- Size
  
  12KB
- MD5
  
  c0e84ec177b5bd2899d721683311e5cb
- SHA1
  
  1016d6790c4fc3c234f5fbb01dc7678e669135b7
- SHA256
  
  883d1d8bf62e98ee7d4590d647dc1b5e0b24213c646fe9f6c91c806b59e2277f
- SHA512
  
  5064f419868cdd32e6ca6db3567e3eeb5e6b3e4a1ee8a3586b3b0c948972905057d9bd49a00e4612d817fdc7d664125c04b1d89d2bf689d6e09baf37fcaed646
- SSDEEP
  
  96:ndzgUldGcQWR8yl69yuT/jrKOxgmk1Rh+0qpj85TKsv2ceErtdtP+tTtxtUkKD:ndscGvyl6U7JtfNdtPepnU/
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  QtGraphicalEffects/private/qtgraphicaleffectsprivate.dll
- Size
  
  163KB
- MD5
  
  6f2896c1741577d4141940669bb78168
- SHA1
  
  a2ede8c40d7584607f5ea51a3044c6d3397228d0
- SHA256
  
  e1152e7c0fe2cc14c9c27c15aa3ae10a6eebe801f07a0fa3de36a41e6e2080c5
- SHA512
  
  48344051f777e4f04f8186d892a476ec2c6cb6119aeb2ffeda8059d771b2b63201a7ffe8380d389f0cbb517ee9c440abf36e623e2dd928ad0dc6d27bcd168a40
- SSDEEP
  
  3072:h9jA2PmZTN7+6oUExd0jIq+yauht5R/Bv3H2sgO56UYrp4YUGcyEbHaiW+mbeLcN:h9EumZTZ+TxdKIq+yRz/Bv3H2sgO56UM
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  QtGraphicalEffects/qtgraphicaleffectsplugin.dll
- Size
  
  95KB
- MD5
  
  18ae2b3d324b0b6dcdae31727d2b85f5
- SHA1
  
  f9917bfb591e9623260291857b04588e39d9d49c
- SHA256
  
  4d54f236792e86f8aa15ffe9b82ffe345ed8b80f6f959979fca3a9657165284a
- SHA512
  
  f1387b61d00b3bd7ff5a47b7237d0b30ba4e12eb2cb3f74b5b499085c95bac58b74551c39c1a360010a6f856f67f2ea256fd815d89e6a81a605a8659f1691f5c
- SSDEEP
  
  768:bIOdVKWS7/JOyZcCaMgtz8jd4lpdj9Ik4z2+A4yPzto0BIWGhlEOWI+xNmPNFDmp:bVr8A4yPzChlEOWI+xNmPNFqku
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  QtQuick.2/qtquick2plugin.dll
- Size
  
  55KB
- MD5
  
  bc48935d7fb9d87eed3994024f1071f8
- SHA1
  
  9cea445364aae84a38d3e79b5aabdffd4229a284
- SHA256
  
  6fccb1c95c2198d15d818e640d7849af9215e741ebbaceecfee3f3315f90b0ae
- SHA512
  
  95dc78983ba867883766a3d2a988d56bd9c9a6252e8231e631a294c5a9cee3647862909f0282284d6c5d734d41685b8ca53823538bb23a7549098e5477676720
- SSDEEP
  
  768:7aaJIsYojnA4yZ5BmzDkbhsHGleu9VLDFI+9LgQgaONFemzHQ:7aagobA4yODCh4GleUD6wLgvaONFbLQ
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  QtQuick/Controls.2/Fusion/qtquickcontrols2fusionstyleplugin.dll
- Size
  
  737KB
- MD5
  
  dc4a14295bb1ff490290a2c97ef6b887
- SHA1
  
  465157b5021923855234816b4243e6f8597e35fd
- SHA256
  
  80c6eb72431dd51f6f9822aa8ae7dfddb633092b623e34643f9e99242d591b22
- SHA512
  
  71d0d4fa958e69351af72b0eb0842befbad599bf2f2398f7401b2f808530a76f8b685dade3f806ab53798eed715e8bc11860b26a8d389a3b37ceefd1dcfd4627
- SSDEEP
  
  12288:qYJiupprpp9pp1ppeppMppnppcppdpp3p3uppOppIppCppPpp6ppvppKppsppnp0:Lgw6
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  QtQuick/Controls.2/Material/RectangularGlow.qml
- Size
  
  8KB
- MD5
  
  f98e2eae330aee1fc832a15fc395ae4d
- SHA1
  
  bb91c3051a65832000db517913f8a4b122c10f5c
- SHA256
  
  e4ade2e5c1600befe2ae31221035b5beee33acbb9395db6911c32b117c10a300
- SHA512
  
  c263a0a3ae0af2c665a079c4d77e931322ff4a6f062b3aa54d9d96540d53a1cb9d761e2901da39f869528f3b4f2867dbcb65540d8bf42e876e643c64de95f944
- SSDEEP
  
  48:MCd5H6E+iCsAaKj7fOWIkFy99io5JAS44kH1KWRmoAAJ/H0SAAd449lM688YAAdC:nd5CB7fdpFWJA/RmEZRMTmtnWwbQ9VI
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  QtQuick/Controls.2/Material/qtquickcontrols2materialstyleplugin.dll
- Size
  
  925KB
- MD5
  
  74943939f57ad21e185a724ccf1dcb0c
- SHA1
  
  7b26e13715a9b530092f7b75c321064515988fd2
- SHA256
  
  5d5f24bd2f3b118fee1c3303518cce2bb961c71d954f59a801d04b22af7683cc
- SHA512
  
  697c1bb8863dca6a44871bcd95a2e46ccaf6b56b699bf8799b46e1f36986a6fc00432b7d176a1ea452d33af739bb64544e145a0c600c3b0ddafdd366bd736dea
- SSDEEP
  
  12288:lOUcypIresBpxprwppphpVphp/pnp/pNp6pQpQpxpVpApB3p/p4pWpcpgpCpopi5:lOUDgea7
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  QtQuick/Controls.2/qtquickcontrols2plugin.dll
- Size
  
  922KB
- MD5
  
  b64cdbba8f86ad1570980766ba01fc04
- SHA1
  
  f22fb76a9240414408cf732561a7306d1b49c49f
- SHA256
  
  9e7ae57b5f45ebca1f9130a238850910fb3d0124eaf69c219d94db0e74ec4c99
- SHA512
  
  13b03e6e0ee0c9497002ffe16956c498b4d6d5d40168e208d35039de58578a7d1b3d37dc3133344dec34072f0ec53a84f9e3061df97c0399fe825ac8aa77ebf1
- SSDEEP
  
  12288:9j8lLrO/op/pip+pGp6pVpSpFpIpapFpzpUpippp7pgphpWp4pKpjpJpqpypMpaw:9j8lLrO/mslu
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  QtQuick/Layouts/qquicklayoutsplugin.dll
- Size
  
  288KB
- MD5
  
  3ec5bd0e97818053ddc2e4c4c3673be0
- SHA1
  
  93d11ee300d5053ecc809b6a77e6df7e1bf276b3
- SHA256
  
  20d2ad1c762d5d313299ff60a2501c02818acb77c4be89c53b6b427d41b9e1de
- SHA512
  
  b7832a36c305f07dee2ee4dca569742b5d01a2315e7c89487b88713c31651b1e40399c51ff96c211ed249e5c4f5ef2a7805040865fe14eb1087d7aee16080760
- SSDEEP
  
  6144:5gCqf2wRQT231t4yUbldPLbDc7cxAoBLWxlfUVstXhvdlGsMd0hmTz1hojkiZuNl:i392ZR
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  QtQuick/Templates.2/qtquicktemplates2plugin.dll
- Size
  
  1.1MB
- MD5
  
  e120be0f82ba8f1524f57585a737dd70
- SHA1
  
  0186c8b9dd56ab855a7a3995db0b42bb5fb8f73f
- SHA256
  
  1ae1b2477143134e99fb744888a4608d9ec2cb99408b3dddcb5ade3dc9777c11
- SHA512
  
  901980f3ab9a282f3e1ad37288d5fe9349c1f7852f61748aebb3e0126f9dca526bf03eb5c94ac2503664050ffedf60e58f94afb87a1bd35b28636a6209c654d1
- SSDEEP
  
  6144:Iqn9KZDNg+ad4yWPHESmExnFOWjyMwiZVWqXedWpUeEP78ItUbdaIvy9/gKFkHmV:vaHESmExFWL3
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  QtQuick/Window.2/windowplugin.dll
- Size
  
  157KB
- MD5
  
  aaa6f063228fe0f039fbfbdd71350b52
- SHA1
  
  0191185074bd6ae95910a9abc33245d68501fd01
- SHA256
  
  9ce4c676795449331955fbe0475b0ced2672d9f2e3693df06dae8a354306614c
- SHA512
  
  0f5626fa285c914407debbb815c8a867da19cc50f0e08303d67783d57a5cb5ed73cdcbde7273b4cd19a576bb4dcfbf4b88d1e2b00003e3519c61e6a89681a31d
- SSDEEP
  
  3072:IAb+C4yCCE7pfdnechu4d5RH8ABxTHNdT/ucFn93c3IgN+Z9n:VZ4ym7pfdnechu4d5RH8ABxTHNdT/ucB
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  bearer/qgenericbearer.dll
- Size
  
  156KB
- MD5
  
  0cd5e6423509f722a14ea18cdbff9131
- SHA1
  
  f7e3dfbf13cf500d66239c6ebbace4d5b596c9d3
- SHA256
  
  196b17ace66fcba78ca81ed6bf26071b4d953a7c6d86604305080cfcd8130b2b
- SHA512
  
  d42bef1c5a5ece868171e4944a008e9c58ba4dfbe55fba4814c903c9eec5c651ad2a9b579c7fa06171f498ed8789954e91215e3d10369bfe8e7c3098777b85a4
- SSDEEP
  
  3072:VDU+XzIQIHf4Jy9hBI2yVQ4ykl0ND1lVaAzP4Lrc8DdrqlTN58C:VDU//9hci4jIzP4Lrc8DdrCTN5d
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  fat32format.exe
- Size
  
  74KB
- MD5
  
  f9a02588e715f2e952bcc749ab8f915c
- SHA1
  
  a4cdee355569987ab122fd291cc92ba9f89a1757
- SHA256
  
  a85083187f74411039b1dd7039a8c62c26fef2a6578660217d7bc3cd052b3b40
- SHA512
  
  9e14d7f4429a4b673409050f44d175cffcedf6586516b3030b607e41cb0c030d1425d3997dc8c1e9379f8b0c68c5203e7f919923f89514564854f047e51ed00a
- SSDEEP
  
  768:iz8yOm2vPLIJxtiM2MVr5Ep0nHhtnys3ztMGFSbkj17+JUlGvMsN7gbAMxkEENA:iAyL0P28+htnyyZMqFjZl5sN7gbxiA
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  iconengines/qsvgicon.dll
- Size
  
  96KB
- MD5
  
  0e84e74db3c3c6318b1e436cbc3bc9bd
- SHA1
  
  2417d9359b8d77523647bccc3de9f469846cd4a2
- SHA256
  
  aab86d4b897a38043f79c01ddbb5655e838dc3f907d9579ccce2b4a4299cd588
- SHA512
  
  dbeeb50f7955d912436353a9063b1ede40d2e60594896569ea64950c85f69c8cf5e1f2bfe297a09da24b891fe351a53f4d519dc19a5b976e6a81898d384afe3f
- SSDEEP
  
  1536:C/UQCyIoWv9xrMA4gcx47+fbET9uk4Jp5BLzsHdNq0nD:gUQvGvjoA4BA9N4Jp5lz2dNq0nD
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32