754a1194c21c5f50675f0025927d6fcd8eba11047b9fc6a1c028f4855052c1b0

Sharing

Copy URL

Twitter E-mail

General

Target

JJSploit.exe
Size

29.9MB
Sample

241004-j67ebstcjn
MD5

a9f34d2e77c7888957c8880f367398e7
SHA1

201dd7c2965be5ae88119a22b61436506e0650ef
SHA256

754a1194c21c5f50675f0025927d6fcd8eba11047b9fc6a1c028f4855052c1b0
SHA512

c47f73924417bf7775624d46ac359ce8b5cc3b2c5cdf5e15f35f9f6e9c92543de3721bd87cb9c3d2ce432c9dd5a5a06b6ac041a844ebb31890f3c4310aa271e7
SSDEEP

786432:tgyT3lNSvjF5mPvxw8r+m2tMT8mWDACjI421oyJ:tgy7DKjFGktYHXCE4i

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  JJSploit.exe
- Size
  
  29.9MB
- MD5
  
  a9f34d2e77c7888957c8880f367398e7
- SHA1
  
  201dd7c2965be5ae88119a22b61436506e0650ef
- SHA256
  
  754a1194c21c5f50675f0025927d6fcd8eba11047b9fc6a1c028f4855052c1b0
- SHA512
  
  c47f73924417bf7775624d46ac359ce8b5cc3b2c5cdf5e15f35f9f6e9c92543de3721bd87cb9c3d2ce432c9dd5a5a06b6ac041a844ebb31890f3c4310aa271e7
- SSDEEP
  
  786432:tgyT3lNSvjF5mPvxw8r+m2tMT8mWDACjI421oyJ:tgy7DKjFGktYHXCE4i
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  3e277798b9d8f48806fbb5ebfd4990db
- SHA1
  
  d1ab343c5792bc99599ec7acba506e8ba7e05969
- SHA256
  
  fe19353288a08a5d2640a9c022424a1d20e4909a351f2114423e087313a40d7c
- SHA512
  
  84c9d4e2e6872277bffb0e10b292c8c384d475ad163fd0a47ca924a3c79077dfde880f535a171660f73265792554129161d079a10057d44e28e2d57ebc477e92
- SSDEEP
  
  192:d4n3T5aK+dHCMR1aQR9RuZl3WWmU7WYZsw1JpVGnrjsK72dwF7dBOne:Wn3T5KdHCMRD/R1cOnrjs+BO
Score

3^/10

discovery
behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  3f176d1ee13b0d7d6bd92e1c7a0b9bae
- SHA1
  
  fe582246792774c2c9dd15639ffa0aca90d6fd0b
- SHA256
  
  fa4ab1d6f79fd677433a31ada7806373a789d34328da46ccb0449bbf347bd73e
- SHA512
  
  0a69124819b7568d0dea4e9e85ce8fe61c7ba697c934e3a95e2dcfb9f252b1d9da7faf8774b6e8efd614885507acc94987733eba09a2f5e7098b774dfc8524b6
- SSDEEP
  
  192:OPtkumJX7zB22kGwfy0mtVgkCPOsX1un:/702k5qpdsXQn
Score

3^/10

discovery
behavioral3
- Target
  
  HWiNFO32.dll
- Size
  
  1.1MB
- MD5
  
  5ca7282ca1edca28e583a7ca2207a3cd
- SHA1
  
  be6af5ac64b1ce637497e87a610bed80fb642f8c
- SHA256
  
  3f4c18c2b5044f5c373ce6659cf3c5fefc5171d04f70c9e66c132d3cd9f3f0cc
- SHA512
  
  7f7564fb334c6df7c8800223eeca48122ad9883b155ee14e42607b0de57c55603acd6a2016473d7aa0c067e88093eb5bd545513b980f6d44725dab74973d88d9
- SSDEEP
  
  24576:aLdjktRxM0fviCDg4nuvGmwJ0zX9igjT/IWPdjRCjukvmuQ:0djAvM03o4n6R04BjT/pljuA
Score

3^/10

discovery
behavioral4
- Target
  
  Qt5Core.dll
- Size
  
  4.4MB
- MD5
  
  50ea7d7934cb508b10262f7dac8ae5db
- SHA1
  
  90a536c18450974dd7bb607db5f9dba44a0045f4
- SHA256
  
  de43833036c338f66a3f3b1edcc2b5c638d4850edfd6a6d81a4bf83a736784a5
- SHA512
  
  252cf773cac504e69692839e70d2b9dbac11036a56db1430233f9c48350267805b32f8bfc96b02498d272d1dba2f8040cf198d98d66773def488f50f43603642
- SSDEEP
  
  49152:5UPCF1VbWpnqeOam5PKZowJeS55bpVJsv6tWKFdu9CKTVnWCLZgZ3YPmWjZ5RPpC:uPCDw7OdiZzJP5pJsv6tWKFdu9Cn5b
Score

3^/10

discovery
behavioral5
- Target
  
  Qt5Gui.dll
- Size
  
  4.6MB
- MD5
  
  409be3a289e31fac1b2928a2c174309b
- SHA1
  
  9eb1a59038c781ba32b16a4e253da317eea06c61
- SHA256
  
  b512b1501e06de73bb7bb9092b5a90951ed1fbb6f7907a24e7df59dca58a0846
- SHA512
  
  659f500ae59796a199f76d5b3f9154e029013837b56c278763ac697e166ac3f6f58b829555411e9d1d08c5008f82c5c2fad207dcbd187632c4cc9246095c1fde
- SSDEEP
  
  49152:p6gNU6GJR6eHXBiYmfLcReWUzh14XEES/je6UqAdrRNXD7V69GgmjkcCcmvV:pY6eHX4RoS/glPjqv
Score

3^/10

discovery
behavioral6
- Target
  
  Qt5Network.dll
- Size
  
  828KB
- MD5
  
  c9924d07687205687167aa528b7fa965
- SHA1
  
  6186c084a497396b504dfe1132c14fbfa19d1d91
- SHA256
  
  97ca4e1730cee019aeddd7ac83fa4bde34d4913da8d1e095d75393aaaeb54271
- SHA512
  
  550c0b439f11642c6c53478c6ed7db8acc8653ccdfd2d7c60b132e1b20a19be41862659a6aacd021e175d978ee4f86ca9bc1a0b2cacdf71a40bc1a2be324195d
- SSDEEP
  
  12288:fXQgOfDiyfEFzEc6RSv9Rd+c3AcQBgnrIbAVQcj15X:fXQgOfLMFwc6glQcnncb6jDX
Score

3^/10

discovery
behavioral7
- Target
  
  Qt5Svg.dll
- Size
  
  249KB
- MD5
  
  3c5ad8d682d328188b3ee7a4c7973354
- SHA1
  
  d0d8918e0e8a924603a395843da50c3ef7de37ea
- SHA256
  
  f9a18a0a025adf89f82f01da1082500abdd60e235a14e5934b272fbe955660a3
- SHA512
  
  45d5a7b749dbbf481b201e292dfeb42ca0016b038b70427d497c19e3a269404f9a88191fdc4f2e960c396f93e10ca84a4a47af7910184cd2a85cb082fc5d7b7e
- SSDEEP
  
  6144:9qj0SMxBKeRd5CmqtpAjaTCPf+vnU6IUSIUECbt7Gcy8DvNx9GDOd6geOKOaIFTf:9MS5UIlPmnUbFODso
Score

3^/10

discovery
behavioral8
- Target
  
  Qt5Widgets.dll
- Size
  
  4.2MB
- MD5
  
  959a951b7a31f768761ac62b1f270f7b
- SHA1
  
  d362de97af70ffe688283fcc283cba616d4f7b01
- SHA256
  
  8d0c4596da10e925eb81f84a703efe47e127c1181a0ec5b7d40bdb894cabc136
- SHA512
  
  eee3b6b70776b815d85861adc97c224dd87942c0aeedcc4fc7d72029bcbbf1e215f64c7fb363cafa921d7d9785a8a2d11f9ac859395ca33e61c370ba7d9f7d4a
- SSDEEP
  
  49152:51eak0UfTpQamn40BbO9wkHpjRBG+XtPHCyFbVpDbvryIb:5gakjNQrBSrHptBdtqsRbvryu
Score

3^/10

discovery
behavioral9
- Target
  
  ThermaltakeUpdate.exe
- Size
  
  153KB
- MD5
  
  16ad653943c03f0f9f80c8f53bcd4115
- SHA1
  
  8a4c20628bbe55d35eaa6dbc978b511a687f6de5
- SHA256
  
  65b596aefb62c6989460beb72ffd9d6ced683aa83e4f3d7594c18c49dcacd47a
- SHA512
  
  055360d69ceb569d8612fcd7d35914477978edd590ccee1f9d16f1d9f04fa05a430a615dbf9d350b1e15d1b825f67121f15a48d9451addd3d26437659f26dbf8
- SSDEEP
  
  1536:kLbYN/borxXz0dtVV/LyjoiyLIoCoeje9omIahSUc/CGpY6ghT:kLibQxQ3/IM0foeje9omIahSUcFYv
Score

3^/10

discovery
behavioral10
- Target
  
  X1 RGB.exe
- Size
  
  1.8MB
- MD5
  
  0f58576b89ed4fbc469fb50e1de0b132
- SHA1
  
  b455cf634d174382a9f38e98e769cb6194e3c26d
- SHA256
  
  11b8cbedd2b4e2d1d96f3416522efada40d524ae45e734d0e6fac83980b86a53
- SHA512
  
  b020501021db99ac44f0f70c26c90b261d56c12ac6187d555a343726571f29ff3857ac49044f4d389f0562fc00b212132f1c76192490453ee54c26b51962f070
- SSDEEP
  
  49152:2MU6aQEeTTPrGFO97TbjdQ5gKCGXwGqKUzIZiLiu6QK7d3:XlRT6FO97Ta5gKCGXwGqzzIMLi3
Score

8^/10

discovery
- Drops file in Drivers directory
behavioral11
- Target
  
  fw/X1 RGB Firmware Update.exe
- Size
  
  2.0MB
- MD5
  
  7a1804b84041b3dffeb72ae5307bb55c
- SHA1
  
  1b59d21e2459a77aa1f4fd8b7e175b1bc6cefd2d
- SHA256
  
  6f7183851a778003e12fcaf5345355289340391664d4bf3f443750c9eb0db8e6
- SHA512
  
  1b629501fffb288f5ebce89ef7ab49d006f4eb783be687bb7836a2a4e126029b6c0911ef56d9760b2eaab38bbbca3be98e04662fc111ab89d3acb278e6dd88af
- SSDEEP
  
  49152:mKZSIDPGSC40vGhTiubVpqkSZpXnOs0FnV9Ot/8c:mKFtCpGhTiubfqkKVnx0FnHOhd
Score

3^/10

discovery
behavioral12
- Target
  
  hidapi.dll
- Size
  
  14KB
- MD5
  
  f969000bf80567d439ed32ffdb1f5642
- SHA1
  
  58dca28c6a6c070e52a83c8eaaf7f5ae56565b1e
- SHA256
  
  37d75a98e79680ca1657704e38537f50eb9eaebf2b7475540896a253a6aaa81f
- SHA512
  
  67a8366262a3fb66aa45aa0841572ff8d97d5a522fbeeeb3cce407d93e6d090d1d20aef482944e43c3e966f3a3cc31f17fa9df6151bf90730ef6be71ba8d1f0c
- SSDEEP
  
  384:KaLgy860MvQnG/zU2qBP/b/MTrEoRFXZ0CV7Zz:1LvzDLqBPj/AjKCxJ
Score

3^/10

discovery
behavioral13
- Target
  
  imageformats/qdds.dll
- Size
  
  40KB
- MD5
  
  ee3181bd0158a35194dcbba9c8f1dab9
- SHA1
  
  507490b4d8bd912691679e6ad5ab48b8f2f007d1
- SHA256
  
  a9ecb8941d7ebbafe1807d8c7850eaf5c98a5dfddaa48184f92e0f0c96533176
- SHA512
  
  2cef91e7e40cea9893355fcf16a56a1fc6db31779067df463d5d29eac8d90ac9771e733ed28ec3067ededb9b02a5cd3701a08958d8f0a5967c3d62cf52a89702
- SSDEEP
  
  768:xGh7Wjl9T/zrspEC7l5cxv10HG+OBYaeRVKhUsVjQiaA:Ih7El9DziEOl5Q0HG+HRVKhUseiaA
Score

3^/10

discovery
behavioral14
- Target
  
  imageformats/qgif.dll
- Size
  
  25KB
- MD5
  
  01a145666adc23acc2ecc9ca902c205e
- SHA1
  
  82af430fbd4add9e8068986872ae518c8bcdca37
- SHA256
  
  6fcb28fdcb08fc6119628d7f0b4371b9ad621856878d60855e1bb5d17b2d641a
- SHA512
  
  b27e11583221aa5aae7dd63c16ba60f5e5cb4145f738ccd3d1acee41829ad61f70d69475234df0c5014a8504cd316f07203bb1377fffb3be3a0052ee300dc344
- SSDEEP
  
  384:rtWC0TG4p4C8eWRQ9fEMxDLzDIBbssWpcgZsAI3/SjFkhU1JbVtYIWqXL/rBTp:ACHUHi4xDLzDIIpDsAoKBkMLuIWqXbh
Score

3^/10

discovery
behavioral15
- Target
  
  imageformats/qicns.dll
- Size
  
  32KB
- MD5
  
  78977de22a8ade0d60647010128de817
- SHA1
  
  4c544740aa9d85bfbbffea24c90c4a0fd77d0c44
- SHA256
  
  5be3660c600d7e16c5d902db0a08e706aa5c7dfc88253709631cb7afc19a617f
- SHA512
  
  cc8bcd069051aaaf1867e940a85072e53ceecef47369b4f93a1b425eae5efa992dfe589c9dfb49bc79cbd1da57387897983c03a7e3e6efa8bf14c88ec2fc6c67
- SSDEEP
  
  384:acf1QqImgJhM/AViuMtpmeAhGVJM3w/1Mz4qS5mbPhSuI5TYiwVSPG0rJ1PUh4L:NdgJeoTMtpmlhGVbNcS5i+rJ1PU4
Score

3^/10

discovery
behavioral16
- Target
  
  imageformats/qico.dll
- Size
  
  27KB
- MD5
  
  45de935dd74cb0638203b63bc7249e6a
- SHA1
  
  80986b7891fa6b5fbe21fa573cb2c9eaa85de75c
- SHA256
  
  68cbdb56054b1de36723444b1dfe5063535d1a3fe5c1cc14b9f211833fb9d1ac
- SHA512
  
  94e1e79fa29db70c60eee6cd5a750688bb8ce330d59f3473ea4a2e6d4d09759e4d0d41a439bd73c2edabe3d541eb39f5e76212f7a9ad4ea4940b903f902a0cef
- SSDEEP
  
  384:J4mTNQRepukFysTYeIwUSNhn2sUa/oYJ9bjJCha+P5ZmbLYU5Ql9CSX:9TWauutY3SlUaQYJJjJC5ZlU5Ql9
Score

3^/10

discovery
behavioral17
- Target
  
  imageformats/qjp2.dll
- Size
  
  462KB
- MD5
  
  4b6bfd59338fda577dc8bbc446a25012
- SHA1
  
  6af099de95a61660c7b55d60536ac32e631150e3
- SHA256
  
  cb728d19a9a8cbfb93a7bc4f2818fa193df9cca8e2e6046e6ba348922aef7746
- SHA512
  
  e5d7e1d745b049fd3c9c42307c7e0f64e0a5681180fc0371cccf8f5293947fd596c6db9a886eb2721c717f380e7c540568ac7ee8aa61ece53f3cc51ad736a824
- SSDEEP
  
  12288:9PcZGxma+s1hYwdELS8bR37Z8iSEzhhIqVC6uXME:9EUQajVELS8bR398iSEzhh9yM
Score

1^/10
behavioral18
- Target
  
  imageformats/qjpeg.dll
- Size
  
  240KB
- MD5
  
  a6a231bb476d325980b6977db53bcedd
- SHA1
  
  f171173bd76415597c8cdfdc96275426b842369e
- SHA256
  
  1eeebf359c3c622c941504b095ecb888747330de3201eecdf0efa43c2cc11ee7
- SHA512
  
  233908e270bf0d31c39b4de3bb1768acddd8046614869fc0033233c60d0d99a77f18e4099a18d8383467dc3d3de41fd717902db0103f2861b59440d0cc4a26bd
- SSDEEP
  
  6144:sRVvuP1JjE+Jt0LuWkpNyXp1xp7S4L/VQZNRW1hNmp29kdFqqy:0Vvupj06pNyXp1xp7b9KN
Score

3^/10

discovery
behavioral19
- Target
  
  imageformats/qmng.dll
- Size
  
  266KB
- MD5
  
  6d87a0a59eb6a51607f827c99b3a8557
- SHA1
  
  6b51c6a65e56a646ee52801fc7b18302589e5aeb
- SHA256
  
  8824c44533e3e09b322bc0afe79ffd5c220097e764a9202a8996971a5f167ac0
- SHA512
  
  2bb723be757addef8d6f7006f8c6d389ccf0b9ce456522f86673d5b5df344cdac8c6f2722a3c011ad2283bffcfe4019dce20d49e4af03ef84e4eada655e54d3c
- SSDEEP
  
  6144:tPaDFas2vypZsi18llH2qsoSgjIyktN9XL9WxHQXOY/i/OlS7kZ:tiDU6pZlklM8UW5Qo
Score

1^/10
behavioral20
- Target
  
  imageformats/qsvg.dll
- Size
  
  21KB
- MD5
  
  c9bc303ffb685ac22e8a9bda055c173f
- SHA1
  
  334396531f92cfc48720b3b1140143ea0e350519
- SHA256
  
  e9b52a123e2f9518ab1b211499ec567bb6d3747b55963ff6e7879efd04be2917
- SHA512
  
  55817b7f91bde6cdcefd8652a36358093f04f041d0c24cfc11003d1f008736f46d586fa763fd62cb5d559141c1db992f837834f10a3abd9adb95583779ede755
- SSDEEP
  
  384:vJqGFJXNELoqmsmHKVc/E+/QbsLKmb5I+1I9eV5:x9FJ9ELoqm9K+c+fKmI2I9u5
Score

3^/10

discovery
behavioral21
- Target
  
  imageformats/qtga.dll
- Size
  
  20KB
- MD5
  
  aa6412f3d72751c1582021b44104381e
- SHA1
  
  6fe3d087af70e1d5dee99b1be9e9aec7629f897c
- SHA256
  
  16aec510ca846677cc94d856f5499cdd53556ab8dd884b52e7ac7c88281b86da
- SHA512
  
  e6c81888850bee0831ce439f7dee9c64ab01da30c8ce2f483a98cdd82485a9045504886282a911d5c6dc5634fd919e2d7f1e2e4d59a3ee652d37cea6035244fc
- SSDEEP
  
  384:Hg3KSyc9d+/FoM8M3+SfmbLtXS8mZiExkM:HKyQctoMz3ZEXS8mk4H
Score

3^/10

discovery
behavioral22
- Target
  
  imageformats/qtiff.dll
- Size
  
  309KB
- MD5
  
  e90690acfe2f97e6b5675c53c53faff4
- SHA1
  
  8cf52a0b75b064b2fdbbcfa16398aa4c6ee5fd12
- SHA256
  
  3c4c0bbcfab1783b03b1d5e48f6c178cedaacc6a18dcf6a797ef23c0f2f7b218
- SHA512
  
  c2841f39c7d8f8fcc7cb200772e53172085974b0f7ee996408358ea3ab383e315680389f4c04fc236e1fa0fc7309f7f62b4af83d231d1c8b724aaa0bab31324e
- SSDEEP
  
  6144:FL8zfK6H8XiOIoz33LZfDGcJKFF0R8biXkyVC:6zCVSOIozNqczC
Score

3^/10

discovery
behavioral23
- Target
  
  imageformats/qwbmp.dll
- Size
  
  19KB
- MD5
  
  6e958ff5233dad22602f1274dcd6af09
- SHA1
  
  9f2f4d81c76f269eb40f28376be057816530ae7c
- SHA256
  
  5bcdbb1d4474c05081ad0300df7da6ac5973c0d211269286afd74832a1140edf
- SHA512
  
  f1ee72957faa17d3d3f031b074821949a1322d1023548c320ffc28aa479d45303feafa988dc8e64a9b2752b25fdb8db736e6d101a5e7d9a3645ed21a2dc4d304
- SSDEEP
  
  384:G6CkrolCdFj2W3e/zcsuJCi4Y57mb3hGQ0J7:mkFj2b7csuJz7MGr
Score

3^/10

discovery
behavioral24
- Target
  
  imageformats/qwebp.dll
- Size
  
  362KB
- MD5
  
  afa21004e84147b38ecda467db9e60e0
- SHA1
  
  7d0af3e682f614f245af26d0b1ccbe5692c378a4
- SHA256
  
  76367072ce09bc58a0042af8688da9a71ee7d7b0e1cec32023337e9efb1f9440
- SHA512
  
  e570bd9ab31c2473846e00378fdfe134dba7342607aca33aac99bd9b611e28d2ac1bce8364ee6785132eb409a6ea2759c4c250d91d379eedf32225180ce9ca8e
- SSDEEP
  
  6144:cTzHOn0APn3mPtpDD0MmHM0bxZRf936Fs2AMxOj9xIu4:MbC0AP3GD0MK2K4
Score

3^/10

discovery
behavioral25
- Target
  
  libeay32.dll
- Size
  
  1.2MB
- MD5
  
  722c7225447f499ea7394736a4029357
- SHA1
  
  0098a723a358b92b62b1e51845dec2d2b58dbcbb
- SHA256
  
  6720af07807030f31f28df7790c5d24584323e94329b92ba3d53d8d7bee05386
- SHA512
  
  d68c633b5460c6b84fbd18632feb2e53bd56497b0b383c0a48b41fbf84ece73257c5e62a16a0aa8ccb7bb721c75b29466106a757c0c145bf0c9586a2033f9cff
- SSDEEP
  
  24576:RPp+KpPvZHH/6pLyTAEJpHfQKvaP+v8IPH331DlpRhAaCn+tP8J/988oHZLb:fpHH/HG2v8IPPPhfCn+tP8J17oHZLb
Score

3^/10

discovery
behavioral26
- Target
  
  platforms/qminimal.dll
- Size
  
  31KB
- MD5
  
  be16023546715e9d3d5ed16bd52ce152
- SHA1
  
  d651295bc493d4b5b397568aae19d071b47c1bf3
- SHA256
  
  b83674f5f86d1a3304ac6a419affd5c9656d9f0f3f8484d94619c6efd6b48e51
- SHA512
  
  13eb542e8d63d509d9eae6e26af85a3175aee78878841541e9b03d569e759429e23d2f7a174f2bdc97ec66022bef2e4216124c17b1b08bf687ffd50bf259cd6b
- SSDEEP
  
  384:nvSDEQg4gA+noGUarcG/qShLCmaTBmEcv4MdQ+CVhljjsiUKM22Sl6ImbkhhN849:qDaTAYoErxSSIma7bl6IFhNv
Score

3^/10

discovery
behavioral27
- Target
  
  platforms/qoffscreen.dll
- Size
  
  525KB
- MD5
  
  21c2d96c39a5cf03fab638b9efdad0b5
- SHA1
  
  768a149d9a6a88bece3558e95e0361355729666f
- SHA256
  
  2aa22674c0dfc5c2886a86066648a4da3cff6363ed2e34670d6a09d83d92a04f
- SHA512
  
  58ff70b08b262287033bc88b6588117dbae73257ef44d45517324266a1a27e0a7221178aa37083533807feb028b595f552cd32eeaf834a9d637ec69fc039a1de
- SSDEEP
  
  12288:/Sh7II7qA03zjJIA05cIHTIMxyA8wpINTLyK6miQ7XfEWm:qh7+AsyAESwKl6Z
Score

3^/10

discovery
behavioral28
- Target
  
  platforms/qwindows.dll
- Size
  
  967KB
- MD5
  
  96552875c282086fcd79ced224cb29a9
- SHA1
  
  b3824c02d380d7645670345461a0ad67030d3978
- SHA256
  
  cb953c4e44b50e65cfee13856bb750ec4e7617add05a956cc0b9eb430eec5937
- SHA512
  
  c00ab536eff02371ebc36d07180445db2f8dde3a59b69d1968bfec8ae9461a251baa11267382da0b7b6a922b6ec452faab422866fbaff8f5bc3e08c32be7382f
- SSDEEP
  
  12288:JKxCd71/DXsPnio+aQwO+d38mKOtFFnzNmSu3BNUvAW19liFgzRbqDTOb1MfEWmf:JKa71LXYio+v+BWOTqQIKM4jx9ZGO
Score

3^/10

discovery
behavioral29
- Target
  
  ssleay32.dll
- Size
  
  285KB
- MD5
  
  f50e5955e71034b57d33850877e970c0
- SHA1
  
  7911856de1a9e3025b8828aa29f6bee5a8bf8d9d
- SHA256
  
  bf49dc783ffc58c81461df85b1672998219a05fff8c4ae9bd3051ad7b753e3e2
- SHA512
  
  ea1d1209c48bb4c655192aef74029e102f2b7c88d5651560dfad7fb08864e6695f5dd0a1181cb4fb6ad24ac55b186f61fcbaeb1470c84c91c51435697b2c87b5
- SSDEEP
  
  6144:ygektdk3wYvcEbXTBBo+oI0nNEYtV2An9ZgNNYn73G81AVZ7sND1p4JR5bRML5pk:yrIk3wYvcEbXTBO+oI0nNEYtV2An96Nb
Score

3^/10

discovery
behavioral30
- Target
  
  uninst.exe
- Size
  
  425KB
- MD5
  
  a66cd68e574c04fda61a2f579e053f24
- SHA1
  
  8244163229f4ce6f31bb18b93f7228785eb40c3c
- SHA256
  
  cc0bfdfb8e26f009f903767ce604c4ea380dc328cb1d762ca64edaa12aafc6d9
- SHA512
  
  d48fa2f3a6b32f9579d09a1d97e54e8daec6ac8ee02c1afc9700071a13b3a8d3b9ef07945282ed151d9a19b18b780820e299fa8334002f63e20307cec4553359
- SSDEEP
  
  3072:vLuXzXwYyr6Doocc6AWyl5gVjATqzq+kRrU8rUCuB:vpIJWyLT+iReCuB
Score

7^/10

discovery
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral31
- Target
  
  vc_redist.x86.exe
- Size
  
  13.1MB
- MD5
  
  1a15e6606bac9647e7ad3caa543377cf
- SHA1
  
  bfb74e498c44d3a103ca3aa2831763fb417134d1
- SHA256
  
  fdd1e1f0dcae2d0aa0720895eff33b927d13076e64464bb7c7e5843b7667cd14
- SHA512
  
  e8cb67fc8e0312da3cc98364b96dfa1a63150ab9de60069c4af60c1cf77d440b7dffe630b4784ba07ea9bf146bdbf6ad5282a900ffd6ab7d86433456a752b2fd
- SSDEEP
  
  393216:S1RPq5dCsKSR65cX7Eyd/qnejOFxP7OEnl4L/Vvc:yP5iw56oyleej2OEnlwc
Score

7^/10

discovery
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Checks installed software on the system

Drops file in Drivers directory

Deletes itself

Executes dropped EXE

Loads dropped DLL

Loads dropped DLL

Checks installed software on the system

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32