54b51bf19ffce063577597534e1658d25e5756072366cceafec91af5d7382f4a

Sharing

Copy URL

Twitter E-mail

General

Target

V1.5.6.+.V1.5.8.zip
Size

3.3MB
Sample

241010-rp4k4szdpg
MD5

376d8646fccd79826d049751bc72ec81
SHA1

63b00bc8e21d97d3be49495a0511b7d38645b6b2
SHA256

54b51bf19ffce063577597534e1658d25e5756072366cceafec91af5d7382f4a
SHA512

b6bfee3294055bf0344430bba9d7ea82c55cb4aa6b84b437ad267a48f48f0f3465f47857a8c8748b42a3385eb783840cbd968395ac860b31a2005986b147cf77
SSDEEP

98304:4irm4peYUuEpjoaua/Iu9ugQ4uPlUST1laev2j:4L48iEWCj3uNbld2j

Score

7^/10

discovery execution

Malware Config

Targets

- Target
  
  V1.5.6.+.V1.5.8.zip
- Size
  
  3.3MB
- MD5
  
  376d8646fccd79826d049751bc72ec81
- SHA1
  
  63b00bc8e21d97d3be49495a0511b7d38645b6b2
- SHA256
  
  54b51bf19ffce063577597534e1658d25e5756072366cceafec91af5d7382f4a
- SHA512
  
  b6bfee3294055bf0344430bba9d7ea82c55cb4aa6b84b437ad267a48f48f0f3465f47857a8c8748b42a3385eb783840cbd968395ac860b31a2005986b147cf77
- SSDEEP
  
  98304:4irm4peYUuEpjoaua/Iu9ugQ4uPlUST1laev2j:4L48iEWCj3uNbld2j
Score

1^/10
behavioral1 behavioral2
- Target
  
  V1.5.6 + V1.5.8/SecHex-Spoofy V1.5.6/SecHex-GUI.deps.json
- Size
  
  55KB
- MD5
  
  33784d40d169fa2ad9bfa73eda3ea7ef
- SHA1
  
  4e1d0fd1107a990e36050339b1726493a9a6f31a
- SHA256
  
  2fc1a3f36e616cbc3cd8be04f8bf7ed49f927b69b4dc14e8a21ed65fe262eb08
- SHA512
  
  e2d05e91bf1df0ec66336a6f04e18fc0fee0da3e297765848fa8e8649e7bc4a25cb5f599e43e293be5ee9f5e76f66b99958c13239c9324b1c5500fb3f6c4c7d3
- SSDEEP
  
  768:YXlcu7EJBuR6ML1O/1u33ZHZsSB1W0YQR:Wlcu7EJBuR6ML1O/1u33ZHZsSBLY0
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  V1.5.6 + V1.5.8/SecHex-Spoofy V1.5.6/SecHex-GUI.dll
- Size
  
  1.3MB
- MD5
  
  ad714ee48d2e829c5012c65de6166c05
- SHA1
  
  5880bac89ca346dae62c053aa49c028372388edd
- SHA256
  
  7d32d13d123871650794a1e172adc70bc8dafbdb762f49d889f813844d532b20
- SHA512
  
  a51252950455dbfb5dfd564689e605b022bdf26f80ad12f3fde3e341a14b8f764324ff3be6f29e4855bd499141e23628e9aabb0e439627dc802814db091d54ee
- SSDEEP
  
  24576:ZfaPwrgBrO1BKH8jPcWYVxHCoh0XeV61r9qZWe7d7NWS91GsVz9cebgS9aI:ZCPwrgBWBKH8jkDVFCNXODzWS9HfX0HI
Score

1^/10
behavioral5 behavioral6
- Target
  
  V1.5.6 + V1.5.8/SecHex-Spoofy V1.5.6/SecHex-GUI.exe
- Size
  
  144KB
- MD5
  
  a3a73bb0b21c4c4c0771d4fda37ad34a
- SHA1
  
  a61e96bcd872da24a548b9d2bd706af102426cea
- SHA256
  
  9c04ca4639650f2707e817c8852bf8e128ab328fa4ef790aba96f8ec17ad5316
- SHA512
  
  b4bd8522d784ed13e8aaf25ab10c3b7a08bc665d79fe1365339381cd783d4df010bf5e0cc934ef6a93592d471bf2e9b67015a680f2454cb1e6a37f889dfdea68
- SSDEEP
  
  3072:98vbzyQ6Y1YXrbNK+3FNxacPEMk65RQA2TWk:9szAXNK+3FVFRQdTW
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  V1.5.6 + V1.5.8/SecHex-Spoofy V1.5.6/SecHex-GUI.pdb
- Size
  
  32KB
- MD5
  
  d2f1182da0077f1e60e33f1efa03584a
- SHA1
  
  af832c5fe748ff688a03823bf47ed5902fbe4236
- SHA256
  
  593169a5292387ff27c5c5de33db0fa1eaf65290fd52c6ff93d49233e7ebdebc
- SHA512
  
  b88d30fa31a885e5b1cec1306ec446d85f2be689f7e043d4e85ea98c4cbec052558aa1555576a640fc49d890763732a7306ff492a788439d5792ebf566e43c1b
- SSDEEP
  
  384:bOxouqQ9n3YucMaWQbuKaasvSlKzGIEoDL0EhM7bjeArX9komVAQHHfisbHtixhV:CxvqG3D+2LQeEatahvH45wF3e4Mjl2
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  V1.5.6 + V1.5.8/SecHex-Spoofy V1.5.6/SecHex-GUI.runtimeconfig.json
- Size
  
  266B
- MD5
  
  d720176a229e9d969b40fabeb0baf62e
- SHA1
  
  f2d8e97a6c6098a10dd80553eaaef7547ad32ba3
- SHA256
  
  321b4e463bbacd6113aa337511bdebf5e7356e9971744346b28424607c7b483a
- SHA512
  
  0844f9aca147014a68248c43310bf97e0a0a3679fc84650aa0a27aa09f70f56fa071c0ace1be80f0e33ce4dd3f865eae11e946d98d21af916dc1a7f945acaba0
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  V1.5.6 + V1.5.8/SecHex-Spoofy V1.5.8 (testing)/SecHex-GUI.deps.json
- Size
  
  61KB
- MD5
  
  64ae126cf65a9096d5730e060b448293
- SHA1
  
  621bce8056a378974cc38788bee2c3079aec7a87
- SHA256
  
  a4cadd5c4f3922a4ada9e4bbc13e2bd779280a9b8cf537b66475fb3559bc7122
- SHA512
  
  8eb0dd523d91555ff65681ebb2d482e86e8ee5c2a8842fbbb479d164981d3d398308d335f8c3ba813007c16bf738c7ae72e4eb3c9d3ec92f4f09312e09261dc2
- SSDEEP
  
  1536:9+lcu7Ll5JBuR6ML1O/1u33ZHZsSGKm6Y8:8lcu7Ll5JBuR6ML1O/1u33ZHZsSGKG8
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  V1.5.6 + V1.5.8/SecHex-Spoofy V1.5.8 (testing)/SecHex-GUI.dll
- Size
  
  1.8MB
- MD5
  
  5b65ac01d6babf936451fb1540a680b4
- SHA1
  
  48fae5874d20a27ab24eeda3a34b36d0e157a15e
- SHA256
  
  39882d08403185d68a6363eb5066bd212003fbd479e6aa78ffbe97c4191949fe
- SHA512
  
  41f3a2c83542f94011f6a8dc02d46f2c5fdaa4a3134838c2701daa68f7a12b0e0e61592c38a1d32443573b92807a5137e1127125f69200cbedb9ff97a77eaa81
- SSDEEP
  
  49152:0X/lx35IEurgBWBKH8jkDVFCNXODzWS9HfX0HId:0X/LJIE3+KH4kpc+DX/0HId
Score

1^/10
behavioral15 behavioral16
- Target
  
  V1.5.6 + V1.5.8/SecHex-Spoofy V1.5.8 (testing)/SecHex-GUI.exe
- Size
  
  183KB
- MD5
  
  c252a43b1d357d08308690545c617031
- SHA1
  
  10312402951264e103983c4c08582b785b588794
- SHA256
  
  b779b45849a4ab5bd8ff296e6c95638c5be4da18b67f1fd195b31795bc21cdfc
- SHA512
  
  c3f359c1bd57276ee9422151e7b32a8232d88b0d2ea220cdd4c1323c39ba7a19540dcd52b393de47274fbbac1b46f4e75d34173fb037ebc755307c80c8cd586f
- SSDEEP
  
  3072:f8vbzyQ6Y1YXrbNK+3FNxacPEMk65RQA2TWTa/2udv0lf:fszAXNK+3FVFRQdTWTJ
Score

7^/10

discovery execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral17 behavioral18
- Target
  
  V1.5.6 + V1.5.8/SecHex-Spoofy V1.5.8 (testing)/SecHex-GUI.pdb
- Size
  
  36KB
- MD5
  
  7d0e9a9ae399a11b9b6645cb1577c326
- SHA1
  
  dbd70768aa768b1570dfc0c14e0c3a25f809dd4f
- SHA256
  
  64d236de60ea2d3257dba85c5c1dfa3e8c2123821f8e4ade7c0cdd1c3a1d4a37
- SHA512
  
  45d74abd07f05b92cf9b85213db1cc6e2890c91346e156fce18347d32c2c873558cb679cd4307636256f3ca0ab2599498d060b9206c28064c479b70e12172606
- SSDEEP
  
  768:x2414TNpWNZH62L4eERtahv4QGy9VtrPdcBdl1lu:xzeTNpW37U0hFvxdUf1lu
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  V1.5.6 + V1.5.8/SecHex-Spoofy V1.5.8 (testing)/SecHex-GUI.runtimeconfig.json
- Size
  
  266B
- MD5
  
  d720176a229e9d969b40fabeb0baf62e
- SHA1
  
  f2d8e97a6c6098a10dd80553eaaef7547ad32ba3
- SHA256
  
  321b4e463bbacd6113aa337511bdebf5e7356e9971744346b28424607c7b483a
- SHA512
  
  0844f9aca147014a68248c43310bf97e0a0a3679fc84650aa0a27aa09f70f56fa071c0ace1be80f0e33ce4dd3f865eae11e946d98d21af916dc1a7f945acaba0
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  V1.5.6 + V1.5.8/SecHex-Spoofy V1.5.8 (testing)/runtimes/win/lib/net6.0/System.Diagnostics.EventLog.Messages.dll
- Size
  
  782KB
- MD5
  
  286f0a973cf2332fbded81cf541fff06
- SHA1
  
  c712b399a1e9217625cac0fa8dfab1c681eb5174
- SHA256
  
  3a2ea792755bbe4674f349d7870aeb917494ac39f96a9e5d9625d4ac68dc3ec5
- SHA512
  
  3b615c3071cf8c13e972391d53ad8310092d2503cd085334162cedcc141b1d25df2694b0034ca87d9dcab26acd69cbc3358deb7bac8a1ec24c142d39eb4e2ac5
- SSDEEP
  
  192:knrMpXKRZwW+1OwvHnhWgN7aFWa8l98RjchC6zm60X01k9z3AifUX:erGKiXvHRN7b8RjcM6a1R9zDfe
Score

1^/10
behavioral23 behavioral24
- Target
  
  V1.5.6 + V1.5.8/SecHex-Spoofy V1.5.8 (testing)/runtimes/win/lib/net6.0/System.Diagnostics.EventLog.dll
- Size
  
  139KB
- MD5
  
  62c63c04c6083330d020cf855c85002c
- SHA1
  
  abfd4f92b132ac47e9b049545be242f86f9a389e
- SHA256
  
  fac816ca0bd5d9c4a17693b37575a5aba901d993133b61d7344b597472fa0c26
- SHA512
  
  afa4870e91b5528001b6a4019b068aacfcaa8040bb492c12b1dca9b0cd236d847b376d77b6222875eefe0ca377babaa541bfbb19f0165fc305775c36134a79a1
- SSDEEP
  
  3072:PDIYZl6zdsy6PbTH2WAwPvXSMoiWJoQ46Kjbj4+:fZAGyoTH2yXSM4u1bD
Score

1^/10
behavioral25 behavioral26
- Target
  
  V1.5.6 + V1.5.8/SecHex-Spoofy V1.5.8 (testing)/runtimes/win/lib/net6.0/System.ServiceProcess.ServiceController.dll
- Size
  
  66KB
- MD5
  
  1c710ef8481e54352a4e1f66a8f7ad8c
- SHA1
  
  ccd1388f0f418e7f74f10bad6f32c175b68e6880
- SHA256
  
  d11b97c114101961bcc7acb0bb17e536708593c0321b6107942fba20cb430c65
- SHA512
  
  f658e2a506e8c7a11a8e91ff069b63e84a1131742cd1928f2b9ca77e97ebbfdcf64b9452496f9e345a9fba70863ce3928fe6c5886a09f2c84682893ad4e1451d
- SSDEEP
  
  1536:1zf8ajD3rRdO3OtMdq+K7j3RN0pmDf93zu:1zzD3116dq+K7jRNKmZa
Score

1^/10
behavioral27 behavioral28
- Target
  
  V1.5.6 + V1.5.8/SecHex-Spoofy V1.5.8 (testing)/runtimes/win/lib/netcoreapp3.0/System.Runtime.WindowsRuntime.UI.Xaml.dll
- Size
  
  39KB
- MD5
  
  7141c72e54fe9a7ed39ef89814de67d9
- SHA1
  
  bccef028036224c6f0bb168d104d0f6adb186dc5
- SHA256
  
  884442e44bcef27d917e5de5b69cbd4a297830e0b98b84495c7ab7486fa47332
- SHA512
  
  9d3a1da9f050dd7df26f3a35dcfef5766adf4d3627b9d28a57359414b1d67aee7a8b6176674a01a5a3b099e21be5ce9d3c911af42fe5150469e37ff8a92a7efb
- SSDEEP
  
  768:XFUvumWzh6pCPtrpeHWGj45ZOo2HNB+LXDPp8vkyFww8L1v:XSIzDW2Gjjk7akyFwBxv
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  V1.5.6 + V1.5.8/SecHex-Spoofy V1.5.8 (testing)/runtimes/win/lib/netcoreapp3.0/System.Runtime.WindowsRuntime.dll
- Size
  
  130KB
- MD5
  
  0198a79063c865ed21c95b7400ddd9fc
- SHA1
  
  b56b4bc0760914149e8d43288d5c151b7fb8ab43
- SHA256
  
  be26699765f700a29c3928e10f6d1e02a297dff3ba6eb7afb6ec41003cb3d665
- SHA512
  
  fa77da06a33ae646f69dcadeaeb71524a91cbdd1e9d8008c5fa278039bede09dab87b74765ff5fdf133a4f864d2a324659618d58a30e7dd165408b1c3be889ef
- SSDEEP
  
  3072:zmhU+vMwoh1Zz+Wzvo3Z/O6ZFJX3JhKLqAOd:zgU+Ewmz+W7m/DFJXvKe
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

PowerShell

T1059.001

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

System Time Discovery

T1124

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32