General

  • Target

    2608fc0060721b4ad5bb722e92e61ce4b16e98795fe878d92773da14b8576beb

  • Size

    1.3MB

  • Sample

    241108-ayl9ratnfm

  • MD5

    fafa58d1183911947366ef1e768b0f92

  • SHA1

    6074cf088d335f664e6eb1ead20c814c78217750

  • SHA256

    2608fc0060721b4ad5bb722e92e61ce4b16e98795fe878d92773da14b8576beb

  • SHA512

    a8b2a8177ba92f5330b09c41ede38ba5d9360a816cdf26944898eafefe10a8aeb344e2f3473f2253433599d48434540ef5362c70aee65584042409263e174b97

  • SSDEEP

    24576:0dZYvRoNyaooMslvC4AVeJ3H6UaLDd6lcBUcb6lkcSOqgEhTB0m6aoOcn+D:UZOWNyovhAVG3Htyd8c1bqYgS0POc+

Score
5/10

Malware Config

Targets

    • Target

      2608fc0060721b4ad5bb722e92e61ce4b16e98795fe878d92773da14b8576beb

    • Size

      1.3MB

    • MD5

      fafa58d1183911947366ef1e768b0f92

    • SHA1

      6074cf088d335f664e6eb1ead20c814c78217750

    • SHA256

      2608fc0060721b4ad5bb722e92e61ce4b16e98795fe878d92773da14b8576beb

    • SHA512

      a8b2a8177ba92f5330b09c41ede38ba5d9360a816cdf26944898eafefe10a8aeb344e2f3473f2253433599d48434540ef5362c70aee65584042409263e174b97

    • SSDEEP

      24576:0dZYvRoNyaooMslvC4AVeJ3H6UaLDd6lcBUcb6lkcSOqgEhTB0m6aoOcn+D:UZOWNyovhAVG3Htyd8c1bqYgS0POc+

    Score
    5/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    • Target

      $PLUGINSDIR/INetC.dll

    • Size

      24KB

    • MD5

      640bff73a5f8e37b202d911e4749b2e9

    • SHA1

      9588dd7561ab7de3bca392b084bec91f3521c879

    • SHA256

      c1e568e25ec111184deb1b87cfda4bfec529b1abeab39b66539d998012f33502

    • SHA512

      39c6c358e2b480c8cbebcc1da683924c8092fb2947f2da4a8df1b0dc1fdda61003d91d12232a436ec88ff4e0995b7f6ee8c6efbdca935eaa984001f7a72fea0a

    • SSDEEP

      384:wv1j9e9dEs+rN+qFLAjNXT37vYnOrvFhSL+ZwcSyekzANZBJ:w1AvEs3HBLzYn29vYh

    Score
    3/10
    • Target

      $PLUGINSDIR/OWInstaller.exe

    • Size

      2.0MB

    • MD5

      f6a126a7d993862c79230bae3e2560b8

    • SHA1

      ed6165364ccd050bb678d37680c17fe8b3612c91

    • SHA256

      eeda16f2ebe8a4ffa7c0eb32c308cbc740d425141316b6e1ebad7973a3b1ea78

    • SHA512

      0751ea611e7c86dfd3f375269efd1280037bd225deb2779e8ef5aa32e6575c529dadec17e211c46608f7bf7918e0b93867b50feb2f555751177c093eaa8ea3c4

    • SSDEEP

      49152:pUP049MkI0IVLc5kHPB7rLm1yapIZco86:pUP0h9cCr

    Score
    5/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      7399323923e3946fe9140132ac388132

    • SHA1

      728257d06c452449b1241769b459f091aabcffc5

    • SHA256

      5a1c20a3e2e2eb182976977669f2c5d9f3104477e98f74d69d2434e79b92fdc3

    • SHA512

      d6f28ba761351f374ae007c780be27758aea7b9f998e2a88a542eede459d18700adffe71abcb52b8a8c00695efb7ccc280175b5eeb57ca9a645542edfabb64f1

    • SSDEEP

      192:eF2HS5ih/7i00dWz9T7PH6lOFcQMI5+Vw+bPFomi7dJWsP:rSUmlw9T7DmnI5+N273FP

    Score
    3/10
    • Target

      $PLUGINSDIR/UserInfo.dll

    • Size

      4KB

    • MD5

      9301577ff4d229347fe33259b43ef3b2

    • SHA1

      5e39eb4f99920005a4b2303c8089d77f589c133d

    • SHA256

      090c4bc8dc534e97b3877bd5115eb58b3e181495f29f231479f540bab5c01edc

    • SHA512

      77dc7a1dedaeb1fb2ccefaba0a526b8d40ea64b9b37af53c056b9428159b67d552e5e3861cbffc2149ec646fdfe9ce94f4fdca51703f79c93e5f45c085e52c79

    Score
    3/10
    • Target

      $PLUGINSDIR/app/cmp.html

    • Size

      4KB

    • MD5

      7c4c64c1c57183740825417cab13824e

    • SHA1

      9d796612a9a0a0868f10f468cd929220aa9dde55

    • SHA256

      10fdd5b9288580da92318e5306c753a16d97463ce9c620d90b4fd0702ff27216

    • SHA512

      f45295ecc4012e5016561a0e4a6aecda1dce575da85222145db8004711dcb84e6be77f002f01502866fcae6364df53254bf0d638552390f18459d360e6eaaa97

    • SSDEEP

      48:t9rc0/GLAoShbEHaLKNGiNQtvmolOGR36tgtr/GTvJP3ALcaILNt7ByBZXGz+a1K:4VLjHa2NGiivmmppLBAtFwAk5vSG

    Score
    3/10
    • Target

      $PLUGINSDIR/app/index.html

    • Size

      18KB

    • MD5

      7d3e8c3819dd12273bf0581a1293e4e8

    • SHA1

      54a512400d91aa6b0364e800f21ec20ffee00d46

    • SHA256

      e0a21b254c77b39af6b9cd3208a8e9231f819dfe880864115ef571f3dbf367b5

    • SHA512

      3b00c7afb31f1f4619bbb51430a6ebd2cf0d90af8d7f9128da265da5e487b26fa3d8115f84380e793f0977a2c1bd1c8aaa9b450e878772d51d342f0016c33193

    • SSDEEP

      192:8sdqpDN4FHmY74+/qmtRCtmK8W9I2gHHMlxh8B39LJXHab4mfgJnc5wC93u8hJuv:9BaMminGV+k8f1

    Score
    3/10
    • Target

      $PLUGINSDIR/app/js/app.js

    • Size

      19KB

    • MD5

      5d61fe70cf5cc2c5fa1ff8a5de745b2c

    • SHA1

      64b2eae652ab435ea8bd1df0b46860d1a91df384

    • SHA256

      dcd05165e51e6f74fd2a3a844e05ccd84a794f6b35267c6d429843ecb093d651

    • SHA512

      34800144f33074352866ee188be4bb81f63ad52a4b9ec207463859d19e3b2c12afc1c1db93b6f1302c170c41377579a136f4acd00f02a82ad4a719184b4f4d09

    • SSDEEP

      384:4+Fdc15Zmb9plmt002wjI3A98zwF52xxYRdv7XR3FGHtH:hF215wbdmKH3A98zIAnGdv7XR3YH1

    Score
    3/10
    • Target

      $PLUGINSDIR/app/js/block_inputs.js

    • Size

      789B

    • MD5

      b5b52c92b90f4283a761cb8a40860c75

    • SHA1

      7212e7e566795017e179e7b9c9bf223b0cdb9ec2

    • SHA256

      f8dbd6793b35f7a26806f4dabad157aaafdf6d66fad094b50c77d60f223fd544

    • SHA512

      16ad53ede5424ca1384e3caea25225589e9eec9e80e2d845948802db90fad222f709a7b651cd7601a34ba67a0627433f25764638fd542cbd4612871308e7b353

    Score
    3/10
    • Target

      $PLUGINSDIR/app/js/libs/cmp.bundle.js

    • Size

      296KB

    • MD5

      ab770f93a2c6d70141f50911b9729a44

    • SHA1

      dd1d856b0c2c67ae6d560c8badc6e95bb059d6b0

    • SHA256

      0b37387945988a371be4df3f11bebba378b65e55e08b3ac189851dbbdceb1bca

    • SHA512

      938c28c59116725983786d0240d1d4da207be93bd524a2fbe44ecdefaa844049e6e2288dbb46b950b7c7cdf6705622f0b50c6e1a42896806ff667998d6cbf95f

    • SSDEEP

      1536:4UGMT5RS+P8pGjQp1jdH6cArFGFgkGXVyWkNTQ+3xXtbs3Z4mSn/C595oRHQRmP8:4Ur5RFgrMcoFGFgxjkNTQ+c3nouR6TQ

    Score
    3/10
    • Target

      $PLUGINSDIR/app/js/libs/jquery-1.10.2.min.js

    • Size

      90KB

    • MD5

      44e3f0db3e4ab6fedc5758c05cf27591

    • SHA1

      2d408aa1d35661019c95adcc60b78c0727ed25b4

    • SHA256

      bc44d3631ffef1df7960e359f02002d3ada45ee05205c2cf1edd85da2f518144

    • SHA512

      4d4844e53e686fc59a52e86588f328dca3ed6fdad7195c58942a98c51755a24981b903ee7c7b27785375eaad5a7d9501cf74b999674b79f214e66103bad9efdc

    • SSDEEP

      1536:O4mCgi8DyCuXXFiJ+L0kJQsJVPEKuQRZdC/RAfDknv+p0WzH/Io9Z7qABZnu0JFV:OGsKYAI2p0WP9bDrJ7fak

    Score
    3/10
    • Target

      $PLUGINSDIR/app/js/models/notifications.js

    • Size

      4KB

    • MD5

      750cbb88cd1fab13bd2711671e3b412c

    • SHA1

      e582aa431a5b311b4d55869aa8037f309f96e411

    • SHA256

      2201a3f04d7372f80e635e5f5012fbd6e9bf5cb9f492e0ca509470aed9626cfe

    • SHA512

      d872118b9b58557e1fa84b04d9fbc5406efab87888dc546d436d46e128753cb73a8bac12c56d235eb253ac5311a88f2e9866e5fd578474d06bfd7fd3a2c9bff6

    • SSDEEP

      96:sOr8u1s9FvYjftfHsWjUQGM8mui+U8QrGjqTzoOxOYjfsfHsWjUQGbjINGk:sGu9yT13oG8K+JQC+/5LTE3oNEYk

    Score
    3/10
    • Target

      $PLUGINSDIR/app/js/utils/analytics.js

    • Size

      3KB

    • MD5

      f3d77a5a5a4958301fa44c42e8c5aa9f

    • SHA1

      867748ec5d9e6110020fc90c40ec3202b7fec8b1

    • SHA256

      bbeef647776288f6cb7c7d209a3126a91958d1c6fdfc9df7a85607d197c421c0

    • SHA512

      f9862bc2c5d79b96192415e53b93e616159cf1cbf5a7a5298f5d07444e243356ebebc35af0cec1d32e3b785bcb91c09f60e9dfdb72eb93db24f1403b2899c5d0

    Score
    3/10
    • Target

      $PLUGINSDIR/app/js/utils/commands.js

    • Size

      9KB

    • MD5

      689062672819512a6cc7de16700ba20f

    • SHA1

      28c683bd7cb1948a300cf2b39714e4ca0e2cfbc4

    • SHA256

      c5eb4e0e8f16d4a7bd117eedd947cf26500cc682f0bd0be71c75fa9a0de3a7c2

    • SHA512

      f82aa3a754433518e1b69b9b5fe22f427ff1b47f549c62ea6f7b87f81c57bbf14614538d7e636f8f2514b7dcd3b9a89c40172c98d41592731676dbcd260739f3

    • SSDEEP

      192:7ITi1djlJg6VjwS1vJzEjMNCU1WStK2Od8uu7alvsvTGmbLLqwvIJO:7kE5JkUvJQ0C6W8tusvxqE3

    Score
    3/10
    • Target

      $PLUGINSDIR/app/js/utils/cookies.js

    • Size

      1KB

    • MD5

      6c60e675f8c8c68c0174b644d3a63a2a

    • SHA1

      3635a3fe07ccc4a6f33a986ddb690522d0611abb

    • SHA256

      9d3cb3822e20d6f5157faa02dc69bdaef44576c3fb5523e00aa152107ce30287

    • SHA512

      1dc9ec7b139bcf37107ecd673c01e4fcc606332ea1645a4a1b4e5d95f817d4c99d5964cd3d941a6a526689341d9623b17b4efc002cdf4c73404299d52b1be452

    Score
    3/10
    • Target

      $PLUGINSDIR/app/js/utils/modal-events-delegate.js

    • Size

      1KB

    • MD5

      be8209120c313de506c26ace0acf2d28

    • SHA1

      eda661d7141c610da7c35c4ac61d78bee3a7a5be

    • SHA256

      31bb2794755a0cc7f1cc85cd2c428b78be7ff7d24978e55a2c1cad016bf01c39

    • SHA512

      18d39ed2101993c4a2c3d242623d699391895f7713a3628b091d04c72dc497a9b7127dc7477169a8ff970484e2d69b2ba8ebb65fad45b1584dcb14fe7bec2040

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

discovery
Score
4/10

behavioral2

discovery
Score
5/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
4/10

behavioral6

discovery
Score
5/10

behavioral7

discovery
Score
3/10

behavioral8

discovery
Score
3/10

behavioral9

discovery
Score
3/10

behavioral10

discovery
Score
3/10

behavioral11

discovery
Score
3/10

behavioral12

discovery
Score
3/10

behavioral13

discovery
Score
3/10

behavioral14

discovery
Score
3/10

behavioral15

execution
Score
3/10

behavioral16

execution
Score
3/10

behavioral17

execution
Score
3/10

behavioral18

execution
Score
3/10

behavioral19

execution
Score
3/10

behavioral20

execution
Score
3/10

behavioral21

execution
Score
3/10

behavioral22

execution
Score
3/10

behavioral23

execution
Score
3/10

behavioral24

execution
Score
3/10

behavioral25

execution
Score
3/10

behavioral26

execution
Score
3/10

behavioral27

execution
Score
3/10

behavioral28

execution
Score
3/10

behavioral29

execution
Score
3/10

behavioral30

execution
Score
3/10

behavioral31

execution
Score
3/10

behavioral32

execution
Score
3/10