Overview
overview
5Static
static
32608fc0060...eb.exe
windows7-x64
42608fc0060...eb.exe
windows10-2004-x64
5$PLUGINSDIR/INetC.dll
windows7-x64
3$PLUGINSDIR/INetC.dll
windows10-2004-x64
3$PLUGINSDI...er.exe
windows7-x64
4$PLUGINSDI...er.exe
windows10-2004-x64
5$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...fo.dll
windows7-x64
3$PLUGINSDI...fo.dll
windows10-2004-x64
3$PLUGINSDI...p.html
windows7-x64
3$PLUGINSDI...p.html
windows10-2004-x64
3$PLUGINSDI...x.html
windows7-x64
3$PLUGINSDI...x.html
windows10-2004-x64
3$PLUGINSDI...app.js
windows7-x64
3$PLUGINSDI...app.js
windows10-2004-x64
3$PLUGINSDI...uts.js
windows7-x64
3$PLUGINSDI...uts.js
windows10-2004-x64
3$PLUGINSDI...dle.js
windows7-x64
3$PLUGINSDI...dle.js
windows10-2004-x64
3$PLUGINSDI...min.js
windows7-x64
3$PLUGINSDI...min.js
windows10-2004-x64
3$PLUGINSDI...ons.js
windows7-x64
3$PLUGINSDI...ons.js
windows10-2004-x64
3$PLUGINSDI...ics.js
windows7-x64
3$PLUGINSDI...ics.js
windows10-2004-x64
3$PLUGINSDI...nds.js
windows7-x64
3$PLUGINSDI...nds.js
windows10-2004-x64
3$PLUGINSDI...ies.js
windows7-x64
3$PLUGINSDI...ies.js
windows10-2004-x64
3$PLUGINSDI...ate.js
windows7-x64
3$PLUGINSDI...ate.js
windows10-2004-x64
3General
-
Target
2608fc0060721b4ad5bb722e92e61ce4b16e98795fe878d92773da14b8576beb
-
Size
1.3MB
-
Sample
241108-ayl9ratnfm
-
MD5
fafa58d1183911947366ef1e768b0f92
-
SHA1
6074cf088d335f664e6eb1ead20c814c78217750
-
SHA256
2608fc0060721b4ad5bb722e92e61ce4b16e98795fe878d92773da14b8576beb
-
SHA512
a8b2a8177ba92f5330b09c41ede38ba5d9360a816cdf26944898eafefe10a8aeb344e2f3473f2253433599d48434540ef5362c70aee65584042409263e174b97
-
SSDEEP
24576:0dZYvRoNyaooMslvC4AVeJ3H6UaLDd6lcBUcb6lkcSOqgEhTB0m6aoOcn+D:UZOWNyovhAVG3Htyd8c1bqYgS0POc+
Static task
static1
Behavioral task
behavioral1
Sample
2608fc0060721b4ad5bb722e92e61ce4b16e98795fe878d92773da14b8576beb.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
2608fc0060721b4ad5bb722e92e61ce4b16e98795fe878d92773da14b8576beb.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/INetC.dll
Resource
win7-20240708-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/INetC.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/OWInstaller.exe
Resource
win7-20241010-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/OWInstaller.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win7-20240729-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
$PLUGINSDIR/app/cmp.html
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
$PLUGINSDIR/app/cmp.html
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
$PLUGINSDIR/app/index.html
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
$PLUGINSDIR/app/index.html
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
$PLUGINSDIR/app/js/app.js
Resource
win7-20241010-en
Behavioral task
behavioral16
Sample
$PLUGINSDIR/app/js/app.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
$PLUGINSDIR/app/js/block_inputs.js
Resource
win7-20240903-en
Behavioral task
behavioral18
Sample
$PLUGINSDIR/app/js/block_inputs.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
$PLUGINSDIR/app/js/libs/cmp.bundle.js
Resource
win7-20240903-en
Behavioral task
behavioral20
Sample
$PLUGINSDIR/app/js/libs/cmp.bundle.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral21
Sample
$PLUGINSDIR/app/js/libs/jquery-1.10.2.min.js
Resource
win7-20241023-en
Behavioral task
behavioral22
Sample
$PLUGINSDIR/app/js/libs/jquery-1.10.2.min.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral23
Sample
$PLUGINSDIR/app/js/models/notifications.js
Resource
win7-20240729-en
Behavioral task
behavioral24
Sample
$PLUGINSDIR/app/js/models/notifications.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral25
Sample
$PLUGINSDIR/app/js/utils/analytics.js
Resource
win7-20240903-en
Behavioral task
behavioral26
Sample
$PLUGINSDIR/app/js/utils/analytics.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral27
Sample
$PLUGINSDIR/app/js/utils/commands.js
Resource
win7-20241010-en
Behavioral task
behavioral28
Sample
$PLUGINSDIR/app/js/utils/commands.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral29
Sample
$PLUGINSDIR/app/js/utils/cookies.js
Resource
win7-20240903-en
Behavioral task
behavioral30
Sample
$PLUGINSDIR/app/js/utils/cookies.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral31
Sample
$PLUGINSDIR/app/js/utils/modal-events-delegate.js
Resource
win7-20240903-en
Behavioral task
behavioral32
Sample
$PLUGINSDIR/app/js/utils/modal-events-delegate.js
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
2608fc0060721b4ad5bb722e92e61ce4b16e98795fe878d92773da14b8576beb
-
Size
1.3MB
-
MD5
fafa58d1183911947366ef1e768b0f92
-
SHA1
6074cf088d335f664e6eb1ead20c814c78217750
-
SHA256
2608fc0060721b4ad5bb722e92e61ce4b16e98795fe878d92773da14b8576beb
-
SHA512
a8b2a8177ba92f5330b09c41ede38ba5d9360a816cdf26944898eafefe10a8aeb344e2f3473f2253433599d48434540ef5362c70aee65584042409263e174b97
-
SSDEEP
24576:0dZYvRoNyaooMslvC4AVeJ3H6UaLDd6lcBUcb6lkcSOqgEhTB0m6aoOcn+D:UZOWNyovhAVG3Htyd8c1bqYgS0POc+
Score5/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-
-
-
Target
$PLUGINSDIR/INetC.dll
-
Size
24KB
-
MD5
640bff73a5f8e37b202d911e4749b2e9
-
SHA1
9588dd7561ab7de3bca392b084bec91f3521c879
-
SHA256
c1e568e25ec111184deb1b87cfda4bfec529b1abeab39b66539d998012f33502
-
SHA512
39c6c358e2b480c8cbebcc1da683924c8092fb2947f2da4a8df1b0dc1fdda61003d91d12232a436ec88ff4e0995b7f6ee8c6efbdca935eaa984001f7a72fea0a
-
SSDEEP
384:wv1j9e9dEs+rN+qFLAjNXT37vYnOrvFhSL+ZwcSyekzANZBJ:w1AvEs3HBLzYn29vYh
Score3/10 -
-
-
Target
$PLUGINSDIR/OWInstaller.exe
-
Size
2.0MB
-
MD5
f6a126a7d993862c79230bae3e2560b8
-
SHA1
ed6165364ccd050bb678d37680c17fe8b3612c91
-
SHA256
eeda16f2ebe8a4ffa7c0eb32c308cbc740d425141316b6e1ebad7973a3b1ea78
-
SHA512
0751ea611e7c86dfd3f375269efd1280037bd225deb2779e8ef5aa32e6575c529dadec17e211c46608f7bf7918e0b93867b50feb2f555751177c093eaa8ea3c4
-
SSDEEP
49152:pUP049MkI0IVLc5kHPB7rLm1yapIZco86:pUP0h9cCr
Score5/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
7399323923e3946fe9140132ac388132
-
SHA1
728257d06c452449b1241769b459f091aabcffc5
-
SHA256
5a1c20a3e2e2eb182976977669f2c5d9f3104477e98f74d69d2434e79b92fdc3
-
SHA512
d6f28ba761351f374ae007c780be27758aea7b9f998e2a88a542eede459d18700adffe71abcb52b8a8c00695efb7ccc280175b5eeb57ca9a645542edfabb64f1
-
SSDEEP
192:eF2HS5ih/7i00dWz9T7PH6lOFcQMI5+Vw+bPFomi7dJWsP:rSUmlw9T7DmnI5+N273FP
Score3/10 -
-
-
Target
$PLUGINSDIR/UserInfo.dll
-
Size
4KB
-
MD5
9301577ff4d229347fe33259b43ef3b2
-
SHA1
5e39eb4f99920005a4b2303c8089d77f589c133d
-
SHA256
090c4bc8dc534e97b3877bd5115eb58b3e181495f29f231479f540bab5c01edc
-
SHA512
77dc7a1dedaeb1fb2ccefaba0a526b8d40ea64b9b37af53c056b9428159b67d552e5e3861cbffc2149ec646fdfe9ce94f4fdca51703f79c93e5f45c085e52c79
Score3/10 -
-
-
Target
$PLUGINSDIR/app/cmp.html
-
Size
4KB
-
MD5
7c4c64c1c57183740825417cab13824e
-
SHA1
9d796612a9a0a0868f10f468cd929220aa9dde55
-
SHA256
10fdd5b9288580da92318e5306c753a16d97463ce9c620d90b4fd0702ff27216
-
SHA512
f45295ecc4012e5016561a0e4a6aecda1dce575da85222145db8004711dcb84e6be77f002f01502866fcae6364df53254bf0d638552390f18459d360e6eaaa97
-
SSDEEP
48:t9rc0/GLAoShbEHaLKNGiNQtvmolOGR36tgtr/GTvJP3ALcaILNt7ByBZXGz+a1K:4VLjHa2NGiivmmppLBAtFwAk5vSG
Score3/10 -
-
-
Target
$PLUGINSDIR/app/index.html
-
Size
18KB
-
MD5
7d3e8c3819dd12273bf0581a1293e4e8
-
SHA1
54a512400d91aa6b0364e800f21ec20ffee00d46
-
SHA256
e0a21b254c77b39af6b9cd3208a8e9231f819dfe880864115ef571f3dbf367b5
-
SHA512
3b00c7afb31f1f4619bbb51430a6ebd2cf0d90af8d7f9128da265da5e487b26fa3d8115f84380e793f0977a2c1bd1c8aaa9b450e878772d51d342f0016c33193
-
SSDEEP
192:8sdqpDN4FHmY74+/qmtRCtmK8W9I2gHHMlxh8B39LJXHab4mfgJnc5wC93u8hJuv:9BaMminGV+k8f1
Score3/10 -
-
-
Target
$PLUGINSDIR/app/js/app.js
-
Size
19KB
-
MD5
5d61fe70cf5cc2c5fa1ff8a5de745b2c
-
SHA1
64b2eae652ab435ea8bd1df0b46860d1a91df384
-
SHA256
dcd05165e51e6f74fd2a3a844e05ccd84a794f6b35267c6d429843ecb093d651
-
SHA512
34800144f33074352866ee188be4bb81f63ad52a4b9ec207463859d19e3b2c12afc1c1db93b6f1302c170c41377579a136f4acd00f02a82ad4a719184b4f4d09
-
SSDEEP
384:4+Fdc15Zmb9plmt002wjI3A98zwF52xxYRdv7XR3FGHtH:hF215wbdmKH3A98zIAnGdv7XR3YH1
Score3/10 -
-
-
Target
$PLUGINSDIR/app/js/block_inputs.js
-
Size
789B
-
MD5
b5b52c92b90f4283a761cb8a40860c75
-
SHA1
7212e7e566795017e179e7b9c9bf223b0cdb9ec2
-
SHA256
f8dbd6793b35f7a26806f4dabad157aaafdf6d66fad094b50c77d60f223fd544
-
SHA512
16ad53ede5424ca1384e3caea25225589e9eec9e80e2d845948802db90fad222f709a7b651cd7601a34ba67a0627433f25764638fd542cbd4612871308e7b353
Score3/10 -
-
-
Target
$PLUGINSDIR/app/js/libs/cmp.bundle.js
-
Size
296KB
-
MD5
ab770f93a2c6d70141f50911b9729a44
-
SHA1
dd1d856b0c2c67ae6d560c8badc6e95bb059d6b0
-
SHA256
0b37387945988a371be4df3f11bebba378b65e55e08b3ac189851dbbdceb1bca
-
SHA512
938c28c59116725983786d0240d1d4da207be93bd524a2fbe44ecdefaa844049e6e2288dbb46b950b7c7cdf6705622f0b50c6e1a42896806ff667998d6cbf95f
-
SSDEEP
1536:4UGMT5RS+P8pGjQp1jdH6cArFGFgkGXVyWkNTQ+3xXtbs3Z4mSn/C595oRHQRmP8:4Ur5RFgrMcoFGFgxjkNTQ+c3nouR6TQ
Score3/10 -
-
-
Target
$PLUGINSDIR/app/js/libs/jquery-1.10.2.min.js
-
Size
90KB
-
MD5
44e3f0db3e4ab6fedc5758c05cf27591
-
SHA1
2d408aa1d35661019c95adcc60b78c0727ed25b4
-
SHA256
bc44d3631ffef1df7960e359f02002d3ada45ee05205c2cf1edd85da2f518144
-
SHA512
4d4844e53e686fc59a52e86588f328dca3ed6fdad7195c58942a98c51755a24981b903ee7c7b27785375eaad5a7d9501cf74b999674b79f214e66103bad9efdc
-
SSDEEP
1536:O4mCgi8DyCuXXFiJ+L0kJQsJVPEKuQRZdC/RAfDknv+p0WzH/Io9Z7qABZnu0JFV:OGsKYAI2p0WP9bDrJ7fak
Score3/10 -
-
-
Target
$PLUGINSDIR/app/js/models/notifications.js
-
Size
4KB
-
MD5
750cbb88cd1fab13bd2711671e3b412c
-
SHA1
e582aa431a5b311b4d55869aa8037f309f96e411
-
SHA256
2201a3f04d7372f80e635e5f5012fbd6e9bf5cb9f492e0ca509470aed9626cfe
-
SHA512
d872118b9b58557e1fa84b04d9fbc5406efab87888dc546d436d46e128753cb73a8bac12c56d235eb253ac5311a88f2e9866e5fd578474d06bfd7fd3a2c9bff6
-
SSDEEP
96:sOr8u1s9FvYjftfHsWjUQGM8mui+U8QrGjqTzoOxOYjfsfHsWjUQGbjINGk:sGu9yT13oG8K+JQC+/5LTE3oNEYk
Score3/10 -
-
-
Target
$PLUGINSDIR/app/js/utils/analytics.js
-
Size
3KB
-
MD5
f3d77a5a5a4958301fa44c42e8c5aa9f
-
SHA1
867748ec5d9e6110020fc90c40ec3202b7fec8b1
-
SHA256
bbeef647776288f6cb7c7d209a3126a91958d1c6fdfc9df7a85607d197c421c0
-
SHA512
f9862bc2c5d79b96192415e53b93e616159cf1cbf5a7a5298f5d07444e243356ebebc35af0cec1d32e3b785bcb91c09f60e9dfdb72eb93db24f1403b2899c5d0
Score3/10 -
-
-
Target
$PLUGINSDIR/app/js/utils/commands.js
-
Size
9KB
-
MD5
689062672819512a6cc7de16700ba20f
-
SHA1
28c683bd7cb1948a300cf2b39714e4ca0e2cfbc4
-
SHA256
c5eb4e0e8f16d4a7bd117eedd947cf26500cc682f0bd0be71c75fa9a0de3a7c2
-
SHA512
f82aa3a754433518e1b69b9b5fe22f427ff1b47f549c62ea6f7b87f81c57bbf14614538d7e636f8f2514b7dcd3b9a89c40172c98d41592731676dbcd260739f3
-
SSDEEP
192:7ITi1djlJg6VjwS1vJzEjMNCU1WStK2Od8uu7alvsvTGmbLLqwvIJO:7kE5JkUvJQ0C6W8tusvxqE3
Score3/10 -
-
-
Target
$PLUGINSDIR/app/js/utils/cookies.js
-
Size
1KB
-
MD5
6c60e675f8c8c68c0174b644d3a63a2a
-
SHA1
3635a3fe07ccc4a6f33a986ddb690522d0611abb
-
SHA256
9d3cb3822e20d6f5157faa02dc69bdaef44576c3fb5523e00aa152107ce30287
-
SHA512
1dc9ec7b139bcf37107ecd673c01e4fcc606332ea1645a4a1b4e5d95f817d4c99d5964cd3d941a6a526689341d9623b17b4efc002cdf4c73404299d52b1be452
Score3/10 -
-
-
Target
$PLUGINSDIR/app/js/utils/modal-events-delegate.js
-
Size
1KB
-
MD5
be8209120c313de506c26ace0acf2d28
-
SHA1
eda661d7141c610da7c35c4ac61d78bee3a7a5be
-
SHA256
31bb2794755a0cc7f1cc85cd2c428b78be7ff7d24978e55a2c1cad016bf01c39
-
SHA512
18d39ed2101993c4a2c3d242623d699391895f7713a3628b091d04c72dc497a9b7127dc7477169a8ff970484e2d69b2ba8ebb65fad45b1584dcb14fe7bec2040
Score3/10 -
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1