General

  • Target

    setup.exe

  • Size

    25.5MB

  • Sample

    241109-zpwt9svmbk

  • MD5

    c35691ae0b1900a0a0c232e8215ab3c4

  • SHA1

    8b767bb31a766fa3e82880308d0e92cdf91e89aa

  • SHA256

    c1145161cd1302b052bb437ba19ae5cbb5dc01e1ab0913f1bf88579f7d93d04e

  • SHA512

    b52fabb1d6036642b4cc85cf90ee5f5554bdf4c495edae7d0c7d62972b85cb41059b03b2e78c2bc26a23ca6ea651f8f97c24d55125c2ebbf0e6a04a8e4e5d0f1

  • SSDEEP

    786432:rbIckqdS7qgCQQgBLTkUoy/i7J3ku6nG+fb1SEZV:rbDkIIqgCQZdkUoy/nR1Sm

Score
7/10

Malware Config

Targets

    • Target

      setup.exe

    • Size

      25.5MB

    • MD5

      c35691ae0b1900a0a0c232e8215ab3c4

    • SHA1

      8b767bb31a766fa3e82880308d0e92cdf91e89aa

    • SHA256

      c1145161cd1302b052bb437ba19ae5cbb5dc01e1ab0913f1bf88579f7d93d04e

    • SHA512

      b52fabb1d6036642b4cc85cf90ee5f5554bdf4c495edae7d0c7d62972b85cb41059b03b2e78c2bc26a23ca6ea651f8f97c24d55125c2ebbf0e6a04a8e4e5d0f1

    • SSDEEP

      786432:rbIckqdS7qgCQQgBLTkUoy/i7J3ku6nG+fb1SEZV:rbDkIIqgCQZdkUoy/nR1Sm

    Score
    4/10
    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      15KB

    • MD5

      90bb49f3fd416f912a637526914bd044

    • SHA1

      626051dd6c759a5b847664549736c37aba9ede5a

    • SHA256

      1f8e8f336df6773d6b63bd5a7efbfc889d08888fec55da402eaf93cb950aa283

    • SHA512

      5156923f51be2057f7003577b46732f6b0b0bb55402f49df3747085b9802b3a2492cd5f087ef988db5a69f241c10163ada0e649b149da8a198b7fc2cc83334e5

    • SSDEEP

      384:E5C43tPegZ3eBaRwCPOYY7nNYXCA/Yosa:EQTgZ3eBTCmrnNAE

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      6e55a6e7c3fdbd244042eb15cb1ec739

    • SHA1

      070ea80e2192abc42f358d47b276990b5fa285a9

    • SHA256

      acf90ab6f4edc687e94aaf604d05e16e6cfb5e35873783b50c66f307a35c6506

    • SHA512

      2d504b74da38edc967e3859733a2a9cacd885db82f0ca69bfb66872e882707314c54238344d45945dc98bae85772aceef71a741787922d640627d3c8ae8f1c35

    • SSDEEP

      192:MenY0qWTlt70IAj/lQ0sEWc/wtYbBH2aDybC7y+XBaIwL:M8+Qlt70Fj/lQRY/9VjjgL

    Score
    3/10
    • Target

      $PLUGINSDIR/ioSpecial.ini

    • Size

      211B

    • MD5

      e2d5070bc28db1ac745613689ff86067

    • SHA1

      282e080b4cf847174c5c11e4f9157b8c338ecb19

    • SHA256

      d95aed234f932a1c48a2b1b0d98c60ca31f962310c03158e2884ab4ddd3ea1e0

    • SHA512

      a50ca2014869629135b54e848f03cb4983ad8029cd811300d02b0fc54de0436185f418fea4d3db888eb0f3170e33a59d486aa885f024ab29e630e9bc0ae1a2de

    Score
    1/10
    • Target

      $PLUGINSDIR/modern-wizard.bmp

    • Size

      25KB

    • MD5

      cbe40fd2b1ec96daedc65da172d90022

    • SHA1

      366c216220aa4329dff6c485fd0e9b0f4f0a7944

    • SHA256

      3ad2dc318056d0a2024af1804ea741146cfc18cc404649a44610cbf8b2056cf2

    • SHA512

      62990cb16e37b6b4eff6ab03571c3a82dcaa21a1d393c3cb01d81f62287777fb0b4b27f8852b5fa71bc975feab5baa486d33f2c58660210e115de7e2bd34ea63

    • SSDEEP

      24:Qwika6aSaaDaVYoG6abuJsnZs5GhI11BayNXPcDrSsUWcSphsWwlEWqCl6aHAX2x:Qoi47a5G8SddzKFIcsOz3Xz

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Target

      $PLUGINSDIR/nsisdl.dll

    • Size

      15KB

    • MD5

      c635d0a11ae1c122beaac72b5024b425

    • SHA1

      a506e11b968087c438e0c0d82ef4dadcc5aa4e15

    • SHA256

      9343d9eea17df462ae2431b27253bcb8ce734a4992ea35cca9178cea3939c227

    • SHA512

      0a501cfc2a5a4a830c3f415ff09d41138740c82da4518f8c3efdc3d33cef7796e240a68d3ae4a001aae12e528e6d8d0c5bad904786a8b33cc19dbd8e7610c631

    • SSDEEP

      384:8py18oahashajPmIYInUJggBOZgAHhUKiAb:8py18oafmeggBOCAHpiA

    Score
    3/10
    • Target

      Etc/D2CodingBold-Ver1.3.2-20180524.ttf

    • Size

      4.2MB

    • MD5

      7169e4b32f2ed602023bd9e7692e7999

    • SHA1

      4c241b9d1a7ce1be4558fe76bfa945a1874a5458

    • SHA256

      dde75df435f061eaa0f6db84b1c30866aaa442d7038aaa62ea3c2be92f15d87d

    • SHA512

      ea2cfda175e3682737ce4d7af63b159617e6b9c64f87b2c3d68f2e2181d16aeadb04778016973bf07fb9ef242fb473c83a2444d62cba2964af7a0e054757e78a

    • SSDEEP

      98304:cvbEWXJgBVGNnzTt1i+cEvwdANiwgu+WzR1UwV:SXJgB2zC+cEvwdAgwgfWzR1UwV

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Target

      Etc/UI.bin

    • Size

      351KB

    • MD5

      f5b5cc41c2d52d41aae707ba3ba7b101

    • SHA1

      9c2f894857bf59f9dfe84ee9ef6af45743da3c84

    • SHA256

      74773842a5e11947838c6dc63b5ee7e2e5284a7567aa8cd73dcad133474722cd

    • SHA512

      0f27722540be8d0384cf83c95f7ff23deff97b28e544b8f9116982ef2074e923963a0b0eca78427158780ae53359285e8d02de68af3b52f55947ffaab12580bd

    • SSDEEP

      6144:r1C4NFYwy6Hau2KD53NHg3CpbBzmXh1BkxnjHb4M4L:rQmFWr1KD53NHQsbBzA1Bkdn4M4L

    Score
    3/10
    • Target

      Etc/zrescue.wav

    • Size

      355KB

    • MD5

      5dd1185776f1b3e8eecd187aca6e7cab

    • SHA1

      84b0781aac17bc5fa9117cfe8560dab716e1326e

    • SHA256

      0010672e317cac148a3a3162642849b1eeb3ec020ac88982e8af6406e5f39b61

    • SHA512

      6ad2cd004e84fc7eb4b974619b82b1b56c3c61a84c71d06f756f00c8de482cd8bbfef3da3afb6a2a766e616324e26e9dfde6409d5fb36eb2f55b4aa349b4e90e

    • SSDEEP

      6144:9/ZLCtABjXYHQUJJSoCAac49pZx3MPd3HhV9Tb6oZ4fEotC:dZOaBY3cO1O30x/6oZ4Nk

    Score
    6/10
    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Target

      Info/History.txt

    • Size

      11KB

    • MD5

      ff581f7a41e391121e214a548c7a132f

    • SHA1

      575677442f75c82384fbd212ca2bcce99acb4791

    • SHA256

      03e087600cee89c907d06c5177657cedeafd35dd128089a14d459c852a51c315

    • SHA512

      c6917b420550f491001d285d6012698ad0514d67c5256e47510f845ddc206d83a0d290b6104d39fc7557bf033eda868256a3a52ff9f57b4c330b56a8c4eeb956

    • SSDEEP

      192:9PSuHFMVZ1A9VgVhbgrVa12uVzVaBUL+sVwkU9stso2K3ZFbrVv5SS3radDf8jdd:9auHWZ23khgRa1TZ95Uatso2OFbZBSS3

    Score
    1/10
    • Target

      Info/설명서.txt

    • Size

      6KB

    • MD5

      465babd0f9c04655e627da2029d77e45

    • SHA1

      eff6941743153ee0d2fa7774a874d7e20396bd9b

    • SHA256

      be77ea18e39257dd3a9fdaf2cc1c9b465f348bbb7eda5c64a3714ff6ef914495

    • SHA512

      a5713975cab9dfefececfa51b901d9c3a03219bd6dc71c414a06a93c725ac7990c71507d0dc72452f133ae967329a835ce22803d1230c335df82773a076575a2

    • SSDEEP

      192:ER3Ta4UwuAAlMAjP76TQwKUP9JHKHV2hc83J92GRLHARlRVaVeQD5p:MZxuNMAjDsQwlGHyc83HdHARjVeXp

    Score
    1/10
    • Target

      Library/Battle.net.dll

    • Size

      184KB

    • MD5

      9ea094dddde9dd5e4fe72164cc732975

    • SHA1

      1c8a3441cfb877e9bfbf6482028b3296ca280f0b

    • SHA256

      a0709826feb10dc397ffcdb172617238e77ad645c543b3a1e4821d00266caf6b

    • SHA512

      e70b85a890a93639cdd47f7628fb2adeb2de1d3b1e6c3d8695fa9a24f90b0bfdaad9c2a676f42f7a092783046f62ab7a7231cfa4bbd23fdd887d81080cd390c9

    • SSDEEP

      3072:1e/ApUxd6NtdWYhXOwPHV4qafP9179kN+DU2NEKcXIXZGciH2h1fSmu:Yp4WGOwPHqn91yQDBcXIXZzOeI

    Score
    3/10
    • Target

      Library/ControlzEx.dll

    • Size

      244KB

    • MD5

      37dbeb3e804d61cefed67d1a60dde873

    • SHA1

      31fb981cc429cd24066363160e49c85fd74df8db

    • SHA256

      f15d89d9720eedb94c09b1db32ca6a514e9eff2906da91396ffd7f877714911e

    • SHA512

      7279e2354a9e1a583098bc9f6ff9ec05bb2b526ca151265d4c8c2bb42edd15b3d157425bc76e01b9f0e03cb1c87cb46bc94f9a1f47dc2a79daee784d6122f3fa

    • SSDEEP

      6144:M6bRKhjsomR8PpY82VG7gP2rxp+7vVNviPF1WANK+5/:M6Yye9

    Score
    1/10
    • Target

      Library/HtmlAgilityPack.dll

    • Size

      162KB

    • MD5

      b5b70052ac65657e11db2dd56de13e06

    • SHA1

      26fb020efadc6247396d4d405b4d2087ff9c2d81

    • SHA256

      ce8e4e6313b4742983376dce0cf363c2db2e14ba216e9c106830a0681590899c

    • SHA512

      c546d4ffdddabf2e3acbed59546677e2592c964b2060d059b87529f7f82146e51be9dac6987679bf9f4a25f80335ddd982968581cc9c5d578bc9fcf145ba35f9

    • SSDEEP

      3072:3IeiUVBmkZdZjmPMps0DWV8+QBp+eYQFSZetwNp5:zVokZdZjmPMpsZ5QBpVLtwP

    Score
    1/10
    • Target

      Library/MahApps.Metro.dll

    • Size

      3.4MB

    • MD5

      e074142bfc0ab58defddbf7e23bb47ac

    • SHA1

      6ac461b28bd5d7aad87c396939da8700363473c4

    • SHA256

      8c60718d85a5b8f7a9372b3a252638ed77a41b71796603199cd24e2f4012fdb9

    • SHA512

      73546c282b2a5701cb50a56a305c454a4ec5e7d5f29673d5b6c696f5924d832805f212a8bac4408a4724d975abd3ef8fed0127620070bebd0c5f946856526915

    • SSDEEP

      24576:knt6jn5Gq47qDL2PtBthkzRU7R2/8QcXtAw:ktg4Lf2RU7R2/8Qcn

    Score
    1/10
    • Target

      Library/MarkdownDeep.dll

    • Size

      50KB

    • MD5

      8cbbd216e99b1d4d9304231235ff8c59

    • SHA1

      cfe5c3a8bd9f2a3b814e7dff271cd3620a04b299

    • SHA256

      c44c392d40a05c5d1356b7f90171318bc03c766f15de97e08e7f115d10159c87

    • SHA512

      c7e38e07270cfb4dc66dd839d696d51cb3b4241959ad63ec391dd74ecd2c9437e8c9b4aa0f3f4a905bb3d906660597e4f142d3f34bb15e1a228b6341fa9449d7

    • SSDEEP

      1536:2hCrJvJ7UywSP3FbaXWPfpUmZknSs5eR:5UC3FuXWPfpTknSnR

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

discovery
Score
4/10

behavioral2

discovery
Score
4/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
3/10

behavioral10

Score
7/10

behavioral11

discovery
Score
3/10

behavioral12

discovery
Score
3/10

behavioral13

Score
4/10

behavioral14

Score
7/10

behavioral15

discovery
Score
3/10

behavioral16

Score
3/10

behavioral17

Score
1/10

behavioral18

discovery
Score
6/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

discovery
Score
3/10

behavioral24

discovery
Score
3/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10