General

  • Target

    KK(1).exe

  • Size

    5.5MB

  • Sample

    241110-lxwbtavdlb

  • MD5

    5d17b92eb1c605a946ee0a182d19c620

  • SHA1

    87a12bfd8e109420386f61fb8390377726334f06

  • SHA256

    136a1c6bb96520cf0e90e645774e0bd23ee1491fbc10c4ced0bda9f7553b4891

  • SHA512

    3788e596729b8949fce55cc9c02443597ed371f9111485d20f328d687e73503551528535f51f65c87e76bcbba4f884211fe70ce93c3987913b7546d196bde7b9

  • SSDEEP

    98304:yncQkNsCiSm+BJnflZ8yCyygyyjiykM8PC4KCiSm+BJnflZ8yCyygyyjiykM8PCm:/QSvx7dqJM8PCax7dqJM8PC

Score
7/10

Malware Config

Targets

    • Target

      KK(1).exe

    • Size

      5.5MB

    • MD5

      5d17b92eb1c605a946ee0a182d19c620

    • SHA1

      87a12bfd8e109420386f61fb8390377726334f06

    • SHA256

      136a1c6bb96520cf0e90e645774e0bd23ee1491fbc10c4ced0bda9f7553b4891

    • SHA512

      3788e596729b8949fce55cc9c02443597ed371f9111485d20f328d687e73503551528535f51f65c87e76bcbba4f884211fe70ce93c3987913b7546d196bde7b9

    • SSDEEP

      98304:yncQkNsCiSm+BJnflZ8yCyygyyjiykM8PC4KCiSm+BJnflZ8yCyygyyjiykM8PCm:/QSvx7dqJM8PCax7dqJM8PC

    Score
    7/10
    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      $PLUGINSDIR/BgWorker.dll

    • Size

      2KB

    • MD5

      33ec04738007e665059cf40bc0f0c22b

    • SHA1

      4196759a922e333d9b17bda5369f14c33cd5e3bc

    • SHA256

      50f735ab8f3473423e6873d628150bbc0777be7b4f6405247cddf22bb00fb6be

    • SHA512

      2318b01f0c2f2f021a618ca3e6e5c24a94df5d00154766b77160203b8b0a177c8581c7b688ffe69be93a69bc7fd06b8a589844d42447f5060fb4bcf94d8a9aef

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      8cf2ac271d7679b1d68eefc1ae0c5618

    • SHA1

      7cc1caaa747ee16dc894a600a4256f64fa65a9b8

    • SHA256

      6950991102462d84fdc0e3b0ae30c95af8c192f77ce3d78e8d54e6b22f7c09ba

    • SHA512

      ce828fb9ecd7655cc4c974f78f209d3326ba71ced60171a45a437fc3fff3bd0d69a0997adaca29265c7b5419bdea2b17f8cc8ceae1b8ce6b22b7ed9120bb5ad3

    • SSDEEP

      192:BenY0qWTlt70IAj/lQ0sEWc/wtYbBH2aDybC7y+XB9IwL:B8+Qlt70Fj/lQRY/9VjjlL

    Score
    3/10
    • Target

      $PLUGINSDIR/notifyclause-simplified.rtf

    • Size

      177KB

    • MD5

      0835b9a58f60531588f9bc08f1dbc0f8

    • SHA1

      65818780bfd3125ee4de9ead5c40fdc2d8304ae2

    • SHA256

      81b15a0563aa3fa0b648cdfb136c9a4db6e3103e91621bd8bf552bffb4dce8e6

    • SHA512

      d1dafffd7f291a87c0e6209443c38d941c2763354dba4dd86c6262d930d3c6ce9da8a6eca0d9cb5b7d6f58f61b517d840d006a80553d3bbcb86d1ec03963bbcb

    • SSDEEP

      768:H+AFcNW9VOeV1NZuVoh4fr8VOdi/nVxEVXKuMwNZ1V/gkV0r4VVluxVj+VXqUEq/:e+oWCPP

    Score
    4/10
    • Target

      $PLUGINSDIR/nsNiuniuSkin.dll

    • Size

      278KB

    • MD5

      ad462d5e41adc190beea1a51eb06ee29

    • SHA1

      ca3f1ea240446854c09141b96cfb4f0fcbd89cee

    • SHA256

      1e6eca298080c15e5caefdfd75e4c8e02d47a4417ae6383c7237282135b3795d

    • SHA512

      13b913a5b410dff3c5d9d7d5990b61fd739d7cb315c932400e53fcceb9e4160e758c2014987e7078b94c6f4cd6018b4bad3c52f7f09f465337b94eb0e21fed53

    • SSDEEP

      6144:OpqFsj8cmmFS7GEZ9enoFyuKlPN1UtDVDb0Xr53/oX4NVjHA8OvcrQdsQwb1:U9j8ZaS7tXenuyuKlPQDVDbrX4XH8vc9

    Score
    5/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      $PLUGINSDIR/nsProcess.dll

    • Size

      4KB

    • MD5

      88d3e48d1c1a051c702d47046ade7b4c

    • SHA1

      8fc805a8b7900b6ba895d1b809a9f3ad4c730d23

    • SHA256

      51da07da18a5486b11e0d51ebff77a3f2fcbb4d66b5665d212cc6bda480c4257

    • SHA512

      83299dd948b40b4e2c226256d018716dbacfa739d8e882131c7f4c028c0913bc4ed9d770deb252931f3d4890f8f385bd43dcf2a5bfe5b922ec35f4b3144247a7

    Score
    3/10
    • Target

      $PLUGINSDIR/nsis7zU.dll

    • Size

      139KB

    • MD5

      4ba004406dc9e1fa0830af3083583ca6

    • SHA1

      b5ab9a34114675b459cf1400d0390903b3cef3a3

    • SHA256

      c7af358c7a51c2b9e0e6eb991ca1a0e91d753dd4e32f4624e6f66d1b007f5566

    • SHA512

      a01d9f01e454aa636cbaf37fa225a37346dd1e0140be757868be848378b61ce2e37d393b48fe463161d988f4dedeb062249b6eeb3f62106501800470d67fc055

    • SSDEEP

      3072:rZprsfmXQrJ9w/DjWhXXysTPKo2womQZerbl3x+Sv4:rjsJrJ9KjWhiyKoIerJh+Sv

    Score
    5/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks