Overview
overview
7Static
static
6Gajim-1.9.5-64bit.exe
windows7-x64
7Gajim-1.9.5-64bit.exe
windows10-2004-x64
7share/sqli...ar.dll
windows7-x64
1share/sqli...ar.dll
windows10-2004-x64
1share/sqli...op.dll
windows7-x64
1share/sqli...op.dll
windows10-2004-x64
1share/sqli...ze.dll
windows7-x64
1share/sqli...ze.dll
windows10-2004-x64
1share/sqli...ce.dll
windows7-x64
1share/sqli...ce.dll
windows10-2004-x64
1share/sqli...le.dll
windows7-x64
1share/sqli...le.dll
windows10-2004-x64
1share/sqli...es.dll
windows7-x64
1share/sqli...es.dll
windows10-2004-x64
1share/sqli...ab.dll
windows7-x64
1share/sqli...ab.dll
windows10-2004-x64
1share/sqli...on.dll
windows7-x64
1share/sqli...on.dll
windows10-2004-x64
1share/sqli...er.dll
windows7-x64
1share/sqli...er.dll
windows10-2004-x64
1share/sqli...13.dll
windows7-x64
1share/sqli...13.dll
windows10-2004-x64
1share/sqli...ub.dll
windows7-x64
1share/sqli...ub.dll
windows10-2004-x64
1share/sqli...es.dll
windows7-x64
1share/sqli...es.dll
windows10-2004-x64
1share/sqli...a1.dll
windows7-x64
1share/sqli...a1.dll
windows10-2004-x64
1share/sqli...ee.dll
windows7-x64
1share/sqli...ee.dll
windows10-2004-x64
1share/sqli...th.dll
windows7-x64
1share/sqli...th.dll
windows10-2004-x64
1General
-
Target
Gajim-1.9.5-64bit.exe
-
Size
105.7MB
-
Sample
241117-tdz5natbrg
-
MD5
800cf22da2b528fda75063d486cd082a
-
SHA1
2cbf61ecd2e774a4df2769e0c6ed950ed2acc2ee
-
SHA256
522c14353d8028a0ac8e896aad88b101ad83ca8218731399ef9175e90d24cc30
-
SHA512
6f439b5f5b756ef6e5802985f3fe63e6a8ea1d121a7a43b3d700de4a65a6a42469562031163d5341d9fd05e87e83f1ee2caef0b5a2a01cc696bdf844af52cd07
-
SSDEEP
3145728:aCTom585UHuf+EllgWSb7GpwCK1CpwaSyXnf8xvwJ8a:ag8adEliWSuLKsnSyXfnJp
Behavioral task
behavioral1
Sample
Gajim-1.9.5-64bit.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Gajim-1.9.5-64bit.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
share/sqlite/extensions/nextchar.dll
Resource
win7-20241010-en
Behavioral task
behavioral4
Sample
share/sqlite/extensions/nextchar.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
share/sqlite/extensions/noop.dll
Resource
win7-20240729-en
Behavioral task
behavioral6
Sample
share/sqlite/extensions/noop.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
share/sqlite/extensions/normalize.dll
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
share/sqlite/extensions/normalize.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
share/sqlite/extensions/pcachetrace.dll
Resource
win7-20241023-en
Behavioral task
behavioral10
Sample
share/sqlite/extensions/pcachetrace.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
share/sqlite/extensions/percentile.dll
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
share/sqlite/extensions/percentile.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
share/sqlite/extensions/prefixes.dll
Resource
win7-20241010-en
Behavioral task
behavioral14
Sample
share/sqlite/extensions/prefixes.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
share/sqlite/extensions/qpvtab.dll
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
share/sqlite/extensions/qpvtab.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
share/sqlite/extensions/randomjson.dll
Resource
win7-20241023-en
Behavioral task
behavioral18
Sample
share/sqlite/extensions/randomjson.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
share/sqlite/extensions/remember.dll
Resource
win7-20240903-en
Behavioral task
behavioral20
Sample
share/sqlite/extensions/remember.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral21
Sample
share/sqlite/extensions/rot13.dll
Resource
win7-20240903-en
Behavioral task
behavioral22
Sample
share/sqlite/extensions/rot13.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral23
Sample
share/sqlite/extensions/scrub.dll
Resource
win7-20241010-en
Behavioral task
behavioral24
Sample
share/sqlite/extensions/scrub.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral25
Sample
share/sqlite/extensions/series.dll
Resource
win7-20241010-en
Behavioral task
behavioral26
Sample
share/sqlite/extensions/series.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral27
Sample
share/sqlite/extensions/sha1.dll
Resource
win7-20240903-en
Behavioral task
behavioral28
Sample
share/sqlite/extensions/sha1.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral29
Sample
share/sqlite/extensions/shathree.dll
Resource
win7-20240903-en
Behavioral task
behavioral30
Sample
share/sqlite/extensions/shathree.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral31
Sample
share/sqlite/extensions/showauth.dll
Resource
win7-20240903-en
Behavioral task
behavioral32
Sample
share/sqlite/extensions/showauth.dll
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
Gajim-1.9.5-64bit.exe
-
Size
105.7MB
-
MD5
800cf22da2b528fda75063d486cd082a
-
SHA1
2cbf61ecd2e774a4df2769e0c6ed950ed2acc2ee
-
SHA256
522c14353d8028a0ac8e896aad88b101ad83ca8218731399ef9175e90d24cc30
-
SHA512
6f439b5f5b756ef6e5802985f3fe63e6a8ea1d121a7a43b3d700de4a65a6a42469562031163d5341d9fd05e87e83f1ee2caef0b5a2a01cc696bdf844af52cd07
-
SSDEEP
3145728:aCTom585UHuf+EllgWSb7GpwCK1CpwaSyXnf8xvwJ8a:ag8adEliWSuLKsnSyXfnJp
Score7/10-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
-
-
Target
share/sqlite/extensions/nextchar.dll
-
Size
17KB
-
MD5
cdb4c7932d557b69e3e47bcb5f2372cf
-
SHA1
a54b6e842564a5e2e70a34cd0f1c41dd360da5ec
-
SHA256
7023be3e5ece85c52ffb0fb489c16ab4e6e14bec0b04a2eb90793d53799b6e73
-
SHA512
117fb3421ee82e1713fb9c0e1b8e0c0fa8a06ae2491542097fa9dbdeb419d635d341b733905f49ba40a4bfbd2770723153d7ef7924c53a67b983e623113a4e88
-
SSDEEP
384:WYzWLA+iCXooX1FmSOku8nbAIaH5tayYEuevGP:PijXyVkkIkOyRGP
Score1/10 -
-
-
Target
share/sqlite/extensions/noop.dll
-
Size
14KB
-
MD5
2541749abac60461230c569d887b901f
-
SHA1
51df7cc76e720bd1c8176b3a7898eca030352e29
-
SHA256
09b432c4c9c72d3dc939b1ef522c0745040932559ea7206e8b3cd0fc0ffb3391
-
SHA512
01ea25e4e7f16ef24d2c9f5506757782dcec0c5abd4c61a0aee6be21609249ab7de2df8638e320a095b6a5ef50e1341ddcf2ca2c612177dcfcd0836517152842
-
SSDEEP
192:GHhWis7HhsrQzF8yWIJK0IPu8/ZLMf1w8F7p:GHhW3By6FXRnku8/ZofO8Ft
Score1/10 -
-
-
Target
share/sqlite/extensions/normalize.dll
-
Size
19KB
-
MD5
ca70b3cdbc93a914072b11ad1bfa8b38
-
SHA1
2a4468bcf218e2efb44d27488f6383516a86eb1e
-
SHA256
ca62c8b4ec2f979d59d1cc1f87cada0998f6b487b268f95c050650859784006c
-
SHA512
aca8ba640187d412618d82fbe9f625f51db5fcb9ce57aa132a6e065f5611b045a12caa38da75326eb8baf531e0130625a7df0489b73c4f7c97eccb0b476db6e0
-
SSDEEP
192:ydB83UT8KbCxGLbazslUsQOcIB/RcqB9VDBQFuOwngFK3IPuEnbIfnnnreEnR++b:yT8m8GF2MKFuvIEkuEnbseEnRTek43ny
Score1/10 -
-
-
Target
share/sqlite/extensions/pcachetrace.dll
-
Size
43KB
-
MD5
4cabe6a966c9625f70362af2d75d4889
-
SHA1
98275cdcd252f79e9c75262e5a0b9c0fdd0479c4
-
SHA256
7d23bac41895c8b3da14f8b65e433c7d411d4ce0ef86b77239a7231717046c3a
-
SHA512
a4acb976e163241fad25382be4fc513c582a99fc85e45898ff6c22eddb7deae34638862c2488c8d8890f76acffd537c20d71a444565b02e9d548d471f98d5e1d
-
SSDEEP
768:SNuAMupksme/c7tRP5yuXL9s4u/MLpFcq+Cr8YQBwaM+PZcPaFD:mfpkaSxyItuE1FcnCr8NCaDP6aFD
Score1/10 -
-
-
Target
share/sqlite/extensions/percentile.dll
-
Size
16KB
-
MD5
da297155d70a7f72b48cfc2d8460124c
-
SHA1
ec2dce074a1d9ccb45b2ca61f74211cd1fb1c392
-
SHA256
ae73d57b1cc944e7b74f5294347b2da317cdafb68b0a31440e27eaaa7d83d84e
-
SHA512
08f81133797cb5576509c7421b1951f50cbc3dd136e2c8a23dba483a66eb847fb4744b77596d62ec5ea31e8b2bb4c99b2ebc90247be7274d91d14d090b5f4d4e
-
SSDEEP
192:NIjsKnWSjYj6FCK2T3C12By5gj1ktKZIPuM/ZjZubY+pn54kz3X:NIjsH6xCK2L3By5S+ykuM/5Zuk+9BbX
Score1/10 -
-
-
Target
share/sqlite/extensions/prefixes.dll
-
Size
16KB
-
MD5
057d77c22226a4e250a3d7f7ccb591d4
-
SHA1
4c0ef973b17a542f00f83ab82e8c185c7da37281
-
SHA256
0ec31cc021e3188bed834af0008ea04f74596774043226af838986b3df1a465c
-
SHA512
76e966286c5deeaf4ae32ac2c35eba717d62428eb2a15c8d90cecc5dd169d94c7bfb9099fa11db8f32f5a6b7ed08a21144bd2399070fe0a21d055c53a2de84fb
-
SSDEEP
192:OIJFWeoIsfsVP4w4voFzSgWhWZD0WlIgK5IPu8nbFnuuFmBEufys3P:OIXW3ECoFzqhWVjLSku8nbYuqEu6GP
Score1/10 -
-
-
Target
share/sqlite/extensions/qpvtab.dll
-
Size
18KB
-
MD5
8e76c6cccae28be47a0cbc420203b2c6
-
SHA1
c7f2af7757f625a1e40f035e3a757e4fd8ac6c53
-
SHA256
97e3d46986f37069d6312eacb6ed88eee15340b0cd32a13b1bd1b039ae7c11cb
-
SHA512
2b2e4404ec26db5099a511e771ff30ccc22fb085887689a1a8732647976facfd3a72ea62dffef312def440397d7bae48c87cdff760d671393945fce99660b17d
-
SSDEEP
384:NIPT7uXbDEXNitmp9fkkuMXgDxmqXnDgu:Nim4nMkExmqcu
Score1/10 -
-
-
Target
share/sqlite/extensions/randomjson.dll
-
Size
18KB
-
MD5
4e00e0323ed5d219dd338d33d305787d
-
SHA1
0444c55436fb56a7ba8b4ecf407d5f6838016fcc
-
SHA256
b7587b210b5afb3bdec9929442c092493264a72269f90cbf5d5c30501fea8897
-
SHA512
43913b89380091aa7ca654140aeba55b043b8d793d535cffbc4ddb03a43a03d20143ea767aa2c743dbf77a13278f77a1add754d7511d3c6c82acf703ee5f8c6d
-
SSDEEP
192:W8E40nFF4ZfuRHwBDQebMkeKOIPuE/XOaZebZLoMRxdavrPdhkva:W8E4MFyfu94EUslkuE/eaYZJRr+PdAa
Score1/10 -
-
-
Target
share/sqlite/extensions/remember.dll
-
Size
14KB
-
MD5
fff6e866d7d5556f3f74062ff732c211
-
SHA1
e37c946eb72631b50d28560a3617cf334543185d
-
SHA256
e4f20e860320ca0c1848793732c33d969018496a6b5680447c033ebe8c84691e
-
SHA512
fd17367a08931a5256ab17e67b3a82cbb563377b2b4f962cbb6f79ca157bb77115a15086adb154599c1bf257c5bd9ad7ddb9082e107daf48e7a02be1dbaf4103
-
SSDEEP
192:io4W1evByzxFG1g8w2yNKCIPu8/2Br+IFAp:io4WCILG1J3upku8/Ur+IFq
Score1/10 -
-
-
Target
share/sqlite/extensions/rot13.dll
-
Size
14KB
-
MD5
fa4eb85ceb32ef5c7ff7a231c4f5d71a
-
SHA1
266523809bf80517319702380ecb6497448e0bb1
-
SHA256
1ba8d68f55e51f58da2550420cd710fec89e5bdecaf08b8ab1ce03e4ffa3eb94
-
SHA512
0bb23f6b63786e5110dbf38711f63135e6c36cf39639a88da081c831dd5c298c34aecffc00264445127fb90ab91135231414ae5aed75f51b455bc3dbd73ff4b3
-
SSDEEP
192:okWrs0xZTrmTD/6yW8SK0IPu8/wARiMITFIp:okWprTrADlmnku8/3RTQFy
Score1/10 -
-
-
Target
share/sqlite/extensions/scrub.dll
-
Size
21KB
-
MD5
02beaaac0ec7d4272b9fa87d01bd1f3e
-
SHA1
d05b6911f12a31a39c3389946adb27b508f91f74
-
SHA256
7893a17b4579eadee26cdb72c0972bb61b76c1b93040c3f328645e6c1c5c8e93
-
SHA512
fc7295074e2a1aca3236364e5a129bbe948c98fde4276f53fc1c70f1759f39e142fe33ef52cfa2f1a58cc415daff2d665101d2b2cfc417be6e6e88b79e52479b
-
SSDEEP
384:YrTBhpYUGFn/d/0UH+TH7J3Jku8nbkO2SrRWD9bhPNEuOwW:YJ/YTH+HJ5kYO2SrR+9b+wW
Score1/10 -
-
-
Target
share/sqlite/extensions/series.dll
-
Size
17KB
-
MD5
3d8568dbcb41275bd1c8afe06a2db77f
-
SHA1
100c5a55139a87189fb3f26d1c08516d55331181
-
SHA256
079f743b8941f1cdde3d97a5edff0aa142294e6b6df6481d9ed0d7aed482d6a2
-
SHA512
ab90a0ff36c887d4159e515c6f7e92c9d0cadca376c96e0c72e25748dd4beff12d8c4c1d1c21932c09d3904d03d6309476329a35cb6a65dd4ad62f37f8f9ef08
-
SSDEEP
192:WNNFZmDD15IaO5kWiTG/VxHJR2T6ln2JQHgFKXIPuE/HKECrgYDOH86poS+u1t3P:WvrwhNDG/rJRLl2+okkuE/OCoS+u/P
Score1/10 -
-
-
Target
share/sqlite/extensions/sha1.dll
-
Size
24KB
-
MD5
a68ff9a4c1e376dcfca446672555774b
-
SHA1
c2173b6c2fdbec3c1dfbaacc95a5aae2a70a1f28
-
SHA256
0458065155ca7959c9fda1c2ac6647cb8a2e1c75680e31549ec08820a050e224
-
SHA512
e13fc705ebcd7b41fe1b11a81ddd6f0c3b2c7132756f069848850938a9b1bc1cd499e4b75f92011c5a6130b0c2072a0879cfbd269d7b96b608c4be81f7a5f47e
-
SSDEEP
384:zaev7Dc7rvz0+nEMJuyiI4j8YUYkuE/k9qyWVbGx:zzMViI4lxk2qcx
Score1/10 -
-
-
Target
share/sqlite/extensions/shathree.dll
-
Size
24KB
-
MD5
f47c2cd2c68860dd9e83a62c74a3e245
-
SHA1
9f81ecc1b16e3b4e1200a249853e4800177e1dcc
-
SHA256
eebcb9f1497ed6b2e597740be80a97b404fe04cabb27bc88adc4f04aecdf809e
-
SHA512
56032e3e6e7e7c19806eeb3f5026994d59bbb33a20f318cf1d5e4e354152ad1cda7ce479c5898144ebfdbae69163085dbb53b77a9e87a1fdb37161afe931b657
-
SSDEEP
384:fTiWV34oVTAEc6VUlgKjOCjY+umKEhyh+RgfLSku8nbuziEuRGP:fV3p5zUzO/+udEhyh+Cfmk6zqGP
Score1/10 -
-
-
Target
share/sqlite/extensions/showauth.dll
-
Size
42KB
-
MD5
46a61119eed4f7d5c6442ed0238ec3dc
-
SHA1
6611beb5c5bf3cf127a12b8273321dc1511c597c
-
SHA256
4b4a21b866f56e8e693bad4082c796a2a15affeb7b3138ec469fd967129184aa
-
SHA512
7f3de9291a5d8050e8ad1a381d8a534080ef9ba6317f4ea5b1e3ff20cb5c0aade29ab78cac7ffb697d725b99192f5f2b52ab7467f2e9af5c367adf3725db1014
-
SSDEEP
768:OxXUKkCEe/c7tRP5yuWE9hmxHMXqXc+j1r89pX7lLoFT:0UKkCSxyIcxs6XcS1r8R0FT
Score1/10 -