e1c336a931699af16de244550da8ce7e1f9b70fd8023aa2ff896d52a603b740f

Sharing

Copy URL

Twitter E-mail

General

Target

PrismLauncher-Windows-MSVC-Setup-9.1.exe
Size

21.3MB
Sample

241119-vlcj1aydkc
MD5

255c5fc4ddd206f19d6fdb69b147b5f6
SHA1

dc7b59bdbb3fd8f065b8a53e2b8f742f24e12888
SHA256

e1c336a931699af16de244550da8ce7e1f9b70fd8023aa2ff896d52a603b740f
SHA512

cc6388f1760385a8386d0e2ec9312a3c9615d2506bf1f7c8d8cdf215e5b6371141c7a91857002f72462dfe1a262752dc45be711133f8158938f1ad2aeaa9d701
SSDEEP

393216:tq4PqBbVYibCH0zujernY1oPaY/STf3hAOWy58SAvSxulQS0PaYcJd0GoPOtOoKB:tdP8BbCHeRkOPv/+3h9/8Sg+S0SVdLI1

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  PrismLauncher-Windows-MSVC-Setup-9.1.exe
- Size
  
  21.3MB
- MD5
  
  255c5fc4ddd206f19d6fdb69b147b5f6
- SHA1
  
  dc7b59bdbb3fd8f065b8a53e2b8f742f24e12888
- SHA256
  
  e1c336a931699af16de244550da8ce7e1f9b70fd8023aa2ff896d52a603b740f
- SHA512
  
  cc6388f1760385a8386d0e2ec9312a3c9615d2506bf1f7c8d8cdf215e5b6371141c7a91857002f72462dfe1a262752dc45be711133f8158938f1ad2aeaa9d701
- SSDEEP
  
  393216:tq4PqBbVYibCH0zujernY1oPaY/STf3hAOWy58SAvSxulQS0PaYcJd0GoPOtOoKB:tdP8BbCHeRkOPv/+3h9/8Sg+S0SVdLI1
Score

7^/10

defense_evasion discovery
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/NScurl.dll
- Size
  
  6.0MB
- MD5
  
  bf43de0fb8a2c38abcf7b1cf6be7e7ce
- SHA1
  
  5c14855ddbf563da3bc14af40ea5650d627ab81d
- SHA256
  
  d9438094e22bd3183864b712e2cbae07f6b184a5ad7b018185e425e215feaca9
- SHA512
  
  145388afde1367253d723ea78501dfd61ebcfb17d440d324dbceb5d9b1c50dbd5a69946209722396f1d0f3699dc967bedab690dd670eedc9910b75a4e7d13830
- SSDEEP
  
  196608:ohFz25oFKhmagHDetua42OOMoMy+Tgt/VqiWWO+ac88vdPkR:oXmSLTgtDqU
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  192639861e3dc2dc5c08bb8f8c7260d5
- SHA1
  
  58d30e460609e22fa0098bc27d928b689ef9af78
- SHA256
  
  23d618a0293c78ce00f7c6e6dd8b8923621da7dd1f63a070163ef4c0ec3033d6
- SHA512
  
  6e573d8b2ef6ed719e271fd0b2fd9cd451f61fc9a9459330108d6d7a65a0f64016303318cad787aa1d5334ba670d8f1c7c13074e1be550b4a316963ecc465cdc
- SSDEEP
  
  192:ljHcQ0qWTlt7wi5Aj/lM0sEWD/wtYbBjpNQybC7y+XZqE0QPi:R/Qlt7wiij/lMRv/9V4bfr
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/modern-wizard.bmp
- Size
  
  25KB
- MD5
  
  cbe40fd2b1ec96daedc65da172d90022
- SHA1
  
  366c216220aa4329dff6c485fd0e9b0f4f0a7944
- SHA256
  
  3ad2dc318056d0a2024af1804ea741146cfc18cc404649a44610cbf8b2056cf2
- SHA512
  
  62990cb16e37b6b4eff6ab03571c3a82dcaa21a1d393c3cb01d81f62287777fb0b4b27f8852b5fa71bc975feab5baa486d33f2c58660210e115de7e2bd34ea63
- SSDEEP
  
  24:Qwika6aSaaDaVYoG6abuJsnZs5GhI11BayNXPcDrSsUWcSphsWwlEWqCl6aHAX2x:Qoi47a5G8SddzKFIcsOz3Xz
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  b7d61f3f56abf7b7ff0d4e7da3ad783d
- SHA1
  
  15ab5219c0e77fd9652bc62ff390b8e6846c8e3e
- SHA256
  
  89a82c4849c21dfe765052681e1fad02d2d7b13c8b5075880c52423dca72a912
- SHA512
  
  6467c0de680fadb8078bdaa0d560d2b228f5a22d4d8358a1c7d564c6ebceface5d377b870eaf8985fbee727001da569867554154d568e3b37f674096bbafafb8
- SSDEEP
  
  96:ooEv02zUu56FcS817eTaXx85qHFcUcxSgB5PKtAtoniJninnt3DVEB3YMNqkzfFc:ooEvCu5e81785qHFcU0PuAw0uyyIFc
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  7KB
- MD5
  
  11092c1d3fbb449a60695c44f9f3d183
- SHA1
  
  b89d614755f2e943df4d510d87a7fc1a3bcf5a33
- SHA256
  
  2cd3a2d4053954db1196e2526545c36dfc138c6de9b81f6264632f3132843c77
- SHA512
  
  c182e0a1f0044b67b4b9fb66cef9c4955629f6811d98bbffa99225b03c43c33b1e85cacabb39f2c45ead81cd85e98b201d5f9da4ee0038423b1ad947270c134a
- SSDEEP
  
  96:JgzdzBzMDhOZZDbXf5GsWvSv1ckne94SDbYkvML1HT1fUNQaSGYuHIDQ:JDQHDb2vSuOc41ZfUNQZGdHA
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  Qt6Core.dll
- Size
  
  5.8MB
- MD5
  
  928709b99a4c567e5b377cdb025d7c91
- SHA1
  
  c9d3ed5d55d9b08ba7918fdef0babf1d062b4f64
- SHA256
  
  05982ff42ba7ae3074badaee1a09ff7f45e694de815bb06b514b28c28cfe0500
- SHA512
  
  3d3f70d3e08cb9a942273bbf78acd0ddd8c498c0e3f8b8752f212c2f1d9dd5ec57a5c4d7b11dc621bc8de2860e05247435c0d89a13a8b8d6da6e8d4b360f64c3
- SSDEEP
  
  98304:gHAWMgeRErPcbO5KFdu9CwJsv6tdhj/3+:gEg2E1KFdu9CwJsv6td5/3+
Score

1^/10
behavioral13 behavioral14
- Target
  
  Qt6Core5Compat.dll
- Size
  
  856KB
- MD5
  
  49f13638989b994afb8f47755152dee8
- SHA1
  
  3399a4bd747f804e9f829d984992122cec0d412b
- SHA256
  
  298af983b948ac481c3417887d5d53caff5f68c654f94bffdf23a50974d50075
- SHA512
  
  7ad4b8af0042c1912d843f6f1e139c41ea835a8e71ff2c9e971514951c136b5304e3b1bef1d97acba711c355737886159a9391f4ccec44a82dca4fcd29fd7b3b
- SSDEEP
  
  12288:dddrDCXnsDmGJ/RZrc40jwHNaPGE/4717VKIxBDPzHkS8GG2fqrfKta/1hA:lCXsDmGJ/7cjSCG7V5DPT1yfKtaNhA
Score

1^/10
behavioral15 behavioral16
- Target
  
  Qt6Gui.dll
- Size
  
  8.6MB
- MD5
  
  84632e762ae7601b8c45b5f48e3c7531
- SHA1
  
  0b1c141f0468b3f07f511d70f8fb414b9103ac0c
- SHA256
  
  ced3aef690624b1186660baa85c7d2c3319d46f5c0194eeafe39e2377643e1d4
- SHA512
  
  9a24a4ae623deb2b5a87d0ba9ddf17fc643c918b96e9aa84a93c7538ec88fe608a266c28e9b1bc21ba0b41cd148eabbd4290dea7ec4e37572d4c9612a00f8721
- SSDEEP
  
  98304:t24H8hF1bSpj7LBw4mEVs/+QZHlKljKRHFD:nGbA7LGcVs/+QRlMK1FD
Score

1^/10
behavioral17 behavioral18
- Target
  
  Qt6Network.dll
- Size
  
  1.7MB
- MD5
  
  980fdb15e0f17e4bb094d29a540a5abe
- SHA1
  
  61ac95ff691a54dd2be91664b6d6e45c49aa5256
- SHA256
  
  cd69452ba2c05cbb94a5f4d4be34c7750eb09fee1e746afbe1ab0e7539cf04fa
- SHA512
  
  f36c72f43fe630d1ed4b9a0daebc6cacc3896b227b142598c78dc66c1e85053736eb7b3d8c5334ce107f9ea762b51ec6a42d8575d8ac519f99dda9d2accdd312
- SSDEEP
  
  49152:sC2Nm4hbztkW2Ex1Pily+3mzQDqzAduvm:aRSDJ3
Score

1^/10
behavioral19 behavioral20
- Target
  
  Qt6NetworkAuth.dll
- Size
  
  219KB
- MD5
  
  8c308b0a574781059a21fb5ca95fd95e
- SHA1
  
  bd0edcb5d6dde0a47d454cff5e2cf580a516bc60
- SHA256
  
  54455722028b0203d2c6c8019cd5f7260ed89fba03199b5719a4b79364e5ebf2
- SHA512
  
  36a71d093ff20dbb875416a41974e7d1ec03924c7b2229208fb29f7f3c4dc66989c9b945f56cd33dab005eee2f8de84287e27f1a0e189a5ec941cf53c23c306c
- SSDEEP
  
  3072:LIUAIxFGhXrfPBojxomA/UypEI6z/NxPBHLxjUacYVNK5:8yxQXrRojOmA/1QljUacYK5
Score

1^/10
behavioral21 behavioral22
- Target
  
  Qt6Svg.dll
- Size
  
  502KB
- MD5
  
  affbbfd53fd7eeb00e6851ca46b4f191
- SHA1
  
  273826edb38294625234d43197d563facbaa95d8
- SHA256
  
  01000b464fbf9b9c9989367cbe973dff0d0b7ce893e24476022a097ae05c51be
- SHA512
  
  596932fa863665601d6b34dad0d414c22b9861a29758c07bdcdbdc0dbf6fc12c2fa1628ccb9988735c01a56cee9f8aff759293b12542a25d540da49b1f791d83
- SSDEEP
  
  6144:bTc70isRoFxy7kFW2adhat12Ufv7gFTbDhndjwEZkp+k0s8QGHcBIMbf1n7jqUe7:bTc70N6FUar2Qv81pdij0swcmEgL
Score

1^/10
behavioral23 behavioral24
- Target
  
  Qt6Widgets.dll
- Size
  
  6.3MB
- MD5
  
  1da8e191c6d2ed3935791f816a829b77
- SHA1
  
  bf899e74f8108e9aa490d910cf538b57e18affa0
- SHA256
  
  3fac74f2736ee0850657005ceade2a4edef6e97d58c764e77c2e39e629e04e82
- SHA512
  
  553fd9bb8ae8b0ff2e1bd905f0cf920f4072ab832dd96b1ccb3b5e2234a5c3c974d91af2685d497c38063ccc8d5492686fa7f6af45ab604e374a158933831da0
- SSDEEP
  
  98304:5APwDtgQPq8ZeIdx4QNph+T9AlV+uxenW/CMmevV0hLB+pk:NtgQPdZeITJNp0T9AlV+u8x8vVC1Ak
Score

1^/10
behavioral25 behavioral26
- Target
  
  Qt6Xml.dll
- Size
  
  152KB
- MD5
  
  8d14a198df12b48de463158e48764798
- SHA1
  
  aeaeac489d50021afc9decb5dc01e69c76434728
- SHA256
  
  1520afd2abeebbd26766b6bdc5f88e9d3cb2b887bdf38559233b1bd4cdebd553
- SHA512
  
  6e5e28353cf430f8494130af8d58b843a49b383bce7085a2600c46b45d41436769f43cf3bb320a2b73165289efdbe4a80d5a23f297de65b9296a971d47a30137
- SSDEEP
  
  3072:COs07eXbdg6smqkBcEVjmBFC8cc++jjb/bccYBKR:11ahzqHEor++jjVR
Score

1^/10
behavioral27 behavioral28
- Target
  
  iconengines/qsvgicon.dll
- Size
  
  70KB
- MD5
  
  86acd7b222196bcc95dd20a7038c5c12
- SHA1
  
  af2003717ff3cf1d5ff22dd6d88fe22f09b7c357
- SHA256
  
  0194bc1679cdbff3eeec85e56d6d97d7b8a1a5ddd0bf026ba90356bae1d4e8ff
- SHA512
  
  05ea7b5fa933a6c180729858ab525dfdf5b0135ee0505777dc4078c9af7e3de71c009830eaec6af9beb268de95086b6a0eb2a43b850c75019f700c18c4f1816d
- SSDEEP
  
  1536:FQcbO0p1y1f+pjY0r6G4KhA2/zKVFAyGXy8ahuIegKxngeJZ:FvCG4KhA2/zKVFAyr8ahjbKz
Score

1^/10
behavioral29 behavioral30
- Target
  
  imageformats/qgif.dll
- Size
  
  47KB
- MD5
  
  0c29d05da47954cad9b66c519187e2ba
- SHA1
  
  4151bc90a6d8d522e9065fb894927db65547ee21
- SHA256
  
  b1af633a000fd8e2cdac988248ec984ab39b633e678b4700163f2a2761a08323
- SHA512
  
  25d6154a9e4da0c8686fd35d2d690abc0b2bf16e3b57634dd7f4376f1f3106245693b1b69844fb11495b2c5fdd09144c7434b35fa49cbdc27c7ee58d4a782d90
- SSDEEP
  
  768:J8Nst8obWfN1Sgwq0LE+AQ77FX66ElgqokiDSgWyjgKxnVbGYJl5N7:Jt+obihwp7AKqokiDSgxjgKxngeL
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

T1553

SIP and Trust Provider Hijacking

T1553.003

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

Checks installed software on the system

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32