Overview

overview

7

Static

static

6

hydralaunc...le.exe

windows7-x64

7

hydralaunc...le.exe

windows10-2004-x64

7

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

resources/...64.dll

windows7-x64

1

resources/...64.dll

windows10-2004-x64

1

resources/...it.vbs

windows7-x64

1

resources/...it.vbs

windows10-2004-x64

1

resources/...ge.vbs

windows7-x64

1

resources/...ge.vbs

windows10-2004-x64

1

resources/...ay.vbs

windows7-x64

1

resources/...ay.vbs

windows10-2004-x64

1

resources/...fe.ps1

windows7-x64

3

resources/...fe.ps1

windows10-2004-x64

3

resources/...ne.vbs

windows7-x64

1

resources/...ne.vbs

windows10-2004-x64

1

resources/...nd.vbs

windows7-x64

1

resources/...nd.vbs

windows10-2004-x64

1

resources/...ut.vbs

windows7-x64

1

resources/...ut.vbs

windows10-2004-x64

1

resources/...widget

ubuntu-18.04-amd64

resources/...widget

debian-9-armhf

resources/...widget

debian-9-mips

resources/...widget

debian-9-mipsel

resources/...ry.vbs

windows7-x64

1

resources/...ry.vbs

windows10-2004-x64

1

resources/...us.vbs

windows7-x64

1

resources/...us.vbs

windows10-2004-x64

1

resources/...er.vbs

windows7-x64

1

resources/...er.vbs

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    hydralauncher-3.0.5-portable.exe

  • Size

    121.0MB

  • Sample

    241119-xl65qa1cpq

  • MD5

    a8aec8be3ac31c02cdcb3ece740a8474

  • SHA1

    a2989c2c8888638101ffdafca89775f3174779da

  • SHA256

    c205c2556694fae75243c0eff948b32dacf4263937ae84d7c164cd8a230ad27a

  • SHA512

    6b30cab852dc4eb0b4844b2bb57921febb7b40a0ea478ca70d1643bdd0bf64f6bba16ea2d39dcc8b85f4b06322a4642eaf61476704b9d22bdf228aa7d9e29746

  • SSDEEP

    3145728:hTm4PaqJPcZTHaKSurCH1yVN6DATMN6jFDJ3vHV8EVmlOqJw97:hC4PYrWBVy36FCDRH9MUqJw1

Score
7/10
discoveryevasionexecutionlinuxpdf

Malware Config

Targets

    • Target

      hydralauncher-3.0.5-portable.exe

    • Size

      121.0MB

    • MD5

      a8aec8be3ac31c02cdcb3ece740a8474

    • SHA1

      a2989c2c8888638101ffdafca89775f3174779da

    • SHA256

      c205c2556694fae75243c0eff948b32dacf4263937ae84d7c164cd8a230ad27a

    • SHA512

      6b30cab852dc4eb0b4844b2bb57921febb7b40a0ea478ca70d1643bdd0bf64f6bba16ea2d39dcc8b85f4b06322a4642eaf61476704b9d22bdf228aa7d9e29746

    • SSDEEP

      3145728:hTm4PaqJPcZTHaKSurCH1yVN6DATMN6jFDJ3vHV8EVmlOqJw97:hC4PYrWBVy36FCDRH9MUqJw1

    Score
    7/10
    discovery

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/StdUtils.dll

    • Size

      100KB

    • MD5

      c6a6e03f77c313b267498515488c5740

    • SHA1

      3d49fc2784b9450962ed6b82b46e9c3c957d7c15

    • SHA256

      b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e

    • SHA512

      9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

    • SSDEEP

      3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      0d7ad4f45dc6f5aa87f606d0331c6901

    • SHA1

      48df0911f0484cbe2a8cdd5362140b63c41ee457

    • SHA256

      3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca

    • SHA512

      c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

    • SSDEEP

      192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      resources/hydra-download-manager/lib/libssl-1_1-x64.dll

    • Size

      670KB

    • MD5

      7d8cd03c4d24a26d5e5b2f188773d852

    • SHA1

      583613b44fc1bdd81559c15d281444ae82e9d9c4

    • SHA256

      6ba837ce8bafe2bad595164f14bc3e85905e5c7fe88a0a0efb99a2ba9f025f72

    • SHA512

      c50f14e5126b28ed402314a641b969c1a0f47a5856a5a607ff0df9b5bbcde44a7ead460cc5dece25ba3ec8e00c9d165183f4a6420d60ef56e12be4f2e4cc60a7

    • SSDEEP

      12288:zofvFwEpp/ZYaDrN+9Qa3+YnkaZHEWFPTs73/MqFF8MXI/3ZtBPFj5U2lvz:ITp/JN+9Q1Gg73/ydRt35U2lvz

    Score
    1/10
    behavioral7behavioral8

    • Target

      resources/hydra-download-manager/share/tcl8.6/init.tcl

    • Size

      25KB

    • MD5

      982eae7a49263817d83f744ffcd00c0e

    • SHA1

      81723dfea5576a0916abeff639debe04ce1d2c83

    • SHA256

      331bcf0f9f635bd57c3384f2237260d074708b0975c700cfcbdb285f5f59ab1f

    • SHA512

      31370d8390c4608e7a727eed9ee7f4c568ecb913ae50184b6f105da9c030f3b9f4b5f17968d8975b2f60df1b0c5e278512e74267c935fe4ec28f689ac6a97129

    • SSDEEP

      768:rXugPHudKlExBG+Xg3Qonlm6ofRRECLSQDjr5vkhzx/i:ygGdKli4eonlm6offLzehNi

    Score
    1/10
    behavioral10behavioral9

    • Target

      resources/hydra-download-manager/share/tcl8.6/package.tcl

    • Size

      23KB

    • MD5

      ddb0ab9842b64114138a8c83c4322027

    • SHA1

      eccacdc2ccd86a452b21f3cf0933fd41125de790

    • SHA256

      f46ab61cdebe3aa45fa7e61a48930d64a0d0e7e94d04d6bf244f48c36cafe948

    • SHA512

      c0cf718258b4d59675c088551060b34ce2bc8638958722583ac2313dc354223bfef793b02f1316e522a14c7ba9bed219531d505de94dc3c417fc99d216a01463

    • SSDEEP

      384:8xgjLNILEHsdAW2UfnImRqXqux6XmihmCchzPLrXJjJh6PLfzdklG:8xgjLNImsdnvIm86uGLhLchzDzJ9h6Dn

    Score
    1/10
    behavioral11behavioral12

    • Target

      resources/hydra-download-manager/share/tcl8.6/parray.tcl

    • Size

      844B

    • MD5

      577787c2f4f5956ba70f83012b980ae5

    • SHA1

      040b2469f796f3fdfcd1e1dd2eb1c5b799edef62

    • SHA256

      e269029c8263e3cbc1920c3604ecdcf15edccb208a0d68f9eb42b73954d620c0

    • SHA512

      c2940f6f3d77412efc537b8ab67352f519dffa95739fcc17bf1817335afd9e5bfe91abe98cba99e278cb4923d4e6d431ed9d72282745203c0f7d73193f550238

    Score
    1/10
    behavioral13behavioral14

    • Target

      resources/hydra-download-manager/share/tcl8.6/safe.tcl

    • Size

      41KB

    • MD5

      b8c1561d471cfbf4111c706411d59883

    • SHA1

      71483eaeef377ee9af90bec44f70c7b12c5bc720

    • SHA256

      c21dce3ab31893118bbed01e559070f1d3541877fee331bd45f5bf4300ed9654

    • SHA512

      465065a938c71af4588b3331b51a62dd57f57492eb1cb6c0f52b9fd0a2fe7a54b1e995aa56e4a41d7a99eaff665c1e23e3b240fb3f9840ab242c21b1dbffff45

    • SSDEEP

      768:H/Jo8y7AyARYhZfc3njlVdRIp4xOtoYx4WneNiBq5vIhfwEaqadlUCJ2Pbb1P6:H/c7AmhZmnjvdRIG924WneNiBq5+fwEc

    Score
    3/10
    execution
    behavioral15behavioral16

    • Target

      resources/hydra-download-manager/share/tk8.6/demos/ttkpane.tcl

    • Size

      4KB

    • MD5

      28c707a2cdbf91ce33938c7a301c9178

    • SHA1

      b8dc280ffa2c449242d777fd1decb765ce189f6e

    • SHA256

      e1c472dcc79ab4826796848e320fc8769bc9daf6fe0378995054686a006d2c14

    • SHA512

      05afead5a7d9029453bf208fb9437c1db26242d334732067ce7c42a4e9aa33969dcfd1cbf06ca14b2f8e4c572cb3b8351eb62d64152084ac1ee2a8fb6285601f

    • SSDEEP

      96:vOKwhUQKb0vA0vJWZSuKcZS3M/DFZSq0C0LfvOdpbxpjtu:vOKPSFF4xY+Ta

    Score
    1/10
    behavioral17behavioral18

    • Target

      resources/hydra-download-manager/share/tk8.6/demos/twind.tcl

    • Size

      11KB

    • MD5

      dca4731b8c909eb10453b4125b049b14

    • SHA1

      3da186293b4bf4b5ac8405e37a8b831e4e90d95d

    • SHA256

      36b00de2b67c0974873787b4ff033f169f7201ab88e926fb4058f5cbb0298284

    • SHA512

      8031b7ef4445e57f40286aa1401a5bd76daa93dc60916a25b70be1c0f1a4fe588682ccea49aabada27b5770f7f95468562f8866290fab0a3a94f5b3112a2088b

    • SSDEEP

      192:mOPHlHxfNieTvTFQCamBHN1sYXdgKbfNTXEs4S8xqd+1cP7ZvhqcYDmA3f2bwSFT:m0FRUerTFQCFtPdRNTXEs4S8KP7VwcTr

    Score
    1/10
    behavioral19behavioral20

    • Target

      resources/hydra-download-manager/share/tk8.6/demos/unicodeout.tcl

    • Size

      4KB

    • MD5

      3a6f391b44546c9372f2008028e12fd9

    • SHA1

      13d060581e3c5c5fbeca864506da446f4502cfc9

    • SHA256

      a5cc2cd45093b91cefaca4842055b89aa193cdc8a8c21ac5b049d15a7a1d044d

    • SHA512

      18d857fe0483870986f5b4fee8889567032cc40aa1f39efd72a8194a480205b1a715df3faa1a33f6a72e32f5c4bd94ff9fee5bfb38114f478a191601adcf199f

    • SSDEEP

      96:Zs/OhVL8i/JTDEMxqRrrPqZ9Du/2ClJoHvVDIHtjX36YUYukoOn:WOP4i9rxyrb+Ju5JoPVDIH5n6Yqa

    Score
    1/10
    behavioral21behavioral22

    • Target

      resources/hydra-download-manager/share/tk8.6/demos/widget

    • Size

      24KB

    • MD5

      a0881849f2343fcde372031544d424d0

    • SHA1

      dfc5d37547a31d6b14ab841fad69678fb0bc3aef

    • SHA256

      01bef967805998261dc10784f974d86679a8c2d51b49cd1461ffc9b9340a034f

    • SHA512

      ed1fb4f612b93269f7497c37872c59e1e2543fe444253735285ea16e7bc261c51d91b834df02e28ce605e848fa7ce6e03462761ce54db5715dbd6e13dcab087c

    • SSDEEP

      768:mwGo9ErjOhUUfy24K73DRxjwPxHCSe8mI:mwr4K7TfjixHNe8mI

    Score
    1/10
    behavioral23behavioral24behavioral25behavioral26

    • Target

      resources/hydra-download-manager/share/tk8.6/entry.tcl

    • Size

      17KB

    • MD5

      f109865c52d1fd602e2d53e559e56c22

    • SHA1

      5884a3bb701c27ba1bf35c6add7852e84d73d81f

    • SHA256

      af1de90270693273b52fc735da6b5cd5ca794f5afd4cf03ffd95147161098048

    • SHA512

      b2f92b0ac03351cdb785d3f7ef107b61252398540b5f05f0cc9802b4d28b882ba6795601a68e88d3abc53f216b38f07fcc03660ab6404cf6685f6d80cc4357fc

    • SSDEEP

      384:mDfyRIlBk3yrt8qLjtpa+qh+rA4rsWRWrrMUtCPnkKYNlPp64ZnCD:mDfyRIlBk3yJ8mtpaplcp6o

    Score
    1/10
    behavioral27behavioral28

    • Target

      resources/hydra-download-manager/share/tk8.6/focus.tcl

    • Size

      4KB

    • MD5

      63b219be9aff1de7de2baf0e941cae38

    • SHA1

      a2febb31380e12ff01e6f641fe8b4f815941462f

    • SHA256

      8872f236d7e824aec0acd4bacc00fdd7ec9bc5534814ecf2160610c10647b7c5

    • SHA512

      057700f8fde4b7c3d7ab7cefd6c531060bf2b1b3b727cad6a37ecd42ebc557765d94b83add438bd5afa1f6f919d80ae755a8d98918981167b871f31ad42fdf5e

    • SSDEEP

      96:J3MRZZ7HWb/6OgRKjtS6Mn9GRZZ7HWb2Y6aO6R5nh76SMoB2kd82KtTpsi2D0DSn:CRZdPul1RZdFaRf0XoB2gZKZpsi2pn

    Score
    1/10
    behavioral29behavioral30

    • Target

      resources/hydra-download-manager/share/tk8.6/fontchooser.tcl

    • Size

      16KB

    • MD5

      a11f7d5f858e28d67f5391454401cae8

    • SHA1

      8acae04be25249a3b7524b2c4ac03bf9fcf081d7

    • SHA256

      48c6d9eabb028a57291c009e1b02756d1ea6a18f9aca7066c59bc3c5d881d3a6

    • SHA512

      e8d9b11208642c62166c62af605341ec7beef4e178dd3fcc9e72e4436be1f4e5d1952b78c5fa206d85d61693922fe26acaf9267725387f2a7a56ee2d95a6d69a

    • SSDEEP

      384:aUcEQ2Mq56jP/oVR6EcW0i9cWHKVo8q5F2Zsb9M:aUcEQ2Mq56jP/oVR6Ec5i9hKSxFC

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Enterprise v15

Tasks

static1

pdfevasion
Score
6/10

behavioral1

discovery
Score
7/10

behavioral2

discovery
Score
7/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

execution
Score
3/10

behavioral16

execution
Score
3/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10