Overview

overview

5

Static

static

3

044c5577aa...f3.exe

windows7-x64

5

044c5577aa...f3.exe

windows10-2004-x64

5

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...LA.rtf

windows7-x64

4

$PLUGINSDI...LA.rtf

windows10-2004-x64

1

$PLUGINSDI...on.dll

windows7-x64

3

$PLUGINSDI...on.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    044c5577aaaea092dd5a213de19138675e8182588709cda7ccb94ebaaf8a3df3

  • Size

    18.2MB

  • Sample

    241121-kjddeavmbj

  • MD5

    1fe6953cfe807f836f5d651562a8a780

  • SHA1

    54b01acdcc8f1bb05ce8eb055d6d92d52e681ee8

  • SHA256

    044c5577aaaea092dd5a213de19138675e8182588709cda7ccb94ebaaf8a3df3

  • SHA512

    f7d2c44f9d53abe6071edfcd0b66f81e9b4ee763709aaa1f36dbc96b7d7b74bef1ed3c98d1fb6980f02791433a4fbbe88374b7a18024d6796600127ec1a0b406

  • SSDEEP

    393216:4vIDnftIjroMG8hgpZ/fxTAcn3rzhOj9XQFsE:4vIDlSUMG3zxZ3rNOxgt

Score
5/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      044c5577aaaea092dd5a213de19138675e8182588709cda7ccb94ebaaf8a3df3

    • Size

      18.2MB

    • MD5

      1fe6953cfe807f836f5d651562a8a780

    • SHA1

      54b01acdcc8f1bb05ce8eb055d6d92d52e681ee8

    • SHA256

      044c5577aaaea092dd5a213de19138675e8182588709cda7ccb94ebaaf8a3df3

    • SHA512

      f7d2c44f9d53abe6071edfcd0b66f81e9b4ee763709aaa1f36dbc96b7d7b74bef1ed3c98d1fb6980f02791433a4fbbe88374b7a18024d6796600127ec1a0b406

    • SSDEEP

      393216:4vIDnftIjroMG8hgpZ/fxTAcn3rzhOj9XQFsE:4vIDlSUMG3zxZ3rNOxgt

    Score
    5/10
    discoveryspywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      15KB

    • MD5

      033ee34c40e8fa85bf2739bcb2f3e186

    • SHA1

      2ca942f35f77f37df3fc6097acac34f2e77341b7

    • SHA256

      c91c1796338a265b49039c0b2c7a312d764b99e5174fb2dae455ca54f8f41ec7

    • SHA512

      2204e0b8721b8d85c51bd068b1695b16ee096bfc1d1cd5843f48fd04032aeee2b6a91ce82978a4b3414f3d966ec5b36fb337a4149dae3a1d0445935d964d247f

    • SSDEEP

      384:ErC43tPegZ3eBaRwCPOYY7nNYXCT/Yosa:EmTgZ3eBTCmrnNAh

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      $PLUGINSDIR/LangDLL.dll

    • Size

      5KB

    • MD5

      174708997758321cf926b69318c6c3f5

    • SHA1

      645488089bf320f6864e0d0bc284c85216e56fbd

    • SHA256

      f577b66492e97c7b8bf515398d8deb745abafd74f56fc03e67fce248ebbeb873

    • SHA512

      214433597e04ca1ff9b4fe092d5d2997707a7c56f0f82c85d586088a200e4455028f3b9427d87b4f06f9252557d5be4b7a9138ea6a8d045df6209421fd8ca054

    • SSDEEP

      48:S46+/ZTKYKxbWsptIpBtWZ0iV8jAWiAJCvxft2O2B8mCofjLl:zDuPbOBtWZBV8jAWiAJCdv2CmpL

    Score
    3/10
    discovery
    behavioral5behavioral6

    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      0ff2d70cfdc8095ea99ca2dabbec3cd7

    • SHA1

      10c51496d37cecd0e8a503a5a9bb2329d9b38116

    • SHA256

      982c5fb7ada7d8c9bc3e419d1c35da6f05bc5dd845940c179af3a33d00a36a8b

    • SHA512

      cb5fc0b3194f469b833c2c9abf493fcec5251e8609881b7f5e095b9bd09ed468168e95dda0ba415a7d8d6b7f0dee735467c0ed8e52b223eb5359986891ba6e2e

    • SSDEEP

      192:eK24sihno00Wfl97nH6T2enXwWobpWBTU4VtHT7dmN35OlASl:u8QIl975eXqlWBrz7YLOlA

    Score
    3/10
    discovery
    behavioral7behavioral8

    • Target

      $PLUGINSDIR/TeamViewer_EULA.rtf

    • Size

      118KB

    • MD5

      aa62e4a8c81037ad3f2e35f6b62d8219

    • SHA1

      6d63041387887acdabd3c5ba0d32abf9eb38d9c5

    • SHA256

      9c6d118677749baf429fdf782a243de1672a1e7d8da17405664b42a8a4d3b6e7

    • SHA512

      bb77adbc4cb814b2154194a94ccf3725cbb239eb354e376213a371a8da74cb0df8d43e98d1d42c3f122ff98fd17a6b2a909c1f9ac9eabd9f89adaa393134389a

    • SSDEEP

      1536:ZU6sT8PiDTwbTppXswFq0Wt0DXa9UJxqIJlqNRh2JI9BLu08ydHLmr4KkEvoADuf:ZU6cDUbT5q0zqugEJCP

    Score
    4/10
    discovery
    behavioral10behavioral9

    • Target

      $PLUGINSDIR/TvGetVersion.dll

    • Size

      224KB

    • MD5

      6ea2ec55f6f06468ee2c42a91bdd2e53

    • SHA1

      f78eee0d1fa4f3995d6fc103089ba5561b9028b5

    • SHA256

      9675e04270294129d6d199ebb06f62b10abc08a0742bd7e5b776187252b02a39

    • SHA512

      ff2d9eefda7e069e4f9fca75cf1841dab81efd17d87ce326a7c05b7818743f398c4ee3159adf2bd8f5ac9a3ba9dfd902263dba4fd68a12a68ce78fd3493f1463

    • SSDEEP

      3072:9J7KJkcma0VkpOG/374vnriZ1nmTaK405/+ncMCQ2bDhwh6:fEkcmYOG/37MnGZoeKxpuuQz6

    Score
    3/10
    discovery
    behavioral11behavioral12

    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      d6c3dd680c6467d07d730255d0ee5d87

    • SHA1

      57e7a1d142032652256291b8ed2703b3dc1dfa9b

    • SHA256

      aedb5122c12037bcf5c79c2197d1474e759cf47c67c37cdb21cf27428854a55b

    • SHA512

      c28613d6d91c1f1f7951116f114da1c49e5f4994c855e522930bb4a8bdd73f12cadf1c6dcb84fc8d9f983ec60a40ac39522d3f86695e17ec88da4bd91c7b6a51

    • SSDEEP

      192:oWa8cSzvTyl4tgi8pPjQM0PuAg0YNyZIFtSP:DaBSzm+t18pZ0WAg0RZIFg

    Score
    3/10
    discovery
    behavioral13behavioral14

MITRE ATT&CK Enterprise v15

Tasks