88065e1cf38a7c3a48c8a3d0de61bb2bd1167c65187074a3cd3ea269fe4c4dab | Triage

Sharing

General

Target

88065e1cf38a7c3a48c8a3d0de61bb2bd1167c65187074a3cd3ea269fe4c4dab
Size

224KB
Sample

241121-m9c7fa1djf
MD5

c6509b96aa39f74e0bbdddd353e1f73f
SHA1

0c1d3279c7e25e7d70f90335acb19d7ab5d27ffd
SHA256

88065e1cf38a7c3a48c8a3d0de61bb2bd1167c65187074a3cd3ea269fe4c4dab
SHA512

26674b97815bdccb6ce700c81be249b3a0ba213208f7ed0d6efde674113d5817b81299c713fe01530724afefec7717a93980fd57eefd26891187523417b02153
SSDEEP

3072:6aC/ozTJ9vwdSJT+IkAf+5UjJRbrw6wWDdFqFPnUK/TvsEv//ntF+zWqCV76Mzha:FC/KTXod3uQcRb3VkvFnnj+zi6Mdyik

Score

7^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  88065e1cf38a7c3a48c8a3d0de61bb2bd1167c65187074a3cd3ea269fe4c4dab
- Size
  
  224KB
- MD5
  
  c6509b96aa39f74e0bbdddd353e1f73f
- SHA1
  
  0c1d3279c7e25e7d70f90335acb19d7ab5d27ffd
- SHA256
  
  88065e1cf38a7c3a48c8a3d0de61bb2bd1167c65187074a3cd3ea269fe4c4dab
- SHA512
  
  26674b97815bdccb6ce700c81be249b3a0ba213208f7ed0d6efde674113d5817b81299c713fe01530724afefec7717a93980fd57eefd26891187523417b02153
- SSDEEP
  
  3072:6aC/ozTJ9vwdSJT+IkAf+5UjJRbrw6wWDdFqFPnUK/TvsEv//ntF+zWqCV76Mzha:FC/KTXod3uQcRb3VkvFnnj+zi6Mdyik
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  8KB
- MD5
  
  e5240dcd169abe69a7332d01106e1d84
- SHA1
  
  2ca68892501102586f6ab4eb99744d7f6138c166
- SHA256
  
  96c40847d52270061c25743bc9ec4843be1991f3ac36c2d1b78ec04a04437ea4
- SHA512
  
  519479d1c6bfd4fcb11e0802f9cf5eb7b324577514a986f0fdf07d33ff6a275dc5ac41654aed818d1c30e0bdda543297f4b7886442cbc93066a808cafbaf8a70
- SSDEEP
  
  192:zopZK6yypD9pg5Z8YkvQhUbNA/2/o+OL:cvK685Z8YkvFbN
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  29KB
- MD5
  
  26c8a92678f1b970ac2a700bb844c309
- SHA1
  
  c821a5980c31b0b35f1505cde836d6769f45e3a3
- SHA256
  
  2a7b5d1cab96a5280b0694d0ed54510129626a1ba36a51bd34d546972b7d18b8
- SHA512
  
  fba6e371853fd6c27097eb7cce7ffc59d71e4f0a9b5e55de06472d094b70c44a409bd82f39d9a27a814e826ab8468c59e947401a3c3ead1f057cbac236588860
- SSDEEP
  
  384:icchls/EvE2XYBVtQQA+S4n+7g6ZxlU7RfYkvIZMIwwH3Y9pyWediASIo:dmHckOVih+S/Fxq7v4H3YCoASIo
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/nsArray.dll
- Size
  
  12KB
- MD5
  
  da4bc09439ed21faf7620a53433aac92
- SHA1
  
  94e3347aebe16cb88b9f29f00134d9e0fb67e508
- SHA256
  
  216d68d3f0b37bb2203b3a438a84a089e8c388608f46377ad7e7d6a2709cf9b0
- SHA512
  
  920294456e8fee0c4137e4b4ba1389f09ade297d6ed49d78a9593d129dbb5eb048da2cbff7ac29687999991d5f38657cb31af73e2ccf6b8b9ce29480d4d81ec6
- SSDEEP
  
  192:LULA8tZt1pehCUVFpZ/XXz5F8qioPYtS/Z8i4NVhWp1h2ph30R:gLAe1peEUD/X1F8qiAFLhOh
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  14KB
- MD5
  
  8f45e78d9d02ca8a9f9c274a8bfe2a57
- SHA1
  
  9b3838e1d2d4fbc1c84e1252747e96aa1b223d83
- SHA256
  
  78f9594721361fd3415b8c5194f9c9b87c580d6a70ddb95f2c4743c61ce68ebe
- SHA512
  
  125f1bcf833e0c233ebee552c164d9726769f06e5163467888abea08048fdae60a94b903ef97ba82ca9cf684f3c027d9605d54e9efe794df3e452f9b20e4ca96
- SSDEEP
  
  384:jqWL5JCYXh2OPxv9OIR6oYkvLl5gS+BX9jN:jqXG2cLR9vPgFNjN
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  11KB
- MD5
  
  7c0dc12cdc807a3bb4afda989a663f95
- SHA1
  
  3db74d921bd68ce73834de4636bbec03b21723ff
- SHA256
  
  0d022cc0aa60a3f41dbeb6776e9acb016ff3d42396e3371f15cc22352e621eb5
- SHA512
  
  22301b351c0332fce7b0d6b21e2b1dc9a850658b8ac610bfa4fb9d02adfbdad30211f04edcabd4141574d243cb6333ef78adb6647860641c84e5d6dc6f635a20
- SSDEEP
  
  192:nQux93kCB6nGYq1f9ymY1aulOaBETAJYkvQhHLrqNo25JF/:nLx937B6GY48HQulOGETAJYkvmLr0oSD
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $TEMP/WLANSetEAPUserDatax64.exe
- Size
  
  62KB
- MD5
  
  cc3147d32b19efc616fedb6f5313dd87
- SHA1
  
  f036a8463504b7c6151d5da66dbf3396d4ad8944
- SHA256
  
  80a47a2af21bfbe5a674a32912926c7b62b516cf0b582a594638a8cce875eb20
- SHA512
  
  463e42f26a1fbac68bcf4a305307d87567d08fdb13096bdfe553b48cceeece796c67683671f0f6f8d916bb8451ef77dab44b86b641d8d167f7095e9f4ee98142
- SSDEEP
  
  1536:l4LoTgzY7Mx1ThepurlwOd2KdTFHoWl3LB3t:l4LoTgzYuThiqlnd2Kd/3LBd
Score

1^/10
behavioral13 behavioral14
- Target
  
  $TEMP/WLANSetEAPUserDatax86.exe
- Size
  
  62KB
- MD5
  
  1a9ab3d3af02fc841950c439c633a880
- SHA1
  
  16e966b35a055689ef8a115f4e11a67a2189f463
- SHA256
  
  8d898150dc9f780948cec73a7a9f873a893f3ee6be30bf04e0369b97eabe8465
- SHA512
  
  a073eb9d8ed62b76f729f24a446360412779080b01165b183f7b12be4804b0063b6ff79fae7fe138bf847d4941f5960e0e5d8d3468088231117042741d3e9595
- SSDEEP
  
  768:d7bEnuQhagleo4yxLhCiH5EnhdgVklrHAIk/8EDV+CnYYmHm1RrZcy:ZEuQhPMyLcnrgVkBxkAM5h9c
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  $TEMP/check_wired.cmd
- Size
  
  56B
- MD5
  
  7e3652a51e040f61b9c937b781ebcf87
- SHA1
  
  bc99b040f1f680bffb7de6543122e69eaf058e07
- SHA256
  
  66f2ead4d45f404f14d9c317129e3fb6837bc5a36c04b4cb07315df3994fd6b6
- SHA512
  
  5a7d3ed40b977208922825ffc822475edce119646634751d0da419a66aa5896e10c5b5064ff0923c69f978990366719633212d2ca594f83a56fbea2ffcd6548e
Score

4^/10

persistence privilege_escalation
behavioral17 behavioral18
- Target
  
  $TEMP/wlan_test.exe
- Size
  
  8KB
- MD5
  
  40bca6124fa7eef106c0d76c428d9471
- SHA1
  
  dadd29d90007602be8ecd18406dc28634d0bbb2d
- SHA256
  
  fc03209d76e6c41c11dde8621f1eb03ff348a12566cb9b63e7aa2d6cef8086aa
- SHA512
  
  5167d2bbe094dc7a3ecf89e508ae869dcff08c4159b7756cb03c2f5431e084ff34d1834e5294892f81f00e96664a67081d8212dde310f553a7f6237a1144a5be
- SSDEEP
  
  96:jcKd0jhY5hCJMKzfdUuFpDocZ7F+Vq1cHQyCGOx+WFHCkvJJGrbA4ayC7tCEYyHO:jbQ4hqvZ7F+E6c3bvJJms4aPbH
Score

3^/10

discovery
behavioral19 behavioral20

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Netsh Helper DLL

Privilege Escalation

Event Triggered Execution

Netsh Helper DLL

Defense Evasion

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

persistenceprivilege_escalation

behavioral18

persistenceprivilege_escalation

behavioral19

behavioral20