854b1c26a08059e5c659ac43953b9f29743ea7e73bd8c178ea053a24ca5b57de | Triage

Sharing

General

Target

xrMPE-Launcher-Installer.exe
Size

42.7MB
Sample

241121-qdxgzssmcx
MD5

5249e43ba034a7ffa271477cf1855124
SHA1

b180ef06be84bb7041c840617ada83e921428708
SHA256

854b1c26a08059e5c659ac43953b9f29743ea7e73bd8c178ea053a24ca5b57de
SHA512

17b41b03a6346261d32999f7989371bdfee43d690c49659968e9caa1f42a2970a8edc6e229c2d13842c324fe80b06dd94bd07db50e974056eadadc615ad40fad
SSDEEP

786432:P3GiSMTlYU+N45IgwRu4qWogjT+DtRxMkBo2BUPJE4k5aqo74pPfhlMjBrLpIa9E:P31JlYA5hwRSWogmrSkBrBiJE95nZlMu

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  xrMPE-Launcher-Installer.exe
- Size
  
  42.7MB
- MD5
  
  5249e43ba034a7ffa271477cf1855124
- SHA1
  
  b180ef06be84bb7041c840617ada83e921428708
- SHA256
  
  854b1c26a08059e5c659ac43953b9f29743ea7e73bd8c178ea053a24ca5b57de
- SHA512
  
  17b41b03a6346261d32999f7989371bdfee43d690c49659968e9caa1f42a2970a8edc6e229c2d13842c324fe80b06dd94bd07db50e974056eadadc615ad40fad
- SSDEEP
  
  786432:P3GiSMTlYU+N45IgwRu4qWogjT+DtRxMkBo2BUPJE4k5aqo74pPfhlMjBrLpIa9E:P31JlYA5hwRSWogmrSkBrBiJE95nZlMu
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  549ee11198143574f4d9953198a09fe8
- SHA1
  
  2e89ba5f30e1c1c4ce517f28ec1505294bb6c4c1
- SHA256
  
  131aa0df90c08dce2eecee46cce8759e9afff04bf15b7b0002c2a53ae5e92c36
- SHA512
  
  0fb4cea4fd320381fe50c52d1c198261f0347d6dcee857917169fcc3e2083ed4933beff708e81d816787195cca050f3f5f9c5ac9cc7f781831b028ef5714bec8
- SSDEEP
  
  48:S46+/sTKYKxbWsptIp5tCZ0iVEAWyMEv9v/ft2O2B8mWofjLl:z+uPbO5tCZBVEAWyMEFv2Cm9L
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  192639861e3dc2dc5c08bb8f8c7260d5
- SHA1
  
  58d30e460609e22fa0098bc27d928b689ef9af78
- SHA256
  
  23d618a0293c78ce00f7c6e6dd8b8923621da7dd1f63a070163ef4c0ec3033d6
- SHA512
  
  6e573d8b2ef6ed719e271fd0b2fd9cd451f61fc9a9459330108d6d7a65a0f64016303318cad787aa1d5334ba670d8f1c7c13074e1be550b4a316963ecc465cdc
- SSDEEP
  
  192:ljHcQ0qWTlt7wi5Aj/lM0sEWD/wtYbBjpNQybC7y+XZqE0QPi:R/Qlt7wiij/lMRv/9V4bfr
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  b7d61f3f56abf7b7ff0d4e7da3ad783d
- SHA1
  
  15ab5219c0e77fd9652bc62ff390b8e6846c8e3e
- SHA256
  
  89a82c4849c21dfe765052681e1fad02d2d7b13c8b5075880c52423dca72a912
- SHA512
  
  6467c0de680fadb8078bdaa0d560d2b228f5a22d4d8358a1c7d564c6ebceface5d377b870eaf8985fbee727001da569867554154d568e3b37f674096bbafafb8
- SSDEEP
  
  96:ooEv02zUu56FcS817eTaXx85qHFcUcxSgB5PKtAtoniJninnt3DVEB3YMNqkzfFc:ooEvCu5e81785qHFcU0PuAw0uyyIFc
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  xrmpe-launcher.Updater.exe
- Size
  
  42.0MB
- MD5
  
  691c8823d5cf84564641afd4cbf3070d
- SHA1
  
  16570ecbda1f84df9b9df679a1ed72ada64a7a98
- SHA256
  
  daaf2111b735edcd6129269c8de2844ee9f3c49f9b54e9612c39d03cc068421d
- SHA512
  
  da2e18da79c242c7eb9cb6ef1bc0af7fdfdc6024ec5ec7731118de4d37db878ebc08720606e034f4b7add0f06a8be43f05fd0be428d903c4d35d729a44d1d9b3
- SSDEEP
  
  786432:ULMTELD8BJZxV2pr1L1xypl+8tZq3DDRWHUe6Rs:UoTfBJMpr1L2pl+8tZq3D9pa
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  xrmpe-launcher.exe
- Size
  
  58.1MB
- MD5
  
  c778050d85f91c533e6c480b1c72e4ee
- SHA1
  
  3043c2c217e5af4222491d59c4c42fd4c6cc0223
- SHA256
  
  f716d35da96795fda2c1c9000c878458fbec32967ade933d4c6271d62ddb8e9e
- SHA512
  
  28a72504afdc0bae70e77a078eadd4f7f6029b7bd8a723aeddd81f44ac079193bbad2bdef9b863462f6c42c0868fe59bc7c823260567b42de00b064a41c03d4a
- SSDEEP
  
  1572864:ooTfBJ1pr1L2pl+8tZu3D979O0JF2WrBGxW:oMpL2pl+8tZud9dH
Score

3^/10

discovery
behavioral11 behavioral12

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

System Time Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12