8a2d5c5dd1807331a4ab4ddbcbab4746407fdb394806bba0d04f760233e61b0b

Sharing

Copy URL

Twitter E-mail

General

Target

ccsetup630.exe
Size

82.4MB
Sample

241123-2nln1swrdr
MD5

dec9c125a4ee6c7c4b651fbd600f2ad9
SHA1

bddda9734dbcdf0183035bd75376c9defb587592
SHA256

8a2d5c5dd1807331a4ab4ddbcbab4746407fdb394806bba0d04f760233e61b0b
SHA512

ea92edcdb6222eba859d50e8ce364c32420553b305e4474da3897049e70278d7f2dc667313274de1a11e2e4f1c6b0cf77c5de72b2486b90a3389e671fec2a9e8
SSDEEP

1572864:DZnrq1x/6ILJGNzszAIytgiYdIootePh6+6GxMblmFHOZF4LZ:DZryxvoky85oQPb6EMblNZF4LZ

Score

7^/10

Malware Config

Targets

- Target
  
  ccsetup630.exe
- Size
  
  82.4MB
- MD5
  
  dec9c125a4ee6c7c4b651fbd600f2ad9
- SHA1
  
  bddda9734dbcdf0183035bd75376c9defb587592
- SHA256
  
  8a2d5c5dd1807331a4ab4ddbcbab4746407fdb394806bba0d04f760233e61b0b
- SHA512
  
  ea92edcdb6222eba859d50e8ce364c32420553b305e4474da3897049e70278d7f2dc667313274de1a11e2e4f1c6b0cf77c5de72b2486b90a3389e671fec2a9e8
- SSDEEP
  
  1572864:DZnrq1x/6ILJGNzszAIytgiYdIootePh6+6GxMblmFHOZF4LZ:DZryxvoky85oQPb6EMblNZF4LZ
Score

7^/10

bootkit discovery persistence spyware stealer phishing
- A potential corporate email address has been identified in the URL: 67C716D751E567F70A490D4C@AdobeOrg
  phishing
- Downloads MZ/PE file
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/INetC.dll
- Size
  
  23KB
- MD5
  
  7760daf1b6a7f13f06b25b5a09137ca1
- SHA1
  
  cc5a98ea3aa582de5428c819731e1faeccfcf33a
- SHA256
  
  5233110ed8e95a4a1042f57d9b2dc72bc253e8cb5282437637a51e4e9fcb9079
- SHA512
  
  d038bea292ffa2f2f44c85305350645d504be5c45a9d1b30db6d9708bfac27e2ff1e41a76c844d9231d465f31d502a5313dfded6309326d6dfbe30e51a76fdb5
- SSDEEP
  
  384:l4Z8sUAUNuGGsPVPEZ+OLkCnFJDhgvZwcRa9h9S4y4fO:lG8sUAUnt88CFJDhmajMA
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  cff85c549d536f651d4fb8387f1976f2
- SHA1
  
  d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
- SHA256
  
  8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
- SHA512
  
  531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88
- SSDEEP
  
  192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  6c3f8c94d0727894d706940a8a980543
- SHA1
  
  0d1bcad901be377f38d579aafc0c41c0ef8dcefd
- SHA256
  
  56b96add1978b1abba286f7f8982b0efbe007d4a48b3ded6a4d408e01d753fe2
- SHA512
  
  2094f0e4bb7c806a5ff27f83a1d572a5512d979eefda3345baff27d2c89e828f68466d08c3ca250da11b01fc0407a21743037c25e94fbe688566dd7deaebd355
- SSDEEP
  
  96:o0svUu3Uy+sytcS8176b+XR8pCHFcMcxSgB5PKtAtgt+Nt+rnt3DVEB3YcNqkzfS:o0svWyNO81b8pCHFcM0PuAgkOyuIFc
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  7KB
- MD5
  
  675c4948e1efc929edcabfe67148eddd
- SHA1
  
  f5bdd2c4329ed2732ecfe3423c3cc482606eb28e
- SHA256
  
  1076ca39c449ed1a968021b76ef31f22a5692dfafeea29460e8d970a63c59906
- SHA512
  
  61737021f86f54279d0a4e35db0d0808e9a55d89784a31d597f2e4b65b7bbeec99aa6c79d65258259130eeda2e5b2820f4f1247777a3010f2dc53e30c612a683
- SSDEEP
  
  96:J9zdzBzMDByZtr/HDQIUIq9m6v6vBckzu9wSBpLEgvElHlernNQaSGYuH2DQ:JykDr/HA5v6G2IElFernNQZGdHW
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/nsProcess.dll
- Size
  
  4KB
- MD5
  
  f0438a894f3a7e01a4aae8d1b5dd0289
- SHA1
  
  b058e3fcfb7b550041da16bf10d8837024c38bf6
- SHA256
  
  30c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11
- SHA512
  
  f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7
- SSDEEP
  
  48:Sz4joMeH+Iwdf8Rom/L+rOnnk5/OCnXeAdbdOAa4GPI+CJ87eILzlq7gthwIsEQW:64c/eFdfS/SSnkxNa4G+ueqPuCtGsj
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $_135_/lang-1025.dll
- Size
  
  252KB
- MD5
  
  dd572166dea5ddd56dd98212fbb61e9b
- SHA1
  
  245354e05432a1c9f21b356bc8f56156a0e75b56
- SHA256
  
  b45a2dd27d5bfeb98bfaa9628330cdb3bf8b81abe27dad1a376857b863e96b54
- SHA512
  
  1c2e40ef7d5c5d4c8d43ec42539345a8b45a6150e39d5eb5e5e20b888bfd3d814954321247b77c05ec2c048e9f88b3c32d0dd2218f025500e5911d237bb3776b
- SSDEEP
  
  3072:rGYnpwJ5WckrG4m4xyOfF3VForEml34/s2O8sM10dOR25VvxXLn+TOq3jK5zeDxB:1LiEsHUFU7+
Score

1^/10
behavioral13 behavioral14
- Target
  
  $_135_/lang-1026.dll
- Size
  
  300KB
- MD5
  
  b88e9f66e8a58b33979731fb1c22fffa
- SHA1
  
  c4f6cf0c229a4a64c44cd281c70482031afb1740
- SHA256
  
  36b9e82a3a049a95115aa02e47d68c9f1c0060703e145b73098e187a9f5b5208
- SHA512
  
  abeaab008bc09d17044202e78d0af69b01876edcaf52371260123388a1b6b37dc224b6bec751dc6364bbb60ea164c9c49d6f23ab02925153df9316eba32a3980
- SSDEEP
  
  3072:DGOPYLFo0y2mxyNRtOdjJTmUDph4au4B7XI:H6m4ASUDJ/7XI
Score

1^/10
behavioral15 behavioral16
- Target
  
  $_135_/lang-1027.dll
- Size
  
  302KB
- MD5
  
  3d2fa55abfadc8bdf737d8e5044fd8d0
- SHA1
  
  7ad0f586bd537292ffc54080d3c55f237fff3815
- SHA256
  
  4b623360fce24acd0ec8318a7fbe1904c9a8da1d7ead933b79962873670b4c80
- SHA512
  
  77a7647426d123af796e4a44ed6ca3c250fba471edb8cf8193324a9b77500848468bf7a42aa78d113fe0ed274eb5f2d1440ce5008d60fdff45fa9784e90d6725
- SSDEEP
  
  3072:cGarruphzAmGC0MUmqvn9vQ2iYHzNb0SlLwRPM36qWFnZY2We72sCEsAwo4c7F:hbAK0MUmqVNb0SlsqW7j7F
Score

1^/10
behavioral17 behavioral18
- Target
  
  $_135_/lang-1028.dll
- Size
  
  118KB
- MD5
  
  bcb60c0bcc807e3fde1f85c3fa29eb26
- SHA1
  
  36b02963ef03d19ba9e3257e289fb5b64e372999
- SHA256
  
  bb0349e941cd709ea1493b0c0d1c6a8cace7254a942478eb3690c2eed99d1b80
- SHA512
  
  22f03e966da2a1e23e4a8342af9f07571327d04530cfc4767cdf947c3787cee3d38e1a9448b85ef0afd3979fd2b62b5ed3295cdeee53a021e56cf3a9cf829b2e
- SSDEEP
  
  1536:bkGH/J14AsGyGT9bdz4MY4JUjAaV0zEwjHhAEil7kHJ7z:QGH7hf4MY4JzdLHRg4p7z
Score

1^/10
behavioral19 behavioral20
- Target
  
  $_135_/lang-1029.dll
- Size
  
  266KB
- MD5
  
  094d2e84d6727c326d1e9eb73202bf0f
- SHA1
  
  cbd7a76391d17fe692caea604fe0df0e79f2ed7e
- SHA256
  
  4cb8e195f0c9d2a3be0013f943b7c9659518c0942422846041f2ee0b917676d7
- SHA512
  
  ba19a2931d2dc53073ee504357d39ff3a313b0ee3a3ae8f00d06340b9496868ce01e2319dc2b6511d61fc3cddb5b60bb5e3fefa7b50584855fd9266ab5571ec9
- SSDEEP
  
  3072:SGqTV8w+1kxQxrTjEuq2mv4l0V13hcIYq80BJ0wonymZq1Mb2gxQI4F7k:WCW13rYQ7k
Score

1^/10
behavioral21 behavioral22
- Target
  
  $_135_/lang-1030.dll
- Size
  
  262KB
- MD5
  
  edba49a4741fe915ac014ebf36dafa44
- SHA1
  
  a230c9536ac71b9729a9f22c5c149d41b35ea12c
- SHA256
  
  97c1fed3fcd62004cecfceae9cbd3378de012a3c8578c7324e2e17a1fca413ea
- SHA512
  
  666b7d2e74ae01e2d3d1a3e9f4e8e454a0af065090e681fbb91e37bde353c89fa91ed91afad075e0e41987363e2ca3c1ca6cbd34fa1ffeda4a25fb02c4c70c85
- SSDEEP
  
  3072:/G1/BUUPjdtlpsCPH02R/CCzuo8JqT1oSo4amSZtTFgCIMginJMaf4D7x:OJrlphwmupgzaO7x
Score

1^/10
behavioral23 behavioral24
- Target
  
  $_135_/lang-1031.dll
- Size
  
  297KB
- MD5
  
  a990c225284513ac9623743b627ea74f
- SHA1
  
  556e8c38e1a600038fa3ff2b06e6752f3c81c404
- SHA256
  
  ca9eb9002cf87de204e99c0e13ad02903e3f374604c72758f922753b5805d3b2
- SHA512
  
  dc1a7ddb3fd3f0b1ac22c2d58cdbcc6fb7499b61ecbf732453b9a46996ac0b503a50898c000504e2efb2bf695bb18bc770208a81cba84a97d098aedafaba5d77
- SSDEEP
  
  3072:cGZSkJn9KvgjvyvvWTChegDQhK7JUfRtR+ga9hI7AlfbamVXuNdIEhpg8XVLZkwj:Jy/VqEFzda9vpXFPnuV74
Score

1^/10
behavioral25 behavioral26
- Target
  
  $_135_/lang-1032.dll
- Size
  
  311KB
- MD5
  
  2fb2a79f84a4e19b903d8fdf48fa1fc3
- SHA1
  
  0d68ad823b394acbc2e0c1a0f74a24246af0f2c0
- SHA256
  
  4d7cd8f52e951a298f01049c4ceab4013e6d010a692348641e18b92da7f1772d
- SHA512
  
  1da5035f1fb71829dd07bf441b3892bac5ad3a710f7fb5eb95df1664e73b32de59445d5f5de42e11cea89795b98a899851501c5ce57ca0176db33722c9d520b6
- SSDEEP
  
  3072:IG8BkC3TgkU7Z9vMQZO3MnoWX6r85dWORIqY4adqLDBBlKKSUG8ioi9rvxVJzAk9:vvM2+6ayY7B
Score

1^/10
behavioral27 behavioral28
- Target
  
  $_135_/lang-1034.dll
- Size
  
  296KB
- MD5
  
  887bd13a2de0eeefe0d1096ffff97861
- SHA1
  
  bf117cbffad12bd30e3c162f2f5ceebdc46d4e61
- SHA256
  
  3898b5efbfd3321e668650ca9b0c87382c858e97b9665f5af244fc11d3a67149
- SHA512
  
  7549aecd20c556ff973f21dd32cab53100fba33dab8878f02492532973dba2e444dc1dfc87dc4a96ae2bcac3c91d48bc72e69fe648629f21bcb7c080ca43b3d1
- SSDEEP
  
  6144:jyx+c99+JqLYRRDFPQivkhQHYhaWCGslwQ7S:Wdxo7S
Score

1^/10
behavioral29 behavioral30
- Target
  
  $_135_/lang-1035.dll
- Size
  
  274KB
- MD5
  
  59cb30843fac4717b81f2af566c40a93
- SHA1
  
  f378a49200ac579fd4205f7ff0eb8bdbe09c12df
- SHA256
  
  504011484d50c680919b2aa52fb8be8d9b606e8676a7c0898ff3c2226d0e6337
- SHA512
  
  c757a7a43b30a59bace7f0117601e2b98fbfcd1ce16c2ea0ef4a3c894c466a8a2148b8aa4f4127fffeff7dd9df0a79c5730ec674337d3e8816b7abc82b53d518
- SSDEEP
  
  3072:aGGm0iYKzLFQCBRLAEmW6WJM8LHxaMevPHZR/m2lki2/eqLyJ801IEaI88RTr+vE:lLFa8zx/2xWXBziBZp3w/sIYynYuPA7R
Score

1^/10
behavioral31 behavioral32