Overview

overview

8

Static

static

3

ImGui Load...se.exe

windows10-2004-x64

8

ImGui Load...0d.dll

windows10-2004-x64

1

ImGui Load...ed.dll

windows10-2004-x64

1

ImGui Load...1d.dll

windows10-2004-x64

1

ImGui Load...0d.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ImGui Loader base (2).rar

  • Size

    4.3MB

  • Sample

    241125-3yyl1asre1

  • MD5

    497af032c5877c3aa003904de83f9b55

  • SHA1

    003cb4258dcd29f967e5bde8a4c95f39affcf2ca

  • SHA256

    1aba6ab0c6b1c019ebcd40f51e0415f45c40c5f6e3da6031810e21980cbbfa1d

  • SHA512

    4068727e9acad568f3b8a0592065ac8d252c8f014646f807e6dd3ba34d3cb631888eb0bd755fdfe1baa7458eab8f54da7046e92a990cfb04ebb15275a02cfd0e

  • SSDEEP

    98304:wEJpO7R8Y2phWSnHMJ3d5k4NgudqQcDdHQAQqPFPginOtpF9OxMRuSQ:JCmIuHMJ3dkudFcD1gqtPgb9Ofz

Score
8/10
defense_evasiondiscoverypersistence

Malware Config

Targets

    • Target

      ImGui Loader base (2)/ImGui Loader base.exe

    • Size

      1.3MB

    • MD5

      2e271eb3cc21cd6e2ccbe4497c044c57

    • SHA1

      a55bc19447c2d37055a2e103169d6c6148f006b7

    • SHA256

      d048adebea24b5a5094151b8820f83b8576cbaa002445aa7e71ff4c5a2850a04

    • SHA512

      c1dc01877fc362e09e09fcea2c7e38da77d5d5b6b9713914af4e277d336e35071c73c710e9f065a908d290ebb7c3d78be111e51c3c07b46d13d856d05bf45f86

    • SSDEEP

      24576:Uxotq1nlyb+6Rd0ZMqp+YFfXN9Bm0jpeze0Qtq7KN5J/RmfmaQll9Rnn10m:Uxbllybh+ZMq3s0g4q7KN5J/Rmfma29V

    Score
    8/10
    defense_evasiondiscoverypersistence

    • Downloads MZ/PE file

    • Sets service image path in registry

      persistence

    • Executes dropped EXE

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

      defense_evasion
    behavioral1

    • Target

      ImGui Loader base (2)/msvcp140d.dll

    • Size

      977KB

    • MD5

      37dc8cc78ecbcd12f27e665b70baefa7

    • SHA1

      46fb9910cc10c4c0c52b547700e1950ce233be89

    • SHA256

      b53add5b7bd6bb11fecc7be159885d0b75736d02423c11edc6eeb6f4bea80f6c

    • SHA512

      078b0b408510c07eac85518f03a9e3fac8e4c8e2e36ccb8cd26962498c7f5bedbd79f7034af3ebfef9984f85d81c9032446b1b5c156b2174a769657ea0ab60a1

    • SSDEEP

      24576:NWJjEJM48ZDBXci9fHQEKZm+jWodEEw9N2:NWJjd48rJw

    Score
    1/10
    behavioral2

    • Target

      ImGui Loader base (2)/ucrtbased.dll

    • Size

      1.7MB

    • MD5

      c3130cfb00549a5a92da60e7f79f5fc9

    • SHA1

      56c2e8fb1af609525b0f732bb67b806bddab3752

    • SHA256

      eee42eabc546e5aa760f8df7105fcf505abffcb9ec4bf54398436303e407a3f8

    • SHA512

      29bab5b441484bdfac9ec21cd4f0f7454af05bfd7d77f7d4662aeaeaa0d3e25439d52aa341958e7896701546b4a607d3c7a32715386c78b746dfae8529a70748

    • SSDEEP

      24576:JUV0C8E3W4JoceLErS6P0qoc6uoPrT5PgVBHmaw+zrGOzli7Gi0m9ZRXyYk:i8/B90ozghlGJ7js

    Score
    1/10
    behavioral3

    • Target

      ImGui Loader base (2)/vcruntime140_1d.dll

    • Size

      58KB

    • MD5

      868fd5f1ab2d50204c6b046fe172d4b8

    • SHA1

      f2b43652ef62cba5f6f04f32f16b6b89819bc978

    • SHA256

      104e5817ece4831e9989d8937c8dfe55d581db6b5bc8e22a1b492ca872eda70e

    • SHA512

      402a0402b318539f26eac2fcd890700d2103f8eabd4b5289b64e2cdb5c30f4bb2b18f342c8a1ecc2cafb3f1d4258387a5300f9a86056f27b176b3fe995f9fc9d

    • SSDEEP

      768:BoKFGMoBcNmO1Um5Y/tHvzvlurMiqWJ8XAG:+KcM3m05IHT+nyl

    Score
    1/10
    behavioral4

    • Target

      ImGui Loader base (2)/vcruntime140d.dll

    • Size

      130KB

    • MD5

      ee7fbf8768a87ea64ad4890540ce48f9

    • SHA1

      bcbc1ebd5a592c2df216d3211f309a79f9cd8a9b

    • SHA256

      03eafdf65d672994e592b8acc8a1276ccae1218a5cb9685b9aa6a5ffe1a855fe

    • SHA512

      0cbf346d46b5c0b09c1f3fb4837c8df662bf0c69de8c4ae292b994ec156c91b78dbaad733226d765b1ca3ee1695566dc90bf85086e438fa15b9eb32058abce80

    • SSDEEP

      3072:bg6runAEs8KOSVZK/pXKsGmVecbQyt5mnaZa:bVisVZK/zBVecbQYla

    Score
    1/10
    behavioral5

MITRE ATT&CK Enterprise v15

Tasks