Overview
overview
10Static
static
3SecuriteIn...14.exe
windows7-x64
10SecuriteIn...14.exe
windows10-2004-x64
10$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3CommApi.dll
windows7-x64
1CommApi.dll
windows10-2004-x64
1CustomHotk...in.dll
windows7-x64
1CustomHotk...in.dll
windows10-2004-x64
1Gajim.exe
windows7-x64
1Gajim.exe
windows10-2004-x64
1NMPluginBase.dll
windows7-x64
3NMPluginBase.dll
windows10-2004-x64
3System.Pri...nq.dll
windows7-x64
1System.Pri...nq.dll
windows10-2004-x64
1agRichEdit.dll
windows7-x64
3agRichEdit.dll
windows10-2004-x64
3dbdata.dll
windows7-x64
1dbdata.dll
windows10-2004-x64
1lang-1025.dll
windows7-x64
1lang-1025.dll
windows10-2004-x64
1libtiff-5.dll
windows7-x64
1libtiff-5.dll
windows10-2004-x64
1uUDFImporter.dll
windows7-x64
3uUDFImporter.dll
windows10-2004-x64
3vsocklib_x86.dll
windows7-x64
3vsocklib_x86.dll
windows10-2004-x64
3General
-
Target
JaffaCakes118_91bf580d7d1bc2ee8e9aecd67be0cbc3cdad83a0ce1b44291ab9f2e9c34cf1a6
-
Size
1.3MB
-
Sample
241222-p1g55sylgy
-
MD5
9a2945af69a2bfb4e7e3ecd94461e2df
-
SHA1
f1da92010737db5054b5f59ffb3e4fcbc2483f69
-
SHA256
91bf580d7d1bc2ee8e9aecd67be0cbc3cdad83a0ce1b44291ab9f2e9c34cf1a6
-
SHA512
c3148264089b6682b56ba5320a430d43e93ebeae3ac79cdea25c562f38d55d9857d60a85e32f4426794f6a6395c044480a6de4887c93b3403dcd53acd1a5f9f1
-
SSDEEP
24576:xaiPifjq6EdPP0na1hyPO2Egoxe139Xncd/9p0r8eUy4YzwfGa:xhifUPPH+O2Ele13lnOgr8e0YzwfGa
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.W32.AIDetect.malware2.29314.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.W32.AIDetect.malware2.29314.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240729-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
CommApi.dll
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
CommApi.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
CustomHotkeyPlugin.dll
Resource
win7-20241010-en
Behavioral task
behavioral8
Sample
CustomHotkeyPlugin.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
Gajim.exe
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
Gajim.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
NMPluginBase.dll
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
NMPluginBase.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
System.Private.Xml.Linq.dll
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
System.Private.Xml.Linq.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
agRichEdit.dll
Resource
win7-20241010-en
Behavioral task
behavioral16
Sample
agRichEdit.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
dbdata.dll
Resource
win7-20240729-en
Behavioral task
behavioral18
Sample
dbdata.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
lang-1025.dll
Resource
win7-20241023-en
Behavioral task
behavioral20
Sample
lang-1025.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral21
Sample
libtiff-5.dll
Resource
win7-20240729-en
Behavioral task
behavioral22
Sample
libtiff-5.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral23
Sample
uUDFImporter.dll
Resource
win7-20241010-en
Behavioral task
behavioral24
Sample
uUDFImporter.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral25
Sample
vsocklib_x86.dll
Resource
win7-20240903-en
Behavioral task
behavioral26
Sample
vsocklib_x86.dll
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
SecuriteInfo.com.W32.AIDetect.malware2.29314.26015
-
Size
1.5MB
-
MD5
f92e0ebfee5c601f8db1fb2f111391e9
-
SHA1
7adeb14e628937f7b7e8da540ef26bd9d7eb539b
-
SHA256
bc109946b539e33604fe85e4c060c616017facb443d8b8e0805f5911d00b6d4a
-
SHA512
cd975312a67d1cd709dc3b93bcd06cb0fd8c6ac0428a14042462cd535de5c430226c37c26abb23e005e745319ce9366c29eecf91d32c4a3bb57dbc4d8d74e4c6
-
SSDEEP
24576:Pb/mS5ptSQE9Ht6g0X2bFcxjizw9HEBNfC3/h8chBY9j9PFUW8mFfB:T/NrtV6t6ibWxX9Hes3/dBYfPF58mFZ
Score10/10-
Guloader family
-
Loads dropped DLL
-
-
-
Target
$PLUGINSDIR/System.dll
-
Size
12KB
-
MD5
cff85c549d536f651d4fb8387f1976f2
-
SHA1
d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
-
SHA256
8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
-
SHA512
531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88
-
SSDEEP
192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
Score3/10 -
-
-
Target
CommApi.dll
-
Size
32KB
-
MD5
5cc04393cd5c397feaa618910342ccce
-
SHA1
e9dbe29ad56366ce0d0e164ff5b807c7638610b0
-
SHA256
bf681263712d30f47457e8e2b64025ea1fafc416a504e9f9798f95190ec467e3
-
SHA512
b5196377d924cbbb36807260dcde94d632f53891e84c8ed3376eec984daa406a5f3e3c22a095d8fff8a73d5f0fa81a23fb97aeabd573ccac86438f0589d7ce71
-
SSDEEP
768:AwwCtlSYaIRR0I0+7OZTUbKJuv8LsOllRi2F:AwwCt0Yau0I0+b4wOlloS
Score1/10 -
-
-
Target
CustomHotkeyPlugin.dll
-
Size
214KB
-
MD5
8494ca908010d5fc3affe2cf66dfd6eb
-
SHA1
509a16887e079c7f3289748db763cd4f181ef13e
-
SHA256
1a125b303e6f627862af17243f67417afcf055bac600a18ce8d24cc5bfafaa04
-
SHA512
2bbddc1c543d7f56d662359d740017f64a27e4c6d8ed2939d5387371873c0af98767132cfe55d20f90a57a2d2ace9d0133020b36813f30c9581ef84392c43995
-
SSDEEP
3072:9x58Qv/Vd1FVX/nwi+6kIhsjR4jsch0tD5KCYKKKQgKh0CrRhEI6:9b8i1XfwB/I+V4bhq5KzgKh0Cz6
Score1/10 -
-
-
Target
Gajim.exe
-
Size
336KB
-
MD5
99916f597f0c1e622f9d0d0c346fc3f3
-
SHA1
ad18fb60d0d0b0073b2962e266c2baa2f72e4d56
-
SHA256
453b00035dc1f10aef7e55437409738b1a47cd0a02da2a2c1a9df98fb74cbb72
-
SHA512
e7e495486e9f238fc36b9f99113ca4f8a30b0e0268accec9b721e8f8bdbf9f2ff9b13e38016ac4dfb79a40af4a6b49c14ca9e13b0e8d5c56d25dc31a171b57a2
-
SSDEEP
6144:kl8Aj+CCCCClCCCCCCCCVCCCCRCCCCUCCDCC9CCCC1CCCC5CC2CCXCCCCuCCCChk:Md+CCCCClCCCCCCCCVCCCCRCCCCUCCDk
Score1/10 -
-
-
Target
NMPluginBase.dll
-
Size
187KB
-
MD5
14e48e064ed774aed4c006bad9036fb2
-
SHA1
44d45b17b97aabc2a30770d8bb61398eae137c50
-
SHA256
6be7f6ae09d028f7a2144b6050d669b8199d2ce1086a22e0b85cffdbdcfbffaa
-
SHA512
203000e665a9d661994edeecc9080c43b79e480d4dffc366f1aed9814fc350cf0a8010296660d42ebd30bf6cfdcc932cea1a449232c89f2d2b4e71a9ca6eff07
-
SSDEEP
3072:yO5yQgD9wY5qDX2qBOx8anxeq1NODeQMAixFZrkPlBVrixxjYpxfciyMJsaU+ByI:yOBgD9wY5qDX2qBOx8anZ4Y7rkPlBTEI
Score3/10 -
-
-
Target
System.Private.Xml.Linq.dll
-
Size
394KB
-
MD5
8d9db2c62538bcd00c3f5c09ea4f493d
-
SHA1
3ce812449d7c40795c3b9112393c0e2e851b51b6
-
SHA256
bcbffc7ad367b85bd90cda285fc615783c5bb86b95e4c04d62bebeb063b054ea
-
SHA512
c5985c4766f3c280a1d793e65cdc9f2652fde2a49dd1379ec4576457ee532091856e3814cd09571dd1a695b8db8edb6e78a63661c666f86f89fbe5b957949bec
-
SSDEEP
6144:q8Sv9UNr/NWeN35BpICdwAHAlKPmSZpMHMp:q8SWNrFWG1iAHAG1ZpMH
Score1/10 -
-
-
Target
agRichEdit.ocx
-
Size
164KB
-
MD5
eb0b6be72a87b2219bd6a4a61eacac16
-
SHA1
68cb202298ca59572f5d9f6d3cfcd45660f3127c
-
SHA256
965ac213fc8c4659c2a04038bd3884ed8f05b51a35851dec0811a602a396d9f0
-
SHA512
75362ac93dc2f1c55bbe132844063e41d1140ca0c6749f072bbaabb00494df02df9813dab8c67981d74d2d46bbb9edbe1bb3c94fae61e2ae74ee3cf0a423c005
-
SSDEEP
1536:5jm8IMpJM2FzSc2XJDyJ+iv1L7soFsUSzR1lGOV2Yg/5KVslzLnYDCWEBwZQDpZu:ZpJIc2XJuJzwt3Gs5jZQDpZyhgEJw8
Score3/10 -
-
-
Target
dbdata.dll
-
Size
106KB
-
MD5
2d337c78ad014b4d7e43fc465f757a7b
-
SHA1
258ee30b7dedd2924203d329aac818b509396440
-
SHA256
465059d2eeeeffd4704e6143c2184d8a5eb09ebcaa7cdb31e6c93467bc025124
-
SHA512
e1928305c8df1618bf3f2e818cee411859da46c6c31fbc552ac07ebf6cf0d58681e929d2a0bf9fed381bc601ec664c96b46af787d95923e5bff8120c2c35f383
-
SSDEEP
1536:5gIbpZKhJLfcPQ3gJ2h59C9nzZ/k1zeFu:LpKLf13ffpeFu
Score1/10 -
-
-
Target
lang-1025.dll
-
Size
147KB
-
MD5
fdae5f67f57abd90169432faade29950
-
SHA1
cc23fccac73b09a1325db6d4ea7efad0f85661ae
-
SHA256
ad10ff18d76daceb6565555403d58ff9068e36bdbcd0dd96d19837ea5f457e1f
-
SHA512
0cf9d327e3d1fb60ac91b5cf531a4bdc29e080ca44738d520d50a19de16d63f1eb37a04c6eb3fae701ae4a29146db9c9a9401bcfdb1991ffa7a80eb3be608378
-
SSDEEP
3072:cbpwJ5WBkrG404QyxfF3kForErl34/s2O8sD10qOOWYVvxNOnfqOH0N:2o0EsUu
Score1/10 -
-
-
Target
libtiff-5.dll
-
Size
525KB
-
MD5
dd926b149d8b1302a02fc07f1ccf06ea
-
SHA1
5ef814845ea75bcde980905286a38e0139b31636
-
SHA256
1fff5091c359cadc4238dcbdb7f8cbb9ca1ef58b6806aec776eeefa79955487b
-
SHA512
2b49510c4a9e7cc1abb1740537d8daa4281b19ef3b33580b9fe0d15414eec1420cbf2a270ca5939a5199a8d27f424686de88c30f4abaf09665d180028af0abe2
-
SSDEEP
6144:Bm1GlgvwANWokYXa4MFKZJ06Z9e/MJxYjcYdFX5av5sDeGcrQPHl7QL/fBlgotkR:18na4MSD+whYJeidspO8O33
Score1/10 -
-
-
Target
uUDFImporter.dll
-
Size
500KB
-
MD5
b392d2bcdc38f26cff47ef385e49ccd2
-
SHA1
564b6f33f7850f66225b693890a2f1f03231d4df
-
SHA256
c51e39f09d39e39343c3030fb9549452f1e548e4d8bc9fdb6138f7605d9eaefd
-
SHA512
6b248183aabcdab5f5228cbc4d950e23b0ce9f5a000b0f5e200d2dd09edff93d41f373b9d688695424b7d254ce3c18f226511338c157cadffbd8bfad20b1ee82
-
SSDEEP
6144:kDpRIYDddKQci/lR3rszSeJFv+iKhyMrV5rGO3Dg+2RMPIJBmfqDF2pFMBbdcqN3:kDpR5RaHynrGO0+2iPIZFw27cqfHu2
Score3/10 -
-
-
Target
vsocklib_x86.dll
-
Size
43KB
-
MD5
14a95f4f1549965bf81b4a6887529ee1
-
SHA1
1c7c5ec3ca926aed7871428c5166325a2d4c4ac1
-
SHA256
b772f5718e4f1ceca485435cd0fb5a5a7e0f20ebea89fcb7658788e458c29bb5
-
SHA512
534f8908416486cbcd40e4fd00fcda73a729ac3f7075d2a46aca5cfe692143281dfc34aa4ad091cedd1446c3e7a7df9395421e1fca7c5d74630d06a4486c4f62
-
SSDEEP
384:/+WhKlcBAMG3H1MYlCAJ+kcYczy/pNhch1MeK6jqvbvFRnhCTlRPiOUULzDgf2hp:/yH9CARcYNNhiMeKggPhCbiKXUf2hQtw
Score3/10 -