General

  • Target

    ccsetup631.exe

  • Size

    82.4MB

  • Sample

    250115-3q6yeazqct

  • MD5

    5fe0431f55622801c1656e7f127b19ea

  • SHA1

    8a6969369bde5e04d2171791b8fc447c4fec4704

  • SHA256

    adef2114e6a50419559f41bda58844d4c6e3af305c89428d5f0d3843b40f98c2

  • SHA512

    32245f47addfa6d08847d1ac7efd55f7dc6ca71a2d8aa307ac89a846e8ebbf737f7117c57e21f55cb52822d9590618f87dc214978c4aab0b388ee3d23f549b86

  • SSDEEP

    1572864:SlO0YjB9EHfOmHsHiGYLSgTAJPFkjbPkmomYljBAbZMPC0CX01CoDTAJO3HWUJjS:St4g2osCGCD8pyHPkNmYljybZT0CX0dS

Malware Config

Targets

    • Target

      ccsetup631.exe

    • Size

      82.4MB

    • MD5

      5fe0431f55622801c1656e7f127b19ea

    • SHA1

      8a6969369bde5e04d2171791b8fc447c4fec4704

    • SHA256

      adef2114e6a50419559f41bda58844d4c6e3af305c89428d5f0d3843b40f98c2

    • SHA512

      32245f47addfa6d08847d1ac7efd55f7dc6ca71a2d8aa307ac89a846e8ebbf737f7117c57e21f55cb52822d9590618f87dc214978c4aab0b388ee3d23f549b86

    • SSDEEP

      1572864:SlO0YjB9EHfOmHsHiGYLSgTAJPFkjbPkmomYljBAbZMPC0CX01CoDTAJO3HWUJjS:St4g2osCGCD8pyHPkNmYljybZT0CX0dS

    • Adds Run key to start application

    • Checks for any installed AV software in registry

    • Downloads MZ/PE file

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    • Target

      $PLUGINSDIR/INetC.dll

    • Size

      23KB

    • MD5

      7760daf1b6a7f13f06b25b5a09137ca1

    • SHA1

      cc5a98ea3aa582de5428c819731e1faeccfcf33a

    • SHA256

      5233110ed8e95a4a1042f57d9b2dc72bc253e8cb5282437637a51e4e9fcb9079

    • SHA512

      d038bea292ffa2f2f44c85305350645d504be5c45a9d1b30db6d9708bfac27e2ff1e41a76c844d9231d465f31d502a5313dfded6309326d6dfbe30e51a76fdb5

    • SSDEEP

      384:l4Z8sUAUNuGGsPVPEZ+OLkCnFJDhgvZwcRa9h9S4y4fO:lG8sUAUnt88CFJDhmajMA

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      12KB

    • MD5

      cff85c549d536f651d4fb8387f1976f2

    • SHA1

      d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e

    • SHA256

      8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8

    • SHA512

      531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88

    • SSDEEP

      192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr

    Score
    3/10
    • Target

      $PLUGINSDIR/nsDialogs.dll

    • Size

      9KB

    • MD5

      6c3f8c94d0727894d706940a8a980543

    • SHA1

      0d1bcad901be377f38d579aafc0c41c0ef8dcefd

    • SHA256

      56b96add1978b1abba286f7f8982b0efbe007d4a48b3ded6a4d408e01d753fe2

    • SHA512

      2094f0e4bb7c806a5ff27f83a1d572a5512d979eefda3345baff27d2c89e828f68466d08c3ca250da11b01fc0407a21743037c25e94fbe688566dd7deaebd355

    • SSDEEP

      96:o0svUu3Uy+sytcS8176b+XR8pCHFcMcxSgB5PKtAtgt+Nt+rnt3DVEB3YcNqkzfS:o0svWyNO81b8pCHFcM0PuAgkOyuIFc

    Score
    3/10
    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      7KB

    • MD5

      675c4948e1efc929edcabfe67148eddd

    • SHA1

      f5bdd2c4329ed2732ecfe3423c3cc482606eb28e

    • SHA256

      1076ca39c449ed1a968021b76ef31f22a5692dfafeea29460e8d970a63c59906

    • SHA512

      61737021f86f54279d0a4e35db0d0808e9a55d89784a31d597f2e4b65b7bbeec99aa6c79d65258259130eeda2e5b2820f4f1247777a3010f2dc53e30c612a683

    • SSDEEP

      96:J9zdzBzMDByZtr/HDQIUIq9m6v6vBckzu9wSBpLEgvElHlernNQaSGYuH2DQ:JykDr/HA5v6G2IElFernNQZGdHW

    Score
    3/10
    • Target

      $PLUGINSDIR/nsProcess.dll

    • Size

      4KB

    • MD5

      f0438a894f3a7e01a4aae8d1b5dd0289

    • SHA1

      b058e3fcfb7b550041da16bf10d8837024c38bf6

    • SHA256

      30c6c3dd3cc7fcea6e6081ce821adc7b2888542dae30bf00e881c0a105eb4d11

    • SHA512

      f91fcea19cbddf8086affcb63fe599dc2b36351fc81ac144f58a80a524043ddeaa3943f36c86ebae45dd82e8faf622ea7b7c9b776e74c54b93df2963cfe66cc7

    • SSDEEP

      48:Sz4joMeH+Iwdf8Rom/L+rOnnk5/OCnXeAdbdOAa4GPI+CJ87eILzlq7gthwIsEQW:64c/eFdfS/SSnkxNa4G+ueqPuCtGsj

    Score
    3/10
    • Target

      $_135_/lang-1025.dll

    • Size

      252KB

    • MD5

      80227a5979749da4b1a6e13d75767ba9

    • SHA1

      10435ad7972d3c036367d1bcad5bbf7e6e297d44

    • SHA256

      e05eacf950506d9b333f577ce27ddf377f68bf1221abdb6b3b966b51c32fa5b2

    • SHA512

      3733f4d7266c1e5d6fd64f9d76997d7c083e7605f9fcc25ab487b506ecf6e5b8349936ace20c0ee7363c54beb2b3713ccfc688514d428eb9abc1f0155bf84882

    • SSDEEP

      3072:eGxnpwJ5WckrG4m4xyOfF3VForEml34/s2O8sM10dOR25VvxXMn+TOq3EK5zeDxz:bLiEsU51M7q

    Score
    1/10
    • Target

      $_135_/lang-1026.dll

    • Size

      301KB

    • MD5

      9ed91838f2c94cca62e9997d6d8de485

    • SHA1

      45bc682ab79da280483acb075006aa8e14ba5bcf

    • SHA256

      ab014c6e209ae350463d4d90c6ec41d33274010c0fbdfc72857e22974f29d941

    • SHA512

      0cc294970b414f2da4ee0c7970958dbe18e4f0ecec8fc8196c49f1527e6e0a77728818361596d5d5b6ecec1ce2ed02fe276d7e7966e6d9e17c358174e4457579

    • SSDEEP

      3072:pGqlPYLFo0y2mxyNRtQdjtTyUDph4ai4B7m:P6m4yWUDJP7m

    Score
    1/10
    • Target

      $_135_/lang-1027.dll

    • Size

      303KB

    • MD5

      da49c5b096108ab52124c4e2b8e244c1

    • SHA1

      4ba771ba6c648b194c9cdd358c581065a85e3a78

    • SHA256

      346e4e3efcfbd1af51a4d5d2ce052223f725b93a8fb41e8dd775016f44517274

    • SHA512

      feabd210b5793fd5b4c7fbf63d74956a7a74a1bba5f520a3afef2b8b75a5fc57fd69de92cf34eea7cdecd9ba46152e50e1e31e5fda06e11172ede0294cc494bb

    • SSDEEP

      3072:RGVrruphzAmGC0MUmqvn9vQ2iYHzNb2SlTwRPM36qWFnZY2W572sCEswwm4U7M:lbAK0MUmqVNb2SlEqWsv7M

    Score
    1/10
    • Target

      $_135_/lang-1028.dll

    • Size

      118KB

    • MD5

      59ff6883556271c7cd84501625cacc25

    • SHA1

      7480e318d514cce97a39e05c8543ee30a4398326

    • SHA256

      0a3d128953bdac4927cd38d2cc2420d4eb7f3e9860846a3a031788d6a675241a

    • SHA512

      bab44ca78677d829767153934200b88d35aa66eab73370a594965e521fc72c545e80d44fdf716b8bba905c097cbf9580eac99b5e0a81aa6fcd287a6337248664

    • SSDEEP

      1536:SkG0/0G14AsGyGT9bdfTMY4JUtAaV0zEwjHhAEIS7kTN7v5:jG0sMhTTMY4JFdLHRd4TN7v5

    Score
    1/10
    • Target

      $_135_/lang-1029.dll

    • Size

      267KB

    • MD5

      7448e3e1614e38ee9e2b16f298577767

    • SHA1

      fc1a02a0b44a0c9410044929ea2a62cdf6aa95bc

    • SHA256

      69c7a2055f1cfdcdcd7c5b31fdbcb76d50d53bd0b293f05234897c3900801d48

    • SHA512

      e459e6a889b22343b0526557c2593bfd177bc3b9840c88a307c0ad37b895763c89eba0a629b5bd354c96e3fb102817ad54e0064a47c6ecc386f62f9c82e21d20

    • SSDEEP

      3072:PG1TV8w+1kxQxrTjEuqMmR4l0V13hcIYt80BJ0wonymZq1Mb2gxcK4XyN7T:cCO13rYlyN7T

    Score
    1/10
    • Target

      $_135_/lang-1030.dll

    • Size

      263KB

    • MD5

      6e8c5c1a5b18f7e780168f83131faa39

    • SHA1

      8c73f2ae58c222b45cae6c82e8a11bf2103012f9

    • SHA256

      e5eae23826a2500f945b51ae207675cc0cc0bcbe396323121926b8d3f46a3f38

    • SHA512

      3a0e5292c85ab59b015ef422f7c0bdfd88a4d201d85f3d87824cb0931b80a3533541415b3c4fc32208b639e078c46b0aa53a318e8854a9fbce72d353ee0175fa

    • SSDEEP

      3072:tG1VUUPjdtlpsCPH02R/CCzuo8JqT1oSo4amSZtNFgCI1linJMaQ4r7y:Ytrlphwm44lzaD7y

    Score
    1/10
    • Target

      $_135_/lang-1031.dll

    • Size

      298KB

    • MD5

      922e87c1d447e8f894c7fb102d5d03fc

    • SHA1

      c68de47b35a2d6bf44b58dfb2dd95064f76feb19

    • SHA256

      a54b0285fc1d57cff4a8ba9d7e276f8c011d2b784a2f2ffa7da62e7d77b976f5

    • SHA512

      ffec4c0492832ce0311f01669953d8bf87ffb6a12285dd62d7ca2091230fe670d624a0bb91dc0f9977a0bc1dfa5c267551767d26118d02ee6e10066f52e641d8

    • SSDEEP

      3072:xGZjJn9KvgjvyvvWTChegDQhK7JUfRtR+ga9hI7AlfbamVXuNdIEhpg8XVLZkwLI:qy/jFmEFzdaDvpXFPni97J

    Score
    1/10
    • Target

      $_135_/lang-1032.dll

    • Size

      311KB

    • MD5

      1585dda981a8a0411b23237584a244f9

    • SHA1

      0a8bd9e7c12af85dd18db671c620a31722312900

    • SHA256

      7d3f03930a3db4fe8134ce28fb6430f44b89d74e769ed7d8fbac6ed15ff4afaf

    • SHA512

      4af1b28741631d018760406eb4d4161f2f713c9e15b6129d255ba2ed67f13609c3a1bff793f154425a6482d0fae3b509b9eb239a94225446628ca44f4ebff884

    • SSDEEP

      3072:wGYlBkC3TgkU7Z9vMQZO3MnoWX6r85dWORIq64adqLDBBlKKSUG8UYi9rvxVJzAq:qqvMqk6Gyv7i

    Score
    1/10
    • Target

      $_135_/lang-1034.dll

    • Size

      296KB

    • MD5

      11f04cc4559701e7707451e5b67ce4b3

    • SHA1

      83a77f139caebe2628bb52a2d444aa50006676e0

    • SHA256

      01dd0c2f161769fc8e3f148cc29942214c3ba82857e35fa1d4bdcb870600845d

    • SHA512

      cb28c8bfd8ce58c41f360832f4fef74bbdc35a7cc0a6041ff1b35581d79572fb070807f6548b7cf8c8b9c22755d6b9586d53f5eb82fa93888471f3663403e201

    • SSDEEP

      6144:2yx+c99+JqLYLRDFP5ivkhQH9haWChslwW7s:bd+s7s

    Score
    1/10
    • Target

      $_135_/lang-1035.dll

    • Size

      275KB

    • MD5

      254bc711966827e1df9c9b073def3478

    • SHA1

      50f193eb8413c0a68d499c992f99c683bf360c67

    • SHA256

      98e9fbf664c765fad57af063c4d470f8987911dd977cc73e38cd29f34eea37a3

    • SHA512

      1773e154bea53bd8835f647c2c70954b9164a72c55a8d08fa7f38fb8e996522803a760e9fc3de1bd2264b60ae58d4b911dff0f61ce464e573fe805279665f770

    • SSDEEP

      3072:NGDm0iYKzLFQCBRLAEmW6WJM8LHxaMevPHZR/m2lki2/eqLyJ801IEaI88RTr+vI:jLFa8zx/2xW2nziBZp3w/sIYWnYuP77D

    Score
    1/10
    • Target

      $_135_/lang-1036.dll

    • Size

      308KB

    • MD5

      a0854637ba8bd98c274d1b3a7b531cb6

    • SHA1

      74b7b44422e4b56d7ecd8b7dc621dce73d648ee4

    • SHA256

      4649e7e36097232f8c3262a7f9d028698ca604a444cdd5d89bd25038ddc27417

    • SHA512

      3ff0d69fca951257f98ec1679a35f8e452338263625722069d39254376bab319cedcf242fe04c7901522f12843e0dce55cf750a7faaf888e82449374b0e30066

    • SSDEEP

      3072:eG4O/HQG0lY0HlRuz9ldM5f66FhC7s570/5lgsPJ+OTanfRce0y6gvTlxiu4n7Z:nUuSpFr2r+OfV7Z

    Score
    1/10
    • Target

      $_135_/lang-1037.dll

    • Size

      83KB

    • MD5

      02334de138853339fac36c0ed9ed7d75

    • SHA1

      b2e5aa0db1d014c84560cdf52fc975b25316a49b

    • SHA256

      aed9355798a223e89967331dc5829697f638ff54ec977b946ff53be804013bfe

    • SHA512

      0b66241b5ae4598bc9e9705cdf0f3050214bdff8affeefa628d221b3f6048a3caffac16f9be5070b7ab0702cd3c882a7dc94c038c8a9332b098fbb2782a379dc

    • SSDEEP

      1536:/IbG/Ev7fV/QDGLu7rXc+yF3hN2qx8xk7km74:ABQDGLu7rqF3hNL8xk4m74

    Score
    1/10
    • Target

      $_135_/lang-1038.dll

    • Size

      294KB

    • MD5

      c206488346727f65ee859d9ec9bba869

    • SHA1

      d9b5ca10d21026a00fcfcbb874a5c595a9fd680f

    • SHA256

      8e9eea4a4a6a63f169901bed52a03e00d3e086ccc63731c717b346803d5d1152

    • SHA512

      39a1e739feb814ef2cef4d64203e8fbb0573694151bb32f449621abed1058455694d20c88d5aed3032aabfa6f31d7e58664ce3864f52e87c90e71997eb10f62c

    • SSDEEP

      3072:LGaAkfjlc69HieVvyQfEJfAGaHaf8p2FjQzrDJK8+jewl8w0i85EK/FMJgMET+dQ:DAp9mWxqiKr4687m

    Score
    1/10
    • Target

      $_135_/lang-1040.dll

    • Size

      291KB

    • MD5

      03178fd799c539a49f69a2dcee9dc3ca

    • SHA1

      f187bf915425893aa2420ad77cfd775f664da19c

    • SHA256

      2039a816e0b9bcba611bec7b08fe1ddfc79df44e90b652c0f54dba3d05e3690e

    • SHA512

      7cd590eb5bf417663e43b13de7f4a8d56b54203b48857a3f200086ee0c697ec443f99163e326dfdfa05da2effb0a2b9f51045f046f6c706b4cfdc28abc9d9a3f

    • SSDEEP

      6144:zrqr2dkN5rbJEzkk7VbQgxdUSycevoHN11uBIAN22H/GQJ/WF3jn+lZ560BIMjpp:zXeBb8H7W

    Score
    1/10
    • Target

      $_135_/lang-1041.dll

    • Size

      158KB

    • MD5

      886fa2364a236b9575a13676956ce639

    • SHA1

      192409279364ac386ce7cd0c6ba2d8fa84c573e2

    • SHA256

      8390a6e4f3cd32492b05d8abbac27ad36b16151900edf7d6279ffac41ec8466b

    • SHA512

      bd7f939894071944b2af132f1f0cde450fc22ce610dd2ed4a39f16699091b201d1dd5ba49aae0a8c67fd1ef13498927f9448886fe0c2df093a153bbf7971f5c3

    • SSDEEP

      3072:1GMxC0oGAYGz/CJyeD/53QPPYE7QREk9kyASAmjXS7f8okOqD0Q4WFIU1J+LdHgI:1Y0ydI91RGr8okL0uR7c

    Score
    1/10
    • Target

      $_135_/lang-1042.dll

    • Size

      153KB

    • MD5

      721119289b9cd015a1fb2780ca2a23b7

    • SHA1

      f88dc504065e6c1532cbc57a89d4f9c6815b8796

    • SHA256

      6d295f484702da2b4f4eb8e5245c411fb2f4d48c0d680ac09b504a778e7c2a83

    • SHA512

      7c9664aa46e2e1cc6c3638b21bf96ea48b979ee36cb89e241fda32dce8d315ca1c64485baa5c794f990f7a2e210094ac010b5242dcbd61d0fa6c2856816de7a9

    • SSDEEP

      3072:EG/OIrT8jQ3PPpY0yY9OdQ/XXqAxUxHf9CuxBrTTN3z8D4B7v:/T8ePPKY9fXqAxLujh3H7v

    Score
    1/10
    • Target

      $_135_/lang-1043.dll

    • Size

      292KB

    • MD5

      8edf4ba61fce2a96664ea39fd0d8673e

    • SHA1

      1f864f5bd91ccd744b7c6cdb8b7322a1762b621f

    • SHA256

      661a29577fe143e9b70c94adf7809070336e62ff7b93a1cc441ec5a39888bdc6

    • SHA512

      ff44250b7459a71df0c1eb4ba5bb4ab50cc09724b6bf53816556e87e08e146432cd4b48cf2a5006d2ee3d61986d88b4d3a3bd5b58a5e241b2117d03449dbfd64

    • SSDEEP

      3072:PG+s0KKa02GVl71eOTnhSx+0hdPLWa/zwiJ07kVliIlJE5E6pFCASYxKxYMe7Nnp:zsKm9P3Z7i

    Score
    1/10
    • Target

      $_135_/lang-1044.dll

    • Size

      264KB

    • MD5

      8e7f86244bf1b99b35d849a7221ce8a2

    • SHA1

      0fab2b29565bb0d7a970b6cb2ccdf1bef789c140

    • SHA256

      a171b54015d8009844079683bed6555620b9692ddeac0681438f071adcd6f0c1

    • SHA512

      f5a1e893528652d42ca39b3e357e2f4d7a3def1cc26b4c49a7e59d0458b0d1d009cfd0e362d398faf67826051e886306b6a3eaa13de3921c203385cc3ab38687

    • SSDEEP

      3072:RGLMYbueTfZOaRLl/TPWBPgfJ9yBIwSk5/apG24VPeEfBGtqeRBLK/v2PS1gYYei:CrqYeq8x87x

    Score
    1/10
    • Target

      $_135_/lang-1045.dll

    • Size

      298KB

    • MD5

      0bb8bc764e590b4db6c0ab9c59e28c0e

    • SHA1

      c09abfdf58defcdea3c86c45732bc518c19b55e3

    • SHA256

      31bd223cdd775796a11ca82bf9dcf1dc60606e55055d71da0ad7247f855cd2ef

    • SHA512

      4eac26d9e302ed93661b47e54f0095fa38e6353274243ead1f90313814a6968881b5e3611dbf03c1b2a274a8b2df198da6734b0ed319635e443d3e2d62ead35a

    • SSDEEP

      3072:LGK9PgRHXQCny048tLR2aJfuoGdLuQK464/71:JBg79dR3JSp71

    Score
    1/10
    • Target

      $_135_/lang-1046.dll

    • Size

      287KB

    • MD5

      71bbdf859a0496f64443382990003206

    • SHA1

      e67d6482b2517cbf2484a199cabcd4a482294357

    • SHA256

      7ee47605c4c1d9247701fb5d85ccd4193b0860b19039d0c2caf72047191071d8

    • SHA512

      0029c171bb3f3ed7ac8c566db04297a62417ae0cee212d7c4e739e6072f51e659cc6d6003b880714ba55e2b3cc91e083712059a9aaac504baeb1e7692d43178e

    • SSDEEP

      3072:MGs+B0rEcMnC2Ewumjv8ggFBLfk2hxvosC4bXm3hoO/miMKvLnY5OOkUSUIx6/2e:aYcPKvLnYci97t

    Score
    1/10
    • Target

      $_135_/lang-1048.dll

    • Size

      308KB

    • MD5

      48bcb56c2e710522b019fe022a59dcff

    • SHA1

      0e995a59be54413d2b776fe31d490e7ecb12da70

    • SHA256

      c9ead29de6d21212a4d8c2029df97a2b8b58c0db0e2489f3327cc2fa0a0401cb

    • SHA512

      4b075e8f72bd809aa355b74846dddc1a4bf2a42de783d44e5c09ea348c54c58dae5635fae812d094361db75cdf57e563e56e5600c1ce60a246933f0554877996

    • SSDEEP

      6144:gBL70sRPwy8RsSNskqf0xZWg5/K4ONmmgDjbIfgstZqn07f:2RPwMY/s007f

    Score
    1/10
    • Target

      $_135_/lang-1049.dll

    • Size

      277KB

    • MD5

      d0f60cdb803f5bae1698748dde352a30

    • SHA1

      91e176a4d1f9532e65613357bca9739eafe33d97

    • SHA256

      2a2cc397f0ed09b1eb4b637da18137e794122d96caf4191e2555fdc04482b28c

    • SHA512

      a4123505b12011ffb9b04e1d6f9e44ff9e71dc57906b56734486d6fd1c8d2e9469154d43985fa9db9cf8f2c8d8fc59954b6857bf3569829e07a5ce5a08ed7a09

    • SSDEEP

      1536:BkGXGb3G+prKUkqszVZSBTjZGpjWav2+H7kW7y:KGXS3GkrKUkq6ZITdGhWav2+H4W7y

    Score
    1/10
    • Target

      $_135_/lang-1050.dll

    • Size

      287KB

    • MD5

      bf22b182eccbf81ef6b4c5a05b50daab

    • SHA1

      20fc9fb849313d08991fa9c08ada828bdf8ece20

    • SHA256

      709346aaa121dc89aa14fb6af2e21055a741b70b7be816d98a8911acc4069e8d

    • SHA512

      6a0d4601283c880af072773fb1ffef4cfd594f1e461d3591e797f857d39fefaa9140a78deedef7f4fc2c32a01c02c6fe2ae03b91ba99d9461731c39593749907

    • SSDEEP

      3072:OGfwUkEouTt8mmwkuvBi/Nf4lDPhkCiadAFM/jg3lALwD4x7m:XwUA6lmHCIE7m

    Score
    1/10
    • Target

      $_135_/lang-1051.dll

    • Size

      273KB

    • MD5

      a8cd8c9c1118c98dcd07ca103ea47423

    • SHA1

      83e6044445b29be9232502e5cbac6728a43ab058

    • SHA256

      778674e20e7cd10b346da4299b86e4006de9b8c8f9cb0357827f19ea00dc5003

    • SHA512

      e3ec3ab02f7b521b2325b15d871da4082e2ad2dd630228cbe58436b317e2fcada60aaeb7b845cb1f05e0306b5e84a106a91782b39c8c0175df613f2980d30c7f

    • SSDEEP

      3072:ZGtO9r1z5E4O4XFtr2LWX0sZp3AB7np521GRUgryv9DE7BfstLswfg2trxqt2h7L:513K6GDd77+

    Score
    1/10
    • Target

      $_135_/lang-1052.dll

    • Size

      97KB

    • MD5

      d4a4c8d5fe035486d8c2b45d2f7c0ed1

    • SHA1

      65921c4733acfd637d193b392e3ad98c2dc4e260

    • SHA256

      4ca87775e496a35165200d47d01d41644c9bf7e5b4213dd2c882cc464fe59179

    • SHA512

      b56c22854b70a8160e97c5c491d2878a4b0ffd3ec995086ac2a114930ba1706f2c3c86ceb19f016ebd60978c84726da9427bada4c6421599f32440742148e2c3

    • SSDEEP

      768:tvnphI3J0F33dUUFwSdCG8CTzExQmGeapZZ+SQDegeO2NcRxvXWx3Fzkb/5dqbQ1:ln6qRuv+PTg0Pg9evRKrmFqYbXv7ka72

    Score
    1/10
    • Target

      $_135_/lang-1053.dll

    • Size

      269KB

    • MD5

      e1155599ae755906dc855b4b1148881e

    • SHA1

      cdd053e72d2156a98ae595e33d4e34a81e7ead2d

    • SHA256

      297dd1738de24145e325e666f1a233d29db42164005bc5e3546d01e45ff22297

    • SHA512

      3a6f8338fe9d359590211b51af829c83e1218b9a603dc87f9c8d7011563e720fe02d15bcc7de1a57f59a47a98a974fa48af157eb819371694bc794781b4eefb6

    • SSDEEP

      3072:BG8N/ruqQv0GWYIuzj9CUtw4GdXPO2iaNpQ2S/nsuZs9+UTBh/EEtQtqJ5OS0qZG:q5vrHiiQQ7sLZTQU86bQ7B

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

bootkitdiscoverypersistencespywarestealer
Score
6/10

behavioral2

discovery
Score
3/10

behavioral3

discovery
Score
3/10

behavioral4

discovery
Score
3/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10