Overview

overview

10

Static

static

10

Vape Launcher.zip

windows7-x64

1

Vape Launcher.zip

windows10-2004-x64

1

Vape Launcher.exe

windows7-x64

9

Vape Launcher.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Vape Launcher.zip

  • Size

    60.0MB

  • Sample

    240625-fz7jzasdmb

  • MD5

    92f0879785dddf8f9ea01c293260a7b3

  • SHA1

    2cfb55d71e3ee42a653a35158c77d88d34c72d85

  • SHA256

    cdab009fd633eb77563d4b94f310692c403b32cfdb9124555d6a88fce552e07b

  • SHA512

    4db2c66ecaaf93ba7f663e8d57fe4fb1afd468ac0a4f8f3b92e3b4068a1278d5189c822f6759501943ace8ddcc11bcad397a0718571f0a49fe9355a154cd17b2

  • SSDEEP

    1572864:Z/XRuaETRCJg/VuuckysZO63FfAM/R7qMkR3sw1Q+K:ZJr44JmrY3M+cwS+K

Score
10/10
microsoftdiscoveryphishing

Malware Config

Targets

    • Target

      Vape Launcher.zip

    • Size

      60.0MB

    • MD5

      92f0879785dddf8f9ea01c293260a7b3

    • SHA1

      2cfb55d71e3ee42a653a35158c77d88d34c72d85

    • SHA256

      cdab009fd633eb77563d4b94f310692c403b32cfdb9124555d6a88fce552e07b

    • SHA512

      4db2c66ecaaf93ba7f663e8d57fe4fb1afd468ac0a4f8f3b92e3b4068a1278d5189c822f6759501943ace8ddcc11bcad397a0718571f0a49fe9355a154cd17b2

    • SSDEEP

      1572864:Z/XRuaETRCJg/VuuckysZO63FfAM/R7qMkR3sw1Q+K:ZJr44JmrY3M+cwS+K

    Score
    1/10
    behavioral1behavioral2

    • Target

      Vape Launcher.exe

    • Size

      60.3MB

    • MD5

      73ea53e2da8be95a006d7ba6dd4f0534

    • SHA1

      880809840d5a6744943e768d8ac021e28dcf8e15

    • SHA256

      319a145536f32881604eaf8ed2a20de6d2f496ff5229d9ad92eafc64314acf64

    • SHA512

      65c36fe3e1fc6d0d4a5ba52812d8c6fa74207dc25adab4f321c916cc777ce5fc17d9c12277d273981f8e0642d7054b677a5dbd9467cb4f54a431dc57c74500f3

    • SSDEEP

      1572864:i99RQ4pTVQR8lN2S0qicZIYbXJ++ZdNeEcFBqUFmg:itPxmRevM3EGsU0g

    Score
    9/10
    microsoftdiscoveryphishing

    • Nirsoft

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

      discovery

    • Detected potential entity reuse from brand microsoft.

      phishingmicrosoft
    behavioral3behavioral4

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

1
T1222

Credential Access

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks