45ca1d26646fed29fa545ca768dc55bc85b650ce12e09995b74678c4d94c34e2

Sharing

Copy URL

Twitter E-mail

General

Target

2c3ae0927ff4e21bdff76aeb7370294b.bin
Size

86.0MB
Sample

240701-bvqy7svgrk
MD5

2c3ae0927ff4e21bdff76aeb7370294b
SHA1

1a14c5ac525ae926ddb7d9fbcd4941ef16e4b34d
SHA256

45ca1d26646fed29fa545ca768dc55bc85b650ce12e09995b74678c4d94c34e2
SHA512

348419ca6a7f64057d954e450b602288b89610162b137da3f3e7efe30cb6664f00464504b18088870ba3efc718c19c727a8c030ddcf16420329ec9da80afee10
SSDEEP

1572864:yDTCzy+GAJXD7kBWjOkx8eAjRgY9ywN/GJpmdPhjReKwjzavqepsm:yPf0JXcyIRgX3JpmFy4vb

Score

7^/10

Malware Config

Targets

- Target
  
  2c3ae0927ff4e21bdff76aeb7370294b.bin
- Size
  
  86.0MB
- MD5
  
  2c3ae0927ff4e21bdff76aeb7370294b
- SHA1
  
  1a14c5ac525ae926ddb7d9fbcd4941ef16e4b34d
- SHA256
  
  45ca1d26646fed29fa545ca768dc55bc85b650ce12e09995b74678c4d94c34e2
- SHA512
  
  348419ca6a7f64057d954e450b602288b89610162b137da3f3e7efe30cb6664f00464504b18088870ba3efc718c19c727a8c030ddcf16420329ec9da80afee10
- SSDEEP
  
  1572864:yDTCzy+GAJXD7kBWjOkx8eAjRgY9ywN/GJpmdPhjReKwjzavqepsm:yPf0JXcyIRgX3JpmFy4vb
Score

7^/10

discovery execution spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/SpiderBanner.dll
- Size
  
  9KB
- MD5
  
  17309e33b596ba3a5693b4d3e85cf8d7
- SHA1
  
  7d361836cf53df42021c7f2b148aec9458818c01
- SHA256
  
  996a259e53ca18b89ec36d038c40148957c978c0fd600a268497d4c92f882a93
- SHA512
  
  1abac3ce4f2d5e4a635162e16cf9125e059ba1539f70086c2d71cd00d41a6e2a54d468e6f37792e55a822d7082fb388b8dfecc79b59226bbb047b7d28d44d298
- SSDEEP
  
  192:5lkE3uqRI1y7/xcfK4PRef6gQzJyY1rpKlVrw:5lkMBI1y7UKcef6XzJrpKY
Score

1^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/StdUtils.dll
- Size
  
  100KB
- MD5
  
  c6a6e03f77c313b267498515488c5740
- SHA1
  
  3d49fc2784b9450962ed6b82b46e9c3c957d7c15
- SHA256
  
  b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e
- SHA512
  
  9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803
- SSDEEP
  
  3072:WNuZmJ9TDP3ahD2TF7Rq9cJNPhF9vyHf:WNuZ81zaAFHhF9v
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  0d7ad4f45dc6f5aa87f606d0331c6901
- SHA1
  
  48df0911f0484cbe2a8cdd5362140b63c41ee457
- SHA256
  
  3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca
- SHA512
  
  c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9
- SSDEEP
  
  192:1enY0LWelt70elWjvfstJcVtwtYbjnIOg5AaDnbC7ypXhtIj:18PJlt70esj0Mt9vn6ay6
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/WinShell.dll
- Size
  
  3KB
- MD5
  
  1cc7c37b7e0c8cd8bf04b6cc283e1e56
- SHA1
  
  0b9519763be6625bd5abce175dcc59c96d100d4c
- SHA256
  
  9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6
- SHA512
  
  7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f
Score

3^/10
behavioral10 behavioral9
- Target
  
  CurseForge.exe
- Size
  
  169.9MB
- MD5
  
  81dd28ccc4e6a3d48a490f2d1ea6d690
- SHA1
  
  19f6e4802595d19bfb085650051852bcf2246c6f
- SHA256
  
  d0ab6f123602ccec7341a39393894a1998104b600347bf7c5d5f7d1e5e81c658
- SHA512
  
  df4930feb6c5d10418eb40110efa2dc396bcc166db9fe642179942dfed1e7d45ac50e7e6aa19df45c689aefef1542ea4e2a614d4ed58c9279643d4be60769d21
- SSDEEP
  
  1572864:Os+fxQiW1vVzbHpUcEtmLd7cF3PPHNzLuTe7ulsxM/Gyr/w7VoB4X+x2CFRXQQS7:De8BWNg3DFxfQ
Score

5^/10

execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral11 behavioral12
- Target
  
  LICENSES.chromium.html
- Size
  
  8.7MB
- MD5
  
  fcb299831276a7c8bdeb036142da1c25
- SHA1
  
  bf6990abb92ab627b7f2e7aecbd5a58b86d2e09a
- SHA256
  
  6daa3cd398e5380222c6b6bdb4d66a4b4273d4bb74d6bf53495a5722f03ac0dc
- SHA512
  
  1e31ac0b6836d24488e32d04b5028ac2a9e00ebd8e29aaf742d9e0cdb50d5a9d4f7bcc3919b22a793552d31aaed2104415268f14e903754bf25a86510fbc98c9
- SSDEEP
  
  24576:RQQa6NA6P5dWWSmwRFXe1vmfpV6k626D6b62vCuApj:RWfTF0
Score

1^/10
behavioral13 behavioral14
- Target
  
  d3dcompiler_47.dll
- Size
  
  4.7MB
- MD5
  
  2191e768cc2e19009dad20dc999135a3
- SHA1
  
  f49a46ba0e954e657aaed1c9019a53d194272b6a
- SHA256
  
  7353f25dc5cf84d09894e3e0461cef0e56799adbc617fce37620ca67240b547d
- SHA512
  
  5adcb00162f284c16ec78016d301fc11559dd0a781ffbeff822db22efbed168b11d7e5586ea82388e9503b0c7d3740cf2a08e243877f5319202491c8a641c970
- SSDEEP
  
  49152:KCZnRO4XyM53Rkq4ypQqdoRpmruVNYvkaRwvhiD0N+YEzI4og/RfzHLeHTRhFRNc:xG2QCwmHPnog/pzHAo/A6l
Score

1^/10
behavioral15
- Target
  
  ffmpeg.dll
- Size
  
  2.7MB
- MD5
  
  8115c354d8a81017e07203982eb46196
- SHA1
  
  269657a609411d7b300f8a5c7014eab7d73c456b
- SHA256
  
  98cd2b3c5bb3f69f94465b9df58ce37ac3d8dccc1320adbb529fc197c0f8f7ff
- SHA512
  
  0df8621f256000057bf2aedf43f723053aebc025dc4cf97a878161e0f9b5a8566ed27fc96473dbdf34a6e13f530d2beea640849556bc85cf144cfbb0afeda869
- SSDEEP
  
  49152:yPDtyvMYqXiOamQ7NyjmnMDbG7OUx7n6mfu/oB7pweIcgsxqeUsn/u:YSOqNIoQG7OUrd/xKsn/u
Score

1^/10
behavioral16 behavioral17
- Target
  
  libEGL.dll
- Size
  
  467KB
- MD5
  
  518d64cb93e228d5ebe864fc45ce3c70
- SHA1
  
  6c2a29e02f1fdb67f95f928dda1db9549034f9d7
- SHA256
  
  6bf8e9b0db8263bb69abbbc20df7d629439e0f16e6dd64a4b57be3457a9ad07a
- SHA512
  
  38ffd18470a7dba52aad265fb4cda7c209b6c61198ff9e482e60062a66ebd1b7884ac665dee065f8c7f3bd4a534fc5a768ab215e33f5bb30aa702f9fd18e9de9
- SSDEEP
  
  6144:2uF2DwTNCKxOUxcfDVTyKH/VbPGtWQAOWIBtuKYbu7DB:dDCKsAcfDVjktWQAOWIubg
Score

1^/10
behavioral18 behavioral19
- Target
  
  libGLESv2.dll
- Size
  
  7.4MB
- MD5
  
  cbc82cab8fb2d60211dbb83fd3a36238
- SHA1
  
  c45b0181eb7f53e9965d7d17b360c9243114817a
- SHA256
  
  37c532a9032a129088bfde96d68d90a5c6f81c0d5cdc1421f441bd5b738b88f6
- SHA512
  
  72e3a609d64c4e5c22209ac7c76ef6b25b8bdcd10de4e389ab10abd126fc01c99d32a073265aff2d6347703cb30f05f97a8a3a02784f824383df47f5b700282c
- SSDEEP
  
  98304:3YM1bKnyhXV3X4Nf/eW74heor1up6sDCpaXm3TV:3L1jlX4F7ivuyUCTV
Score

1^/10
behavioral20 behavioral21
- Target
  
  owutility.dll
- Size
  
  1.5MB
- MD5
  
  46c232a0b5d0a102a92aad607aaa026c
- SHA1
  
  dbdd16bb6d1bf0b4f102f891ed682b660c006e26
- SHA256
  
  3802dd5e8001c63955475b3b062117367b94a0d59978a24ed6a6602a55fe27c6
- SHA512
  
  cbfa92e6cdceb6f67d701efcdcae333bbff533fb20ad090825df4d7af5593fe36acb14144e20dbf563d565af73941ad97558287210ac29b518e4481ed3f456d1
- SSDEEP
  
  24576:GjjAyN7CbTB3Iu2VIMiFryCF9fLp34G5cdHSdslQ3m3oGch+XaxLaXp:GjcyNeR3IuUIMiFLFpLp3z5cdgsvYFha
Score

1^/10
behavioral22 behavioral23
- Target
  
  resources/app.asar.unpacked/plugins/curse/win/Curse.Agent.Host.exe
- Size
  
  24.5MB
- MD5
  
  d8191b04e3ef98cf77ff11fee2d7869b
- SHA1
  
  0a734ec55c7ccfe39b203bc048836e24c02d8454
- SHA256
  
  c7bcc26e226f19a4836a07faf9767754ca9428bceab27a446b08703312d21ed5
- SHA512
  
  734f19f9da8001868b86939761b6c5097586b3131052911ac455ec9ca78c30f4a68ce832d45a259b3bde92dae09f0e9632cc401772497f6d0c632bee934c255b
- SSDEEP
  
  196608:OXQ5X4ZCMhUyhtTbGynHR8hY8QfraSUqshfcIH36Hsso3TFziM3D0:OsKCMhUyhpaynjocIqHssCT70
Score

1^/10
behavioral24 behavioral25
- Target
  
  resources/elevate.exe
- Size
  
  127KB
- MD5
  
  10be0f05261c54a7e20c6cfd904ee692
- SHA1
  
  36a3339c3f3878456565d10b983d09889e78b2cf
- SHA256
  
  5d7b354feca86ae5c80606b30116b9f88d7ade804b9a0f7b29f4abe9aeead8af
- SHA512
  
  2b0595613a6a2f8be83a1aa0a79053b0f5ca866e1d0712480e76ac02857a4a517ce2f4352ad4d9a422ea008625afd50309011c26aa8a74ac2e74b0cf73d56337
- SSDEEP
  
  3072:wPbLnrwQoRDtdMMgSXiFJWcIgUVCfRjV/GrWlEgd:uPrwRhte1XsE1lx
Score

1^/10
behavioral26 behavioral27
- Target
  
  vk_swiftshader.dll
- Size
  
  5.0MB
- MD5
  
  fb65e5828c023420da9e487c4d44c17c
- SHA1
  
  282586af18cc97ed99ce58d33d1aae48ca968f58
- SHA256
  
  30cce7a4619a5b84c041c28d8ea857ac142ac58d9b076009ad45dc4fa858d455
- SHA512
  
  28b82e2e8fc05941dcf5edc64deb65a288a2300697e2401690c5f11dc9714ef287744a858e917d561612a89f9f6a1e15ed6d27e63626b86dce04b7be08a1478d
- SSDEEP
  
  49152:fO6ftEjL3Zdon2+a/EgBqB1y91lxfAV7xWV9cO6NZ8m8xg1drRXmVEZvMUn0Hjy/:fLftlUSot6EmXxZdIOl5bzLB3dIW
Score

1^/10
behavioral28 behavioral29
- Target
  
  vulkan-1.dll
- Size
  
  925KB
- MD5
  
  f2db4b04c7a837aab50bf8ae2e826a6e
- SHA1
  
  ddcfe018968fcbb5c732946292268deae83f52f2
- SHA256
  
  a56d0bb4d066d653941fdaae760b3050d9a1094d748c4e407ee77e18c70a5d69
- SHA512
  
  a6ac64f6f8c2e8691c19db3dd40c3e1be91f841669660511aff2166d2ad8c2c9bade15de9545610d3f683945f47c8d87534ede6938e449e62f515bbd411e95db
- SSDEEP
  
  24576:iy+lCO+5ian96u6WbEJXay6Z5WdDYsH26g3P0zAk7o3u:iymViaWbYT6Z5WdDYsH26g3P0zAk7o
Score

1^/10
behavioral30 behavioral31
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  6KB
- MD5
  
  ec0504e6b8a11d5aad43b296beeb84b2
- SHA1
  
  91b5ce085130c8c7194d66b2439ec9e1c206497c
- SHA256
  
  5d9ceb1ce5f35aea5f9e5a0c0edeeec04dfefe0c77890c80c70e98209b58b962
- SHA512
  
  3f918f1b47e8a919cbe51eb17dc30acc8cfc18e743a1bae5b787d0db7d26038dc1210be98bf5ba3be8d6ed896dbbd7ac3d13e66454a98b2a38c7e69dad30bb57
- SSDEEP
  
  96:YjHFiKaoggCtJzTlKXb0tbo68qD853Ns7GgmkNq3m+s:JbogRtJzTlNR8qD85uGgmkNr
Score

3^/10
behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Tasks

Sharing

General

Malware Config

Targets

Reads user/profile data of web browsers

Checks computer location settings

Checks computer location settings

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32