Overview

overview

7

Static

static

7

inkscape-0...64.exe

windows7-x64

7

inkscape-0...64.exe

windows10-2004-x64

7

share/exte...are.py

ubuntu-18.04-amd64

3

share/exte...are.py

debian-9-armhf

3

share/exte...are.py

debian-9-mips

3

share/exte...are.py

debian-9-mipsel

3

share/exte...ers.py

ubuntu-18.04-amd64

3

share/exte...ers.py

debian-9-armhf

3

share/exte...ers.py

debian-9-mips

3

share/exte...ers.py

debian-9-mipsel

3

share/exte...lle.py

ubuntu-18.04-amd64

3

share/exte...lle.py

debian-9-armhf

3

share/exte...lle.py

debian-9-mips

3

share/exte...lle.py

debian-9-mipsel

3

share/exte...act.py

ubuntu-18.04-amd64

3

share/exte...act.py

debian-9-armhf

3

share/exte...act.py

debian-9-mips

3

share/exte...act.py

debian-9-mipsel

3

share/exte...ase.py

ubuntu-18.04-amd64

3

share/exte...ase.py

debian-9-armhf

3

share/exte...ase.py

debian-9-mips

3

share/exte...ase.py

debian-9-mipsel

3

share/exte...ase.py

ubuntu-18.04-amd64

3

share/exte...ase.py

debian-9-armhf

3

share/exte...ase.py

debian-9-mips

3

share/exte...ase.py

debian-9-mipsel

3

share/exte...rge.py

ubuntu-18.04-amd64

3

share/exte...rge.py

debian-9-armhf

3

share/exte...rge.py

debian-9-mips

3

share/exte...rge.py

debian-9-mipsel

3

share/exte...ase.py

ubuntu-18.04-amd64

3

share/exte...ase.py

debian-9-armhf

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    inkscape-0.92.3-x64.exe

  • Size

    64.3MB

  • Sample

    240702-g26wwszejc

  • MD5

    c37b2fa7290ff3f427713dfce00ee0b6

  • SHA1

    3b4987715ed4b53d8f9af7b616e3c296a40846c4

  • SHA256

    24e9a4e623578e2e032f360f89702401bdd40625305371261bcb028bc6cff711

  • SHA512

    b40d3d531c4a7126037533d53f517dc04f40a525af671a5e53d74547d81caff7da5936799982324b6f458fb1c7eb7e3c8064f35c5f5525486ea8a1e5e2faac61

  • SSDEEP

    1572864:sVXta9Ep0sVkKGua7aZa29jgAbS+eYwWpUPX0GQnZH4MMitjctxFoS:sVda9j+kjZ7aZ9PSfWpUPy1MlLp

Score
7/10
discoverylinuxupx

Malware Config

Targets

    • Target

      inkscape-0.92.3-x64.exe

    • Size

      64.3MB

    • MD5

      c37b2fa7290ff3f427713dfce00ee0b6

    • SHA1

      3b4987715ed4b53d8f9af7b616e3c296a40846c4

    • SHA256

      24e9a4e623578e2e032f360f89702401bdd40625305371261bcb028bc6cff711

    • SHA512

      b40d3d531c4a7126037533d53f517dc04f40a525af671a5e53d74547d81caff7da5936799982324b6f458fb1c7eb7e3c8064f35c5f5525486ea8a1e5e2faac61

    • SSDEEP

      1572864:sVXta9Ep0sVkKGua7aZa29jgAbS+eYwWpUPX0GQnZH4MMitjctxFoS:sVda9j+kjZ7aZ9PSfWpUPy1MlLp

    Score
    7/10
    discoveryupx

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

    • Target

      share/extensions/synfig_prepare.py

    • Size

      15KB

    • MD5

      173982ab8550a37b90a14b379fe06545

    • SHA1

      e535cf9cb71e2c86f85df5a03b1c9af466129207

    • SHA256

      2f648cecea032e01721f07d66aace3542da5af091c87ff3286ea9255a7547793

    • SHA512

      162f7ba205845374b3d43161ad290c12176367ed45a1c2e22258da141424db65e064983c4511c0110898a5245e3fe30d77c2a4d65536c139c1b0b45016b95ff6

    • SSDEEP

      384:1Ls4YoXfKOkMfvIqyH6d2t/OowI7QAs0OAdRdgzuLODqxT:1Ls4YoXfKxMfvIqyH6d8wI7QMOSOyT

    Score
    3/10
    behavioral3behavioral4behavioral5behavioral6

    • Target

      share/extensions/tar_layers.py

    • Size

      3KB

    • MD5

      d702abd49b5eb626706e88a36c0d0f90

    • SHA1

      532be286fbd0c794d0441b7c6b14daf112e91509

    • SHA256

      d4eb17ec02f62de645d16c285438dfc7503050f481e8b06d33b37c6608e3bad9

    • SHA512

      f20e55e540d880cd5df727e4bb513a98e224a964a7a83a95b597797efe38a915232de9039bf6cfc50c84db0ad6253b52f92e5cb2fb553b98183734fa4b34fa6d

    Score
    3/10
    behavioral10behavioral7behavioral8behavioral9

    • Target

      share/extensions/text_braille.py

    • Size

      1KB

    • MD5

      17bceb4004e963b26a5b8cf2b7d32655

    • SHA1

      06c4fc20c281c9c0c40aa490598c428581b1d70e

    • SHA256

      9bd59f33cb76dcedcb2b03b85b7bc94abf42e72d11a0b2594404575b3fcac175

    • SHA512

      408e6ddcd836c4579f967b21b40de92926439899c941313250e9d338b966470358215e591b08caff516fa07fb5ba763c8e49b9b9a14e4ceba4913de2384ab8d2

    Score
    3/10
    behavioral11behavioral12behavioral13behavioral14

    • Target

      share/extensions/text_extract.py

    • Size

      6KB

    • MD5

      36c043f26cb8de46ecda1c04d11ca764

    • SHA1

      5fa5fa46a41fa28a22e066fca01c09becaf4a27e

    • SHA256

      4a952145245ff99104564ab32d9058a79c8cbad736cfd06919bf332d149b673e

    • SHA512

      e13705b96908cfb3b420902a19341b38a29c8030ba223cd5369d0e0b64b7263461506399a0a9e801946e1dc065dda46c0e550cf98ebf011577a685da89a3a756

    • SSDEEP

      96:BupQHTo6lOuhUI2+uh3tBcz2hDYsLpqt81UpOk6WBiz:0QHTRlQIDOWqxY+UIiy

    Score
    3/10
    behavioral15behavioral16behavioral17behavioral18

    • Target

      share/extensions/text_flipcase.py

    • Size

      369B

    • MD5

      931914a0ca7cc7295749832770ed67ec

    • SHA1

      864436108c8bf73b478fa65579042734854f482f

    • SHA256

      644a51ccf7d72d13efb69219c804c21d191311c24625f3162e9c0379fc301001

    • SHA512

      f6e25e592c08debf59a1cca8cf9feacdf0109b51993fb50c650afdba46f5e7250bd5c5f3e93599ae09f7f64ae507993fef2daf7877e6cdaba042fe436d7e81d6

    Score
    3/10
    behavioral19behavioral20behavioral21behavioral22

    • Target

      share/extensions/text_lowercase.py

    • Size

      202B

    • MD5

      3476fea073635c57e1ee718bd4aa9a5f

    • SHA1

      c0b610f449cdea280c0661e6f376b99fd48af602

    • SHA256

      33fc4a96ebb42fe8f3439ebe9c46e475ccf4cca85cc0e85c009496e407952203

    • SHA512

      fe2444bd75b721d49f1a62255e0f1217b62d43f01a00991b6239c08c0a3a4224003c574f8ece8df09d1ddc25fa12d5971d0145a792bd583eae219a8abb2e9a25

    Score
    3/10
    behavioral23behavioral24behavioral25behavioral26

    • Target

      share/extensions/text_merge.py

    • Size

      8KB

    • MD5

      63f4df376146c5534ac4d571b05c2f4a

    • SHA1

      40d43c67c52d90c1c313a89d4540ba25a8f2b4a9

    • SHA256

      062f79da2da2781ad0b4e7b1386e0ad1a238014cc8df7c1efbd9bcaad3b31e77

    • SHA512

      db1ba5657eec44306fac8b68fbbe617f72dab1cd18b971a192ae1b5e4d14d403610ceab073341787c8c68d3b76197325598020d40345e05461087859f555e850

    • SSDEEP

      96:PupQHTo1uhErIG+uh/tBcz2hDYsLDjKj8xLt8EUlOf8OBr8pYUEbYBl:iQHT28zMWqxY2Wj8AU/7Uvn

    Score
    3/10
    behavioral27behavioral28behavioral29behavioral30

    • Target

      share/extensions/text_randomcase.py

    • Size

      583B

    • MD5

      e43f65b499e0d69ffa88682f838c89b6

    • SHA1

      ed1b1d7ef5c590b0df96de610a81acb269412acf

    • SHA256

      97b416c150ff4100d2676212b21d50cff711a355e48fce2a9b373ccff6d3e0bf

    • SHA512

      fd838a0c94d0d65ea8b0759f3cc8a36d337fd0c1df12f10c6984785983fe4c14287fd550f8d29282bf589298ef56152b971231e77ddce8b444e68f626d1a5bca

    Score
    3/10
    behavioral31behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

upx
Score
7/10

behavioral1

discoveryupx
Score
7/10

behavioral2

discoveryupx
Score
7/10

behavioral3

Score
3/10

behavioral4

Score
3/10

behavioral5

Score
3/10

behavioral6

Score
3/10

behavioral7

Score
3/10

behavioral8

Score
3/10

behavioral9

Score
3/10

behavioral10

Score
3/10

behavioral11

Score
3/10

behavioral12

Score
3/10

behavioral13

Score
3/10

behavioral14

Score
3/10

behavioral15

Score
3/10

behavioral16

Score
3/10

behavioral17

Score
3/10

behavioral18

Score
3/10

behavioral19

Score
3/10

behavioral20

Score
3/10

behavioral21

Score
3/10

behavioral22

Score
3/10

behavioral23

Score
3/10

behavioral24

Score
3/10

behavioral25

Score
3/10

behavioral26

Score
3/10

behavioral27

Score
3/10

behavioral28

Score
3/10

behavioral29

Score
3/10

behavioral30

Score
3/10

behavioral31

Score
3/10

behavioral32

Score
3/10