01e2bf1d84f8f5f546ba7597b300c30e7c4bfb59fc1cab745872c9e8436cda22

Sharing

Copy URL

Twitter E-mail

General

Target

buscaResultados (1).zip
Size

16.0MB
Sample

210505-dnmhkvazgn
MD5

453647c0c0160b54cc522159f99a3860
SHA1

1d85134a1ae971ff9dce74b6fea8e3708d4fce51
SHA256

01e2bf1d84f8f5f546ba7597b300c30e7c4bfb59fc1cab745872c9e8436cda22
SHA512

79091edd5ff597c91906d7cdc445a18b82885540e8667ebc4b28d440fb8b548d0281e24abaa45bbd98f0a9237f37315169d5cf4adc6bef26f58be026a7de4afd

Score

9^/10

persistence upx

Malware Config

Targets

- Target
  
  ASYCFILT.DLL
- Size
  
  144KB
- MD5
  
  c89e401800de62e5702e085d898eed20
- SHA1
  
  72fb4f088c6ac02097b55fb267c76fbf5e0fa1f7
- SHA256
  
  de83c9d9203050b40c098e4143ef8f577aa90016c7a64d4f2931b57a4c43e566
- SHA512
  
  70006d70dcb47361ff43e4f7c458655ad2474b70cb917873aa77d2cc06465a68d375d36c494d154a03dbbff891df7dd6cab3d2c7b08e8650b9ff170e30838070
Score

3^/10
behavioral1 behavioral2
- Target
  
  COMCAT.DLL
- Size
  
  21KB
- MD5
  
  3b180da2b50b954a55fe37afba58d428
- SHA1
  
  c2a409311853ad4608418e790621f04155e55000
- SHA256
  
  96d04cdfaf4f4d7b8722b139a15074975d4c244302f78034b7be65df1a92fd03
- SHA512
  
  cf94ad749d91169078b8829288a2fc8de86ec2fe83d89dc27d54d03c73c0deca66b5d83abbeaa1ff09d0acac4c4352be6502945b5187ecde952cbb08037d07e8
Score

1^/10
behavioral3 behavioral4
- Target
  
  Crpaig80.dll
- Size
  
  604KB
- MD5
  
  0a2465b78b66698a5501f745e790d8a9
- SHA1
  
  78624c61272d6b22607ef3beec9a799dc79299bd
- SHA256
  
  53d0e6149442ce88d0c706929ae01a24cd6a70afb72081b18816a414e1670154
- SHA512
  
  04dadb4ab9598b812505890e393ac7e51e3accd4ba20825e4a507a0e875163367c6bfd7521217bc194a3573431d5524bcf287cc344de16326fd0250f709ffdfc
Score

3^/10
behavioral5 behavioral6
- Target
  
  Crxlat32.dll
- Size
  
  24KB
- MD5
  
  76be741c33d5aee2cb34f68f4f610b80
- SHA1
  
  6a41a4294fbf7305ab7420d057f4a9d7f3f14f52
- SHA256
  
  7edeedae2e0548fa9edfc19d990410c510b8da509a546411af0e4ef0b2512bcb
- SHA512
  
  0089324fe7188aca7373979470935546514e081451535c7f53edf836b580dfbe1d919fd5ac62f90a4d4d4b4fbb23dddb2bb4e1e3af16997d3af6762074f7145b
Score

1^/10
behavioral7 behavioral8
- Target
  
  Crystl32.OCX
- Size
  
  827KB
- MD5
  
  069f669fd9a1b11d3e0dbbc3fc229caf
- SHA1
  
  b27fdef41ae9d35c157ca8178186ca0ed896be3a
- SHA256
  
  91ae87b29e882d99a8a97fd861d1023213078b56fbad06e25503bd265839f595
- SHA512
  
  8e7228aa0b1524a90a714d2235b6526b7adf1465b821a83ead06ad38b2724447cac9da29ae7dd406fcd5598e9fe9e2d4077f4a9afaf1377ef2bafe9c1a216039
Score

1^/10
behavioral9 behavioral10
- Target
  
  IMPLODE.DLL
- Size
  
  18KB
- MD5
  
  0a0324a4282df0f2c3129e5bd84077bc
- SHA1
  
  5a4fb357ad6a245f75213c5f5593ab8f57e613df
- SHA256
  
  11b4c417769c5c4729165c8ca0567f7d3b06d4b82998ab297d59adbad9f74d5f
- SHA512
  
  6074ae20f520449b5f3842f866bb8455b16e488c6d81bfbf898844c821d35efc036b4deeb9600502a54287050fe392bda533feb112b8a593f30ce779d1045646
Score

3^/10
behavioral11 behavioral12
- Target
  
  MDAC_TYP.EXE
- Size
  
  7.7MB
- MD5
  
  eb58dba7f3fc9d8ba0d486d8e08b60e5
- SHA1
  
  05ac649932a05297cdbba554f5d3349bb5beac36
- SHA256
  
  dc14f8710e7281a5e1722edb53fa397e29405e9e2be8afa17716aad9b1c13782
- SHA512
  
  738d2c1badb587aa81e732685aacfa4f32cc8ae8ad2f5bdcb9b896000d6c24a8bbbe987b7f28e8526bbef4b2d8cdf6ff5af52083bbcbfcc3a4a2a58890d5de5e
Score

8^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral13 behavioral14
- Target
  
  MSADODC.OCX
- Size
  
  128KB
- MD5
  
  389ea0038ef40fb0742f117f512f0b90
- SHA1
  
  fbab1ea2a7a6a6e788d3904c3b072d84bf04d4a4
- SHA256
  
  fc3c36577a7f1487247131933d3be33dacf9292d2a7e790e53c10d403f45fd20
- SHA512
  
  7307828419c77b8996be386e45f46552789420679323a71c3f950fd978f060cdeb39198a3bb7dfbca558ff1a54c1d03ba9c6a779d073b3e7484b73d0aacf90f9
Score

1^/10
behavioral15 behavioral16
- Target
  
  MSINET.OCX
- Size
  
  129KB
- MD5
  
  90a39346e9b67f132ef133725c487ff6
- SHA1
  
  9cd22933f628465c863bed7895d99395acaa5d2a
- SHA256
  
  e55627932120be87c7950383a75a5712b0ff2c00b8d18169195ad35bc2502fc2
- SHA512
  
  0337817b9194a10b946d7381a84a2aeefd21445986afef1b9ae5a52921e598cdb0d1a576bdf8391f1ebf8be74950883a6f50ad1f61ff08678782c6b05a18adbf
Score

1^/10
behavioral17 behavioral18
- Target
  
  MSVCRT.DLL
- Size
  
  272KB
- MD5
  
  0a8e038a03d7e409e5140fc9222af3a8
- SHA1
  
  afc924038bc8364f7816bfd4830b321ec1b78f6a
- SHA256
  
  babbfb63bb9ddd3763a5f528e3c438a590c7cb63d75ac4da7d1cdd0f7a107d0c
- SHA512
  
  4a9cfabb8e45e1b41e80913d956a18405a6d3068930ce59177e2908360ff2e5ff311573fe22e541c65ad3e81991ab9634d81b0c653e2e5ee1eb26bee257cafbb
Score

3^/10
behavioral19 behavioral20
- Target
  
  OLEAUT32.DLL
- Size
  
  584KB
- MD5
  
  7b156d230278b8c914ef3f4169fec1cc
- SHA1
  
  6b58e20b2538cb308091da838710f6aad933a301
- SHA256
  
  baeb2f7c1b8be56738d34e1d1ddf8e0eebd3a633215dc1575e14656be38b939d
- SHA512
  
  e4ec2bc714069e0a6b56d89b52aabad92e5ba741dc6f26d2fc2d72aa9ad2ec465dea523cccd810331ab78b5fb8a1244b2b521303418ead5bd6be5a58b43794c5
Score

1^/10
behavioral21 behavioral22
- Target
  
  OLEPRO32.DLL
- Size
  
  160KB
- MD5
  
  ce0155405ea902797e88b92a78443aeb
- SHA1
  
  8adff69050d14a57d7f553ca8978439af188c192
- SHA256
  
  789c3c45eda1749bd939f4a96616e1e9ef1b7dcc62a2889f65088954c64d0938
- SHA512
  
  3fde09067f9ca8d315de07c8db972f99723ea4c3f997dc58210f9d6565caa9935c79f13e8b2d20adc5609919a381e4c2a90a0b3123a35947997229d7c615e162
Score

1^/10
behavioral23 behavioral24
- Target
  
  P2bbnd.dll
- Size
  
  22KB
- MD5
  
  177ffdd25cce581e9804a565d1248e22
- SHA1
  
  be95dd08ec89bcd76159e00f215e64244eeb7a2a
- SHA256
  
  1cf565881c3e1c08c147e2d120fe0f7ddc35e769ca679595a162d7b812588f29
- SHA512
  
  94233e072ca65476070f18386049c039868ea43c2dfe0dbaebebc6af35b32f49cf2b5abf41e53e8290b788309071edcffebd88d4400e1350bf54d2e3564c3f3f
Score

3^/10
behavioral25 behavioral26
- Target
  
  P2smon.dll
- Size
  
  160KB
- MD5
  
  b2b6b97507edd1bd9e894af533972278
- SHA1
  
  ce9b07c4278e1f5513ba441f5e1df660821c3524
- SHA256
  
  fb181a91fe6f62a7d5ca13cf9c3f001252110b3cf6392dfe99aced9fe93b2caa
- SHA512
  
  238fbab8bef6dfd753fef4fc0337c3272291e398a32cebed81b897a6d434c8230aa96116980e6b7dd524cdbb519af0431f1d3cec14744ded22aa9ab1219a972c
Score

1^/10
behavioral27 behavioral28
- Target
  
  Resultados.exe
- Size
  
  152KB
- MD5
  
  f1d14e03addc907eb4b0364e954a81ff
- SHA1
  
  20a75b14b3ed8fc3f1bbeab0b6e2da312b37b41b
- SHA256
  
  c355723b0f6743ec478c337d6e7ab046b0696d96799c8d262421f6425e1f134e
- SHA512
  
  d2cf0b5b329d7355df547870aa74f184bca42e66e4cdceaf6a75eef39c65c568f97317d49247646113f0041b56dff45a2fc23b8b14d60d36d413fc69eb870fc3
Score

1^/10
behavioral29 behavioral30
- Target
  
  SETUP1.EXE
- Size
  
  244KB
- MD5
  
  c6264b17629f6f9f0bd2ba7671ceff69
- SHA1
  
  67a6b419740c1d6b780789bffcfcc83129e36d1b
- SHA256
  
  5b82b27da9bbaae1abc32095942c60017b275e002cbb2c0cb44580131f4789b4
- SHA512
  
  7ebab7444620146a065b520491faea53612d627ae85dfb4bd92201864e5cdad55fe5c94ae66a8c7a3bf7950a60c54c20b9291a70f3801e937711f1b596543f1d
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Query Registry

T1012

Peripheral Device Discovery

T1120

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Adds Run key to start application

Enumerates connected drives

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32