Overview

overview

10

Static

static

3

Товар...er.exe

windows10_x64

10

Товар/decode.exe

windows10_x64

10

Товар...ct.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Товар.rar

  • Size

    57.5MB

  • Sample

    211002-rdbe7aeefn

  • MD5

    6fecf6adcd3bf594bc09b4fef2718e8a

  • SHA1

    7d5d93e90de3c4a0a64cc3b03ee7c3b1dd02c346

  • SHA256

    4777ef72ee86cddd2c3246a47574c2c0a0e03a928dfbef7d5e0d7ca6b0cbc3d0

  • SHA512

    73ae8f4cfebfddf76fa0e43488fd07b4dbc2c33a68ed9025c3d322e07a0974675708af157e7d22da9364bf113c5133de1b9848f080952a8bfba3cd3dd6e424cc

Score
10/10
persistencepyinstaller

Malware Config

Targets

    • Target

      Товар/chromedriver.exe

    • Size

      10.7MB

    • MD5

      352692d0dd98d58a30fa0d158b2098bd

    • SHA1

      4195b5ef361c6cbdf4b169c5a6f9c346bb41ae4e

    • SHA256

      ebad2d323cdfe6d90950018a1f17d45e7907ad360a47169e9c3a4447f44c0257

    • SHA512

      01c69898f9518c34a8dfa1c42b720a361dd905511cc158bbf40a253bb5019f0d5764523b035b93258475fac718ca40cd5e7fc86ebb06e781d37a53318cd076f8

    Score
    10/10
    persistence

    • Registers COM server for autorun

      persistence

    • Drops file in System32 directory

    behavioral1

    • Target

      Товар/decode.exe

    • Size

      53.2MB

    • MD5

      b9dde7f46fe83863b882b73a3ee7a4e4

    • SHA1

      7757d48c32f57b77bb2e77414ac37c6f56bc609c

    • SHA256

      588cb01ea3626982e6baf50ecb0c0f05de0147e366e4993b3c0f5cf95916938b

    • SHA512

      dabc1114cd1a0fdfcf14f09c08b7a0b265d2ac13f95dddf7b08298ffb211af4f8e4e88d85bf7b10c51bbfd304fd054ed2d11dcd43cc9a640c7165bfc70f6acd8

    Score
    10/10
    persistence

    • Registers COM server for autorun

      persistence

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral2

    • Target

      Товар/vmprotect.dll

    • Size

      1.1MB

    • MD5

      d5f46cece5b3a3be40895afa725601f3

    • SHA1

      6b790a17212883f123673a5d76cb3f421c8740ac

    • SHA256

      35d03a13d36063ac1d09cbbad0a0a2c7f3374bf4076cbecdba9e2773f91d1bba

    • SHA512

      919f5207d2082104f6e8642a65d1788bbc06ef591429e169ead331fcd2e49823909b6fdc8b0fb6b822db0c7bb47e9d1ed1b81571a7d89721727b94b9bb3f165a

    Score
    10/10
    persistence

    • Registers COM server for autorun

      persistence

    • Drops file in System32 directory

    behavioral3

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

3
T1060

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks