a0262556d45bb84c1e5d907fe3c7071793d39ba2bb8f5a1f775ec3fea35a0fa3 | Triage

Submit
Reports

Overview

overview

8

Static

static

5

heukms/HEU....1.exe

windows7_x64

8

heukms/HEU....1.exe

windows10_x64

8

heukms/HEU...��.pdf

windows7_x64

heukms/HEU...��.pdf

windows10_x64

Sharing

General

Target

a0262556d45bb84c1e5d907fe3c7071793d39ba2bb8f5a1f775ec3fea35a0fa3
Size

4.9MB
Sample

220328-cynhxsbhgp
MD5

a3b38d87f03b7f90c61402ece21f5049
SHA1

0c8159fcced6eb0f29b6b2996b2d9149e1b68387
SHA256

a0262556d45bb84c1e5d907fe3c7071793d39ba2bb8f5a1f775ec3fea35a0fa3
SHA512

f80af02b0c97b0cbb3ac9f5cac541de421b7e79a562dfc67c1843a5aef8a78c257aff06c016c93c924f85d72701faf2940cb2b9d1033c514a84a4d9abad65e78

Score

8^/10

evasion link pdf

Static task

static1

Behavioral task

behavioral1

Sample

heukms/HEU_KMS_Activator_v19.5.1.exe

Resource

win7-20220311-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

heukms/HEU_KMS_Activator_v19.5.1.exe

Resource

win10-20220310-en

windows10_x64

0 signatures

0 seconds

Behavioral task

behavioral3

Sample

heukms/HEU_KMS_Activator_v19.5.1˵��ĵ�.pdf

Resource

win7-20220311-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral4

Sample

heukms/HEU_KMS_Activator_v19.5.1˵��ĵ�.pdf

Resource

win10-20220223-en

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  heukms/HEU_KMS_Activator_v19.5.1.exe
- Size
  
  4.8MB
- MD5
  
  7cd8b711be93ff8858b7dc753c4065ca
- SHA1
  
  358ead5466fd6f67545cd77d87d541235449558f
- SHA256
  
  4159ba56c793d9a4ea76a1f364534e9af97ba28e750104697c10d6d97f6c2cfa
- SHA512
  
  99a03912de71e832de24f16f225c38325ad4d5358f31286fe9e27e8face8590aac2ac29abe3d49833154e02ef4612e6dcf6444d7e397baeae3d43d9e6ff6b897
Score

8^/10

evasion
- Executes dropped EXE
- Modifies Windows Firewall
  evasion
- Loads dropped DLL
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2
- Target
  
  heukms/HEU_KMS_Activator_v19.5.1˵��ĵ�.pdf
- Size
  
  528KB
- MD5
  
  e344ee1752b4fdee8caf12a4f72c8452
- SHA1
  
  8eb694d46ca10fb77775d018bf9e916171575f30
- SHA256
  
  0ff244e85d2af7b2322c0e9eb7609e3f428365198285e1f77bbdfff30945b627
- SHA512
  
  e544dd818caf71f62a4ade75cd9de2d823ab3fc40f2426c6d7ad6fa7a65852f46bb8da5a9ecf46e4a43d06f8dff7ff030fc439d79707a8c733f9d1cb23cc63d3
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

© 2018-2024

Terms | Privacy