Overview

overview

9

Static

static

OikClient10Setup.exe

windows7-x64

9

OikClient10Setup.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    OikClient10Setup.exe

  • Size

    175.0MB

  • Sample

    220728-f3ch1aggh3

  • MD5

    cfdc9285db6fecab812c16ef4c083af4

  • SHA1

    338864806e3540e2baceb757090937810a261379

  • SHA256

    9699d9988c3af5537eb02acc1b3aba06fec8ba2629f082cfa08b86348531ea9a

  • SHA512

    abc1d08e851632c30fd7b164fd95e7d0790e9cab9bdf549998d49b574e2fc6a3dd8cce20caa4c81e4e2131ce9ef787697a6fc0c6fee4881a710d9128ea3519d1

Score
9/10
cryptonepacker

Malware Config

Targets

    • Target

      OikClient10Setup.exe

    • Size

      175.0MB

    • MD5

      cfdc9285db6fecab812c16ef4c083af4

    • SHA1

      338864806e3540e2baceb757090937810a261379

    • SHA256

      9699d9988c3af5537eb02acc1b3aba06fec8ba2629f082cfa08b86348531ea9a

    • SHA512

      abc1d08e851632c30fd7b164fd95e7d0790e9cab9bdf549998d49b574e2fc6a3dd8cce20caa4c81e4e2131ce9ef787697a6fc0c6fee4881a710d9128ea3519d1

    Score
    9/10
    cryptonepacker

    • CryptOne packer

      Detects CryptOne packer defined in NCC blogpost.

      cryptonepacker

    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks