Overview

overview

8

Static

static

4

Data/packa...64.dll

windows7-x64

8

Data/packa...64.dll

windows10-2004-x64

8

Data/packa...re.dll

windows7-x64

1

Data/packa...re.dll

windows10-2004-x64

1

Data/packa...ix.xml

windows7-x64

1

Data/packa...ix.xml

windows10-2004-x64

1

Data/packa...se.xml

windows7-x64

1

Data/packa...se.xml

windows10-2004-x64

1

Data/packa...80.xml

windows7-x64

1

Data/packa...80.xml

windows10-2004-x64

1

Data/packa...90.xml

windows7-x64

1

Data/packa...90.xml

windows10-2004-x64

1

Data/packa...01.xml

windows7-x64

1

Data/packa...01.xml

windows10-2004-x64

1

Data/packa...ve.xml

windows7-x64

1

Data/packa...ve.xml

windows10-2004-x64

1

Data/packa...et.xml

windows7-x64

1

Data/packa...et.xml

windows10-2004-x64

1

Data/packa...l7.xml

windows7-x64

1

Data/packa...l7.xml

windows10-2004-x64

1

Data/packa...00.xml

windows7-x64

1

Data/packa...00.xml

windows10-2004-x64

1

Data/packa...70.xml

windows7-x64

1

Data/packa...70.xml

windows10-2004-x64

1

Data/packa...90.xml

windows7-x64

1

Data/packa...90.xml

windows10-2004-x64

1

Data/packa...dw.xml

windows7-x64

1

Data/packa...dw.xml

windows10-2004-x64

1

Data/packa...41.xml

windows7-x64

1

Data/packa...41.xml

windows10-2004-x64

1

Data/packa...rv.dll

windows7-x64

1

Data/packa...rv.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Zbrush_Full_Crack.zip

  • Size

    256.1MB

  • Sample

    221004-t657dabef2

  • MD5

    e37f35b41d7dd9860a20e9e816533b8d

  • SHA1

    704d467951a33ac20290692e2fc9c5d754fc182c

  • SHA256

    94759b1194a150628556187c1fb455762671ada958c6a8a9e8e25849163e4564

  • SHA512

    d547ce439a8ca8c441b7d54f0186db01db6d886e38ed1c475372d839f6d2708d8eb1b0f3082a792c9dc29654e73068826482f8dbacd08895792d2abccb1c59ec

  • SSDEEP

    6291456:969OmzyJvS3j4YB2MiuwG8XG3psFmF0DM6sTjWlcOvTKRjIlPjK4:ngOYByG8XwtaCWKrue4

Score
8/10
linkpdfpersistence

Malware Config

Targets

    • Target

      Data/package/Program Files (x86)/ASIO4ALL v2/asio4all64.dll

    • Size

      142KB

    • MD5

      74edb1ea4bee5a60a683b5bb801f3574

    • SHA1

      55b62e45e7cf3e4b7255c1f3841c886394c8d851

    • SHA256

      5564e99ce1d0ec73e762156af09e3d22bfec7af6f1bdcabe81e64825c7ca53da

    • SHA512

      ff6b8ff3f7f68e2700591991a1b862b2c3311a349c27c0facd0a0277c6394e905162f0637ab48eaa94515af29700d2031838cdaf997f7d6c0d521e3a20114266

    • SSDEEP

      1536:DbF0z8pabtCmKHCZm8d4vzi7YetKrZECd/dUgRqXxJkCVmkcu32h:vJ8d4m7YrZL/y1Wu32

    Score
    8/10
    persistence
    behavioral1behavioral2

    • Target

      Data/package/Program Files (x86)/Common Files/Propellerhead Software/ReWire/ReWire.dll

    • Size

      1.4MB

    • MD5

      2f3f103405dec980cfa432ea93f92321

    • SHA1

      4dc93f9aaba768a9c7d0473168831fe15d48fc85

    • SHA256

      5b2c3a6727e4d1fcadec1e1ea0fa6055d1d041a52211cc75c2b0330f6a1754df

    • SHA512

      4f7704bd77e336c11cc96f1dd45e2f4e98d78421b12696b89b887fec17027d543de0964177cc40114edb8c5b16b148ad24bb6e5bc9a09fce23f7daa34db5eb8f

    • SSDEEP

      24576:uFxEKn67lrLcZNOHMpOn/rG6V0xmPyMbNzb:uo7Fg/pC2xm6yzb

    Score
    1/10
    behavioral3behavioral4

    • Target

      Data/package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/Informix.xsl

    • Size

      30KB

    • MD5

      f0705d58ba0e87b39a10007ffc89229f

    • SHA1

      f047c86c0369ddf73542b8ba5f87c9408c479bbc

    • SHA256

      4ee631f87c0d47431c3c5539f0dc15cb1498c0bbc59578dfb80a9aeb52e2f0c1

    • SHA512

      1524387ce7e9e118b6999f9c37027f09ae131141216c02ecde873a2c244a49ebdd6dbcf386f1964aab7e8bc49b5c79d83544466aee41c048c84c843e921aa60a

    • SSDEEP

      384:51qG0T8I9S6J9S6KS8Y54prHGWjY/mnM/Ic9vwz8bG:DqVT8kqrHzTc9vwz8bG

    Score
    1/10
    behavioral5behavioral6

    • Target

      Data/package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/Sybase.xsl

    • Size

      28KB

    • MD5

      d4e1c1857c1d6076f1d834117366b493

    • SHA1

      944c638434d23e96412847edef53a5511b84cab8

    • SHA256

      5d7343288b243f6c15bbaf8df36281327ee7dffd238dd950372132f1c9eaa8e6

    • SHA512

      e25e5a5678fe9cba7be7f7b4e71d3403e03fee6b052de5b432e3d1d93c815405ecefbe376a96bbb7ba8f804a6ce21c4c5fe00d0ee4036fb7398af7311949f520

    • SSDEEP

      384:5XLXu0ToI9S6J9S6KS8Y542cyRyO5NHGiYwfDjY/AnM/Bwz8bk:lLNTokdcyRyO5NHdYU0wz8bk

    Score
    1/10
    behavioral7behavioral8

    • Target

      Data/package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/as80.xsl

    • Size

      16KB

    • MD5

      5f0e99e5ef22de817ce03f49e1f79133

    • SHA1

      3eac30d1fb959f7991c90c3b8899193ae89020ab

    • SHA256

      5f0d3eb64451fcf4fd48498fdaffd87bb84f04bcf4026b01cd98f7bd65ca0261

    • SHA512

      8867ddce42be1bcdfa1bfdf127796f7292cac9bc2c612e05b917bfec63ac35336581cf4bca7c05bbfacd8109a7803b7d926a9c0780387c6dafefe1e5115ce2b4

    • SSDEEP

      192:YG3EzDI9S6J9S6KS8Y54BuALWYb5QebGnekGvz8MAT9n:53EXI9S6J9S6KS8Y54B9WYVynpwz8bZ

    Score
    1/10
    behavioral9behavioral10

    • Target

      Data/package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/as90.xsl

    • Size

      18KB

    • MD5

      7d790f81a8956dcb4bae349e930f1417

    • SHA1

      1c259afc49947c43100fffbacf6613b6b9d521ad

    • SHA256

      7b94cbed75c13123739c8312dfeb1373edc6e10a71b95615d95ce872a710d923

    • SHA512

      0b71fbc76b2c422c57f384246a21a6e8ba63c8ac6761fbce53623cb0a20f815197116b1e05a1e4b6a73e6bd6e0b703e1a4b7db3aa15ab5438ceec70c79d4c49c

    • SSDEEP

      192:YG4EzDI9S6J9S6KS8Y54B0iuALWYbmAkebGnekGvz8MAT9n:54EXI9S6J9S6KS8Y54B99WYqDnpwz8bZ

    Score
    1/10
    behavioral11behavioral12

    • Target

      Data/package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/db2v0801.xsl

    • Size

      28KB

    • MD5

      0f0dd9c711f0080a7389cb98ec8b7e63

    • SHA1

      5035fbc4ed4fb31a7b15f3f6dc0ed903c992fdbc

    • SHA256

      7ac6f9de83d350313eac33c2ef08432057b4e6d76fc3e916dabd8494d2e6094e

    • SHA512

      9477c5052e674c8fe98ed32f0dfa4e21f7cfadd4f628579bc48bd0e8c5d060bcde5f26fa0763e31ad16ae592386244797f825ae13c902da623d19a1d40bc3604

    • SSDEEP

      384:5hkEXI9S6J9S6KS8Y542cyRvNEffPFlDGAYwf2jY/UnM/Ywz8bC:PkEXkdcyRvNEHPFlDVY9Fwz8bC

    Score
    1/10
    behavioral13behavioral14

    • Target

      Data/package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/hive.xsl

    • Size

      94KB

    • MD5

      cad3dd46a534ea5a7e2d165ef2f9cdc0

    • SHA1

      47f2982803c0091cd570ffef9d6d44289c4e0aaa

    • SHA256

      479892c8f5def1c9a69705766b4dcf62dbb89978ae55c44577dfbfd9145d673b

    • SHA512

      f478312589f1f7cf1aacc90ca02a7bcb63583f03b8e68bb491b241c72d62e2a9ad6efb346493ea2036930ae1daf35e0db8be18b615990afe50cbbba6992b483e

    • SSDEEP

      1536:eXqkdcyRsSWlSTQf3TlDaqs925Uo1o5omoKomoptUkAv:eXqkdcyRsSWlKQf3TlDawtbAv

    Score
    1/10
    behavioral15behavioral16

    • Target

      Data/package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/msjet.xsl

    • Size

      28KB

    • MD5

      ca9b3364e4a3f3530169a9c82f214542

    • SHA1

      0f1b007d1f274773c6242531366e43b7d444116d

    • SHA256

      22640bc9fd44885fbc959930f523e657d59c9cc5d1b847ad08e9e7ac7115b384

    • SHA512

      8e541fb2b6cdff7d98fc47f356f9e58633e8e2391f748809e97be212ec0b2cd578322732223daea551a467e9486a329d6c1da89cb1c3ce1cd6131b45d20f2743

    • SSDEEP

      384:5ljbIUtuERI9S6J9S6KS8Y542cyR3nff0NGAYwfCynM/jwz8b2:DjoERkdcyR3nH0NVYeMwz8b2

    Score
    1/10
    behavioral17behavioral18

    • Target

      Data/package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/orcl7.xsl

    • Size

      33KB

    • MD5

      69efd1c266511f8ab64385235c3d54b2

    • SHA1

      94af77e0d2116c263e5798e0fbf7410df4333eb3

    • SHA256

      0374baec5b67bba27b929ce1bfadb009cbfb10d67632d158fbaf8b6b941d5b6d

    • SHA512

      956383dbf08fa9d9618f403ff55052535b946c261afaba86d3fe52651c409b05789581c231091944f803eabcf26870b6de86aedc1fcb481f18ef6633caf476b7

    • SSDEEP

      384:5xrkkbx3AoEXI9S6J9S6KS8Y542cyRyH5kr3lDGyYufDjY/0nM/hwz8Da:b4k2oEXkdcyRyH5kr3lDJYaEwz8Da

    Score
    1/10
    behavioral19behavioral20

    • Target

      Data/package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/sql2000.xsl

    • Size

      32KB

    • MD5

      ac29c853a64282340ef729348b8f1d67

    • SHA1

      302686cc7c3fe0a66a3ed4256a962426ea9786d4

    • SHA256

      e4ab45c17b706f7689e7c854f7b95b14ceb7f445344253e1e062498b19196bfb

    • SHA512

      a3abc6c6eb93ed3dd57fb144eccd5313f4df5622db337c5a6151c752aef2befe21aaaa854d2e84d083e6ecf4168906f568380402695231f44bafdd4cc3e7f797

    • SSDEEP

      384:53l2bYjk3EfI9S6J9S6KS8Y542cyRANEffPaWlDGAYwfDjY/AnM/0wz8b2:5l2l3EfkdcyRANEHPaWlDVYU/wz8b2

    Score
    1/10
    behavioral21behavioral22

    • Target

      Data/package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/sql70.xsl

    • Size

      30KB

    • MD5

      28613764f23b04317f087aa8cf1747e1

    • SHA1

      75dfbe3f9876aceed493418533f4ccf951f56dcc

    • SHA256

      6220b3d98a88405d80c868a33e446e751ee2f537b2a80e99049e6939284a2d99

    • SHA512

      44d4141dc490684e5dc9d9e0301548402553939435ad86c67211d94de9ea2cea76041004be4446ff47d710d76c46311d2e7ab7f17b1cb445731df353f4532ac9

    • SSDEEP

      384:51obYjk3EfI9S6J9S6KS8Y542cyRXH5LWNGAYwfDjY/dnM/0wz8b2:Lol3EfkdcyRXH5LWNVYf/wz8b2

    Score
    1/10
    behavioral23behavioral24

    • Target

      Data/package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/sql90.xsl

    • Size

      95KB

    • MD5

      7bcb78a5002bafbb8ebd1b3d3ea7a56c

    • SHA1

      27b495895e189bb26ba5bb884dce933131485acd

    • SHA256

      a0b013c7d76354298b4b9c5293634da45ef971b8f013e0e2d49ce1c6fd326d18

    • SHA512

      482fc566d875bf08bcc554907084218686bd8f4c8a2f395db509fc2473e8a5f56577a6a6d9cee6a8de6b31d4164d8e32babc22bad327a0c8747d90cde1153d41

    • SSDEEP

      1536:9ZqkdcyRoiSHSTQf3GlDTYfq0QKUo1o5omoKomo7v2FAv:9ZqkdcyRoiSHKQf3GlDTYfRvQAv

    Score
    1/10
    behavioral25behavioral26

    • Target

      Data/package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/sqlpdw.xsl

    • Size

      76KB

    • MD5

      5b5dd39a50f1589f88303f9dc0433a29

    • SHA1

      7c703da375cb58c2ff1056ae499016fe8f341c72

    • SHA256

      244616872e5c6483a08db76961a0adaaadc0c09cd804246f825b6a78ba5081df

    • SHA512

      031c38a8aa7a6cdf2caffb1ea96afbdc5c1f31c3cccaa3bc1f00b857fbbb2ee076d60b5dd756473be119cd5d21abe9d0dd68b0a490461ca463866133e451e36a

    • SSDEEP

      1536:CkkdcyRBL5qgYMqIUo1o5omoKomo7+QA2qf:CkkdcyRBL5qgYMZWjf

    Score
    1/10
    behavioral27behavioral28

    • Target

      Data/package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Cartridges/trdtv2r41.xsl

    • Size

      26KB

    • MD5

      729c9c72a46bfde1647282adc8c92393

    • SHA1

      53d6620a5a86ea5647c47b7ddfeedbeffccd2d33

    • SHA256

      2f3fc62f0e4fc168b4d2b679903752b8d6b1d6ad9d872a0f3a421412689a5a3b

    • SHA512

      45b6e2087828843cc545a239e8a2c97891e723c403740af4e4b545116951263c438a14b32d1532e32a955242b3411fa1ca28f1210323981ab4f1929d1f587e12

    • SSDEEP

      384:5DEXI9S6J9S6KS8Y542cyRGptq59hGAYwfwnM/Awz8bI:pEXkdcyRGptq59hVYBnwz8bI

    Score
    1/10
    behavioral29behavioral30

    • Target

      Data/package/Program Files (x86)/Microsoft Analysis Services/AS OLEDB/110/Resources/1049/msmdsrv.rll

    • Size

      1.1MB

    • MD5

      f2b2e5f2f4b740c96777edd41fe08276

    • SHA1

      f5dcade6456b2676cf7a08680b0f5a48ee8e1a6e

    • SHA256

      84beae30d6f57237316e4cef5bc8c635c8ac12071a07e4791bbfd1e8c440c327

    • SHA512

      7d0a9cf05dab04e927fd28f4738874d6c02ac7c736e9476a543bc44f6e9c4c9fbbb036d59ffffb9b195d8509950e686ad11f70c5c7d0b012de9b0c67d0f16130

    • SSDEEP

      3072:eoEoIu2aylEo1GS+KHv7Qnr6RUCHMhC+wodprSL68t5dchh+Kf7hmHUwySQeRXtF:errUCE+jF14+

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

13
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

pdflink
Score
4/10

behavioral1

persistence
Score
8/10

behavioral2

persistence
Score
8/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10