834fe976c06fb74a7d444fe299d0f9187637b4f643da798ed36fe84135eecacb

Sharing

Copy URL

Twitter E-mail

General

Target

834fe976c06fb74a7d444fe299d0f9187637b4f643da798ed36fe84135eecacb
Size

5.7MB
Sample

221123-t7dhragb56
MD5

56e2cc0f6394fdad874eba0ee33b0e88
SHA1

b1c0507ff2001611ac8dc3fb914e4a27511b0524
SHA256

834fe976c06fb74a7d444fe299d0f9187637b4f643da798ed36fe84135eecacb
SHA512

e6a0d9d223fb475b32624704fea300301b944d109742b3fe87021d8535c02bcc04bf17a53650f200cadedcbfd4a6a0ac7f1a6d8e2631643c53087ed9beada113
SSDEEP

98304:8lTjfiB8px6yhIWrjXyubNf1irfbBq+murJFlH8NwT0RLtDNHHuGMXpSee87hrPj:8Zfi4F+qjXnNfsT0aPV8NwT05fHHkXEw

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  DataCrypter1.dll
- Size
  
  25KB
- MD5
  
  2553af518536b2e365a814730eb93e0a
- SHA1
  
  eeed80e25aa2d61519e1b627c38cea8131934d11
- SHA256
  
  1d03e713cb506e515b63c8ac64da9946094800bd4b6157dfd38c8136ae49d748
- SHA512
  
  fc62ad82169cd01729b48b255dbcf91d9c1af0df242b3e37b63f696370179990039ad87757e50906784921fbb4054b9fe27472b9ae0345a5c6e237769b4cfe07
- SSDEEP
  
  384:KOp4SEser/iCHlVM8Tq+U9MzvpeH2xIr+0LP+GYp2MIVv/B6FaZEpN9eJW3WSW:KOCLJLM8W+u4pR++0C/wPv/WSX
Score

3^/10
behavioral1 behavioral2
- Target
  
  DataCrypter2.dll
- Size
  
  176KB
- MD5
  
  e060caf6d6c303a2c9bc13435f7f81a1
- SHA1
  
  afc8b83acb0b874e6c19bebebcf6b96b3d550678
- SHA256
  
  742f650d98c793fc85e5363d807224c81bd8d0b58c02bbc39fbe540304bc5f94
- SHA512
  
  c619ccda9a473fdbad8b6468a8e9b3e5383292f9628e874d8c7b46a7588712ae7426b8e4b8fe20f978e88bcb939421e5d18c35c157156a3b74ae7b4c388eb69c
- SSDEEP
  
  3072:qkjMknTTzpo2BtmaqoYriBm/fkL5VkDgP30jyQ4ZsSTz45McOfzM:9S2WarYuwfwnA0hSOfz
Score

3^/10
behavioral3 behavioral4
- Target
  
  DataCrypter3.dll
- Size
  
  166KB
- MD5
  
  12d9b132d9db55acba9d49b45bb0cffc
- SHA1
  
  2cb42290a02ed2996e6b5226e8d0d546b3356f3f
- SHA256
  
  a2c48493f288f3927c52a535f2b1f5f59e8d3a9b0d13b1d62268d2aae1c9dac0
- SHA512
  
  13cbf0c7a8251c7c785b80a43d6f72fb8c12ef72bd543db36b31f63af28747a9cadfb57f5e64106c5707516947911c649926a2dfaccf1daf4604c2e081bc2d63
- SSDEEP
  
  3072:BLfX0pF/QzUL5UA28u1t9yp5GQC32rdPiowGB9H6lTD+yXzIaVkKCemrOqODJE6Y:BDHUL5H28ubeGQC3UdPi2d6lTD7Z4emQ
Score

8^/10

persistence
- Registers COM server for autorun
  persistence
behavioral5 behavioral6
- Target
  
  DataCrypter4.dll
- Size
  
  269KB
- MD5
  
  d7a0a16b9c34ff96bc6e2876174dc4c5
- SHA1
  
  39787581ffd22579c0eb208e0408d42e094e48ae
- SHA256
  
  d8eb75c2eb1452ebd054faf79fd2d7181323a0972bbcb1d5dca0778f5b6e9297
- SHA512
  
  cbd58ae4b9050470651981dd05533cd333fab3b9544294b9798212fe3ee428e5445ee3606fe847f6e7218b07a493afab35325d988c614ea3a181f03886d1834d
- SSDEEP
  
  6144:NETQUoNDS7/RiwFYyS6PUp4RASqzmr2gyJYnmijB1:CTQ1NDSjRjFQ6NAg
Score

1^/10
behavioral7 behavioral8
- Target
  
  Ghost Smart Crypter 5.01.exe
- Size
  
  12.8MB
- MD5
  
  6b2251734367113158242382f9db62ea
- SHA1
  
  9597302e6d8f1e1892f9cc3506d5475eb9dc8749
- SHA256
  
  aa61e8321646eab00c3119458ce177f2f7459e32b10a762c1c4886d082b8a239
- SHA512
  
  21ca771e61cef1f0b862c2303e6e8f41adc7b653d225bd07f218386f28eeb44d693cf6b81b964e4b0560ab184d47fd7319a5e10eaeabb9e74c37eda3a93862d3
- SSDEEP
  
  196608:p/U7zSUb/pOenfogKJIrXdb93a51BE4NCh9Puyydn+OM/Ov8vJ+/U7zSUb/pOe:NUX1mgTdbCBE4Q73y42UvMUX1
Score

1^/10
behavioral10 behavioral9
- Target
  
  ifsutilx.dll
- Size
  
  10KB
- MD5
  
  52e1754c8fc5d19580ba8befc1aeb24d
- SHA1
  
  848d188384bb7b8d88bf185a4361e47b417f1c89
- SHA256
  
  b17e8401309655f066052be0f46f482ea054c0d635fefb2cc9d3d2bfced65057
- SHA512
  
  d894e12e14cb649d178cd3b8cad4f8ef18420acf744d77e66b4f8bce740726201bfae4b6143c66042b090faa0187c972f4307db92d3df1968bae556ae681e603
- SSDEEP
  
  192:+NAZlgdKAh/KBzA3vIGgON4r1z3MJYJBW01ZW:+kUKa/AChN4xzzW01ZW
Score

1^/10
behavioral11 behavioral12
- Target
  
  igdDiag.dll
- Size
  
  81KB
- MD5
  
  b867f3e032227c77f4aefd73194317e1
- SHA1
  
  85292a67938393f44e3ba4edc14c223faeb6b5ed
- SHA256
  
  24de1fe23fb6e88c86cacad8fd15345fb87b09ca74c29890431485a41df37aff
- SHA512
  
  29dad97ae8ca91cfa99c99909351ec761f5e1664b934313a876fe62bae563dba5a734545a26b36ef0a617d2b93f17b1efd04dd6d47129c11026d12909e42dde1
- SSDEEP
  
  1536:lHXUOlXTPKFN96W3hPGR4ukbgUweQw4R:NVcDheRR+gUFQHR
Score

1^/10
behavioral13 behavioral14
- Target
  
  infocardcpl.cpl
- Size
  
  44KB
- MD5
  
  d29ac48efb0a79692c1955076e8e1ba3
- SHA1
  
  461316f081823e6a0755d65813b9b08ee2c5e4f7
- SHA256
  
  17d13218fb855092ab01befced01eebbf92f6d82e97c498446dc7dca1394e11e
- SHA512
  
  078b252ada3f7cb7801babb8816eae38e4d85738caddc3240c6293215c3f45124999b68f64d056c97edadec21f0de0bf07590a1573012bea9d9c702147e66759
- SSDEEP
  
  768:BbG16P6WKpORC520hPOxjRnFF9fDTUTfSK0O0yTDLpvf7HWnnkNWrbcMQz4qjpv1:7RC520hPOxjRnFF9fy/1ik0rbnXq5
Score

1^/10
behavioral15 behavioral16
- Target
  
  input.dll
- Size
  
  241KB
- MD5
  
  eb8cde4ef586d7a579b44ff198850de4
- SHA1
  
  edb0ccac656fab72ae6edc6d197cb6940c89b589
- SHA256
  
  db91ab6cd37eb0131e2c9d4789833910cd3cabd5b00db3f96e95ab3fdaac9801
- SHA512
  
  ee23f1db2730711b1cd970f9664146581bdda7cba61578c57cf1d7d88b48d19f02e8e3932dce12735efcb752eee3e8e913e7285efff05d449b5c5ab59b09dc36
- SSDEEP
  
  6144:LTJZKr38pIB2P3FYMZ7X0SiJamYOQZCy:LtZKr38pIUCMZ7ESi8HZn
Score

1^/10
behavioral17 behavioral18
- Target
  
  inseng.dll
- Size
  
  122KB
- MD5
  
  70454dc107f93a2261a340e5b89bf052
- SHA1
  
  98b43f49ebe743f48564aec1a0baa4b79a588802
- SHA256
  
  7dc81f1ddb00045ca456e910ee0ccfaa1099e898f99afe1a9571861ea7f3d8db
- SHA512
  
  e151dadc4a1348126d4cd5bf45e71b715229daefa358d75bb45c3c626b229c284905a8be8264185f55536df2950e2636fddea9a5c4b0491e49c1a2f491a22ace
- SSDEEP
  
  3072:DyV3+WJRXm7ADz6iZXfQdqJkkptQCgmi+TZv94p2q0br+wcf:DxcQkfXiYvrxf
Score

5^/10
- Drops file in System32 directory
behavioral19 behavioral20

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Registers COM server for autorun

Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20