27e44d09a13128a720a460db6058dfa3634328f3811bc4deba925a810cad87e1

General

Target

Downloads.rar
Size

461KB
Sample

221124-nw4b5sbe98
MD5

61f97ad84b4d4136ccdd71914e9814bd
SHA1

34fbd8a3cc2ef78e8a8635e781f602dcd9c83e10
SHA256

27e44d09a13128a720a460db6058dfa3634328f3811bc4deba925a810cad87e1
SHA512

8da9a02965f37a0ef8f4edb2e2c983c5ec2843333457b388b06c72799e6f7637e36acc00d8b94895f05a5ca8785fa90e79f067227781e0525c137b096c34ba91
SSDEEP

12288:/fc9yL5vGWfLEsXn5GBp2epO1UUE8FUpvrILAqfzVuwKrOKg:/f3BPXcBZpMUiWFYVh

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  MSUpdate.exe
- Size
  
  266KB
- MD5
  
  f325716b2a4c3414ea7e5b95728753c8
- SHA1
  
  cfd4f53f986afad33d702e39691a2a90140bb8a3
- SHA256
  
  df6a44551c7117bc2bed2158829f2d0472358503e15d58d21b0b43c4c65ff0b4
- SHA512
  
  3f86d97c17e772d8d728e0592e6fa0597f899e4cb9b083f277b86a2a23dc6fc904e38c343035d11de549ab3fbee0ceccb0879f28b5a295b7502c21e9e1d98aad
- SSDEEP
  
  6144:tazfx7Nyx3P178D5/H/d0KzChAY9fJA94oh4:Wy9N78510h/Aeo
Score

8^/10
- Downloads MZ/PE file
behavioral1
- Target
  
  MShc8.exe
- Size
  
  308KB
- MD5
  
  36b3b40582c1828d4cff4b45be9badee
- SHA1
  
  c84e30e897c729c39eda4b596ba66611c6963ad9
- SHA256
  
  209371a8e0a9a81a70d3623318dde45d60c2996e483be970c32bf70aa005e217
- SHA512
  
  7a8ca379992cded806772c02e106a989959cd15e1a750aaa9d95651efc5434e376612309ee407d81b99b7d5511972514be7d25c922228a69d37f98a982a3f1fe
- SSDEEP
  
  6144:MWqRbjzWoW4G+6BGUTSDVHgToE43s709lQIaTTvoM68ASK2:MWq9nWo8+MGUYgYlODK2
Score

1^/10
behavioral2
- Target
  
  pwls.dll
- Size
  
  5KB
- MD5
  
  ed38b8ea251d55076048134ed2667949
- SHA1
  
  fa34e37cc5c421561b79843c7e503b0025c1b72c
- SHA256
  
  2c179565c3c2f9f67516d9c66394abb92c11979875e51e0fcebaf1529722163e
- SHA512
  
  584577938dce965302881a1155db890376e21951eb6e28047c9ddb456d4b76dfb8e21114d44664091115dbc00fec02a8f93549e052b5f19606f4762725a01b5c
- SSDEEP
  
  48:6rztFGxz7VEDnYlTzVZdiSBv9DNinQEuapuwuaFfb/fDrq1ltXbjL:etI78AhisNNiMWuwuaFTW/X
Score

1^/10
behavioral3
- Target
  
  برقية 380.exe
- Size
  
  636KB
- MD5
  
  027e013d26197ccd4c0a38c0b8704f75
- SHA1
  
  3241787f7fff3d2580ca99ae4ccbdcd92ed58100
- SHA256
  
  8c09a804f408f7f9edd021d078260a47cf513c3ce339c75ebf42be6e9af24946
- SHA512
  
  02bf1e5b039cce13f1658a7ddffd5406020f5b4baae6dabd3bd91e5fe381b7d17b75cf5b348c6a5d073d4708ce080d3bb1433eb97c7a1ef2150e7e7ba81ffb02
- SSDEEP
  
  3072:dBxjAWnzKEL/Y+gCfkWRCGg+5zRhNRwW0RYgEKy+IrPZziHzoY46CIuldIAJfqTE:dB6WeEj5gCfL/gGzRheubFuoh5jI
Score

6^/10

persistence
- Adds Run key to start application
  persistence
behavioral4

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1

T1060

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Downloads MZ/PE file

Adds Run key to start application

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4