General

  • Target

    c650d3c4996f85b5149f5160fc48855e91184b9906ca5436c7db1daf6bd5649e

  • Size

    4.2MB

  • Sample

    221124-pcr1facf72

  • MD5

    e3840926ecd0a127933545a34308e154

  • SHA1

    5a92233eef65c27de9920b0b448de6ac6983778d

  • SHA256

    c650d3c4996f85b5149f5160fc48855e91184b9906ca5436c7db1daf6bd5649e

  • SHA512

    9b3bb3306c56ca490601f78445dcd8dbf6437f42bab67cc93d6baa6e81e33fddbd4da6f5e26aaf60f43d40a83aa9a700521f35e09504a82db90fd78ffefa3a2e

  • SSDEEP

    98304:RpZb+Ma7ksZGweOjnvbE7WSW1xTAvpB+VK5/FoUS96:Bb+CurBjjE7WSWe+VKvpS96

Malware Config

Targets

    • Target

      c650d3c4996f85b5149f5160fc48855e91184b9906ca5436c7db1daf6bd5649e

    • Size

      4.2MB

    • MD5

      e3840926ecd0a127933545a34308e154

    • SHA1

      5a92233eef65c27de9920b0b448de6ac6983778d

    • SHA256

      c650d3c4996f85b5149f5160fc48855e91184b9906ca5436c7db1daf6bd5649e

    • SHA512

      9b3bb3306c56ca490601f78445dcd8dbf6437f42bab67cc93d6baa6e81e33fddbd4da6f5e26aaf60f43d40a83aa9a700521f35e09504a82db90fd78ffefa3a2e

    • SSDEEP

      98304:RpZb+Ma7ksZGweOjnvbE7WSW1xTAvpB+VK5/FoUS96:Bb+CurBjjE7WSWe+VKvpS96

    • RMS

      Remote Manipulator System (RMS) is a remote access tool developed by Russian organization TektonIT.

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.