Overview
overview
8Static
static
CF�...��.exe
windows7-x64
8CF�...��.exe
windows10-2004-x64
8CF�...��.url
windows7-x64
1CF�...��.url
windows10-2004-x64
1csla_30367.exe
windows7-x64
7csla_30367.exe
windows10-2004-x64
7˵.htm
windows7-x64
1˵.htm
windows10-2004-x64
1�...վ.url
windows7-x64
1�...վ.url
windows10-2004-x64
1General
-
Target
608baaa3ec9cfdf7eebbd360828dc871e3cc53cd791bb6152c8bd6c4adbf716e
-
Size
6.6MB
-
Sample
221125-a58fkadf9y
-
MD5
cecb7d3d1a9f81b75601554a70391cc1
-
SHA1
cc2c9c0f160f866dcc9b29341fbb2bb4eb3145d2
-
SHA256
608baaa3ec9cfdf7eebbd360828dc871e3cc53cd791bb6152c8bd6c4adbf716e
-
SHA512
ad6ad20fa6975eab6e72b470f98fe1ad7cb5397efa298480675520c5199710ed42fc6719b323b84a1b7ab1c29fd73e009083e1cf43cec1a1cf06fb0b3a44a6bb
-
SSDEEP
196608:DRCi+hkuLqFeJ1f1plAwXv1nPPm0Bv3/+UST0Bh/Y3Jto:Dd+hkuL9Lf1DtnmavP3E0j/YTo
Static task
static1
Behavioral task
behavioral1
Sample
CFV1.0/CF½.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
CFV1.0/CF½.exe
Resource
win10v2004-20220901-en
Behavioral task
behavioral3
Sample
CFV1.0/.url
Resource
win7-20221111-en
Behavioral task
behavioral4
Sample
CFV1.0/.url
Resource
win10v2004-20220812-en
Behavioral task
behavioral5
Sample
csla_30367.exe
Resource
win7-20220812-en
Behavioral task
behavioral6
Sample
csla_30367.exe
Resource
win10v2004-20220812-en
Behavioral task
behavioral7
Sample
˵.htm
Resource
win7-20220812-en
Behavioral task
behavioral8
Sample
˵.htm
Resource
win10v2004-20220812-en
Behavioral task
behavioral9
Sample
վ.url
Resource
win7-20220812-en
Behavioral task
behavioral10
Sample
վ.url
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
CFV1.0/CF½.exe
-
Size
7.0MB
-
MD5
adf3a9d53352bfbb476698ba6af45434
-
SHA1
25540b88c67d61f8766f9d1284c721754f011978
-
SHA256
3ff1b1faae2179aeb59d3ba080110e138f25e24f66bc52bf304ec269f012d550
-
SHA512
adcff3fde82b1c7dec4ed4a3eeff81c4b87d3e4045746149f18858e14beec9b44c68cc4f2df7392d631f3648e8c488bbc1e05b55a21fcc3f701d68802a7999d6
-
SSDEEP
98304:cepGTo0F7jR9pF6vhyFkf84hSyQt9Hwq2SJPaNRb7nPdDwQVD7y:B4ZjR9yyG04hbQUSQRXnlDwQVDG
Score8/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
CFV1.0/.url
-
Size
149B
-
MD5
3356ff38ffcbcf0c2d8cd8a474414dcf
-
SHA1
872f2ebeba5eea4d498b3b0bc2411002697cc3ca
-
SHA256
86aa6a1c2cb218b88dc423a33c4bcc6fc2ae32bb48d366669710b57c71aa0eca
-
SHA512
6e5611bc205c0649e861a46e49685cc6c8db74626f31bdf15d01249d6bb641ae9a81e68e3460460a89fabb6a669032b6fbc8da557d979ffcb2ef315fcdfef816
Score1/10 -
-
-
Target
csla_30367.exe
-
Size
2.0MB
-
MD5
fdc89772a53b7ac5b336789ef67a0911
-
SHA1
5bb38ac0f1e605c6e710268d9a7bcacdc343952b
-
SHA256
d9bf029440c25e053980e95f54750c9f942118c19f54d411e8ded9c8a4c352f8
-
SHA512
7d5436780c9bc2b38a026a89b943b03e8d3031eba0f1bb356422bef25ad27f1e34f75f932db3deedcf02fd39b8f0657fbc4f9e47ea7b6be33140897c62b8bd05
-
SSDEEP
49152:w+q5Y63XJAqJepSwLOHE8daBY2qCWRcGT48zNq:n6Y6Jl2z6HExBPhWmGTW
Score7/10-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
-
-
Target
˵.htm
-
Size
1KB
-
MD5
6782cfbe06b60dcc453cb6fe3073a9b8
-
SHA1
ce797c4e059c5262cbcc383f6cc8009fc17f6bbf
-
SHA256
6c896ec8dbec812744cdce255c28330b85fd1d30f93231bb3da62c3f36e697d2
-
SHA512
6c48fce6afa33290fbbe6435cee6f99bbcaac1bc3e66a1889e7c78a7b1f7607640f42d1d71ee6655bf957f92c6c14f6a40e4185de12fc2da645b5286a040716e
Score1/10 -
-
-
Target
վ.url
-
Size
211B
-
MD5
f27c2f066488db1a0704f5d6a2d182f0
-
SHA1
215f448636d7769fc496301c65ae87e205bebe9b
-
SHA256
623f997fc65cd09ec49022948a506653f4c536802f6e5dfc6af7d3bf6ac0ff00
-
SHA512
091ad55197826afdcebdb7dd05cc76859462f2e4d1823a341fc58489c268016d994a27712820b735d424d205734d86dcdcc837311d02d4df6c515e49c1449bb0
Score1/10 -