6d8ce5ddf48cb6bacf8e84ec8ee2c77b264325d288c7fcd40e0ddf7f50c6f547

Sharing

Copy URL

Twitter E-mail

General

Target

arian.zip
Size

219KB
Sample

230101-wd77dafe2y
MD5

cb881412a668f0bd2e0f86851209c599
SHA1

4a0ce2c3561bf6a6fdf92667a34624cdf4494c2b
SHA256

6d8ce5ddf48cb6bacf8e84ec8ee2c77b264325d288c7fcd40e0ddf7f50c6f547
SHA512

ca61e2f1a5cf033664af3a886b230f168bb9216409ced0e21434f34155fee4c146be96aefd2d3a6ab15caedf762d1d7b0d106f721448b582aa63bcf334e5e8b7
SSDEEP

6144:j3j/ZGNpQegYOBSLeduopAGsqtgvJX1lwB:bsNmegXphgF1WB

Score

8^/10

Malware Config

Targets

- Target
  
  All-In-One-Version/MAS_AIO.cmd
- Size
  
  349KB
- MD5
  
  0c981e3ac726e77d2a9a3ddddf21771d
- SHA1
  
  eadaacdaaf4ea01219cbab625e40b9f645960bf4
- SHA256
  
  6d7f542ed46fcb02893a8672eb405d4b543e2a92db1ac22b5d53dbf303568b25
- SHA512
  
  cd13e660f5f4c3abd2dcc133b4dfbce7c4110028249021961929626ef45802804ba8855bc88e8b7fc7aa59064684f20b63d8eb1b8393b70907ed57409e17dd8f
- SSDEEP
  
  3072:13fPEk/1q3Zql5bguFMTVFp9f1GnFSW4xiiInwCc+ryM47EOGJGxiTmW:13EkQ0bguqp9f1GnFSQiCBryMzTD
Score

1^/10
behavioral1
- Target
  
  Separate-Files-Version/Activation_Troubleshoot.cmd
- Size
  
  40KB
- MD5
  
  b1a463ada1f3be7b8201a801767ef08d
- SHA1
  
  626c081b222848ac9238ffa1b678975b40018751
- SHA256
  
  4bbcf1acd70366a7a096201604d2cb31294a572b9a55aa14c35c300dd15d3009
- SHA512
  
  35f0c55fded6a9232c623ddc544141707012523a0aa59944502a80852e1a5699e681f7676f53257f71e56d8ffc81ec03293e24c03c75ecaa854e4d5c32f928ac
- SSDEEP
  
  768:Untcms1G26CSDpYbNd+tAOhsRCWJjJys3sjg:vms1r6CMYwhqCWJjJn
Score

1^/10
behavioral2
- Target
  
  Separate-Files-Version/Change_Edition.cmd
- Size
  
  33KB
- MD5
  
  04252b64d6bf053c13014ab141c7b66f
- SHA1
  
  b71e0f1f766d5a6b16314d786444b5ad9f1f9e5c
- SHA256
  
  2b9c731ca28c49f2b2e74c1f2670ff45b6c079e55e9c9dd2b693838c7aad271d
- SHA512
  
  d83e1eb642cbedff7f74dc2771c75ffbf56af4971358e5bf67f953c58f83e901b4d208e0c35a4b9a5b6d8bfbd17e64fbb12d6c798a9210ea6fd76534e6168c20
- SSDEEP
  
  384:En3yY6Xl90JFEVoMWmgkFk8texZ4M0zzi0iXNmcmfwyTf4ZHA:EnPJQarCzi0ibC8g
Score

1^/10
behavioral3
- Target
  
  Separate-Files-Version/Check-Activation-Status-vbs.cmd
- Size
  
  7KB
- MD5
  
  0e34f3c90cd0c1724737064d438d7357
- SHA1
  
  f50d0b6456bf5514b0ee136c81bd4a7527c43e7f
- SHA256
  
  a21c9481807ea222cebf8cab4047844181dd98c00ad3d6c232701599c10697cd
- SHA512
  
  84c6852ed52df581e70380d16fede2609d4c9f61c22612cbf575f71d529660cd137501265e79b8bab85f14207818ae608472374adabf4d75f9db964a428c6d7f
- SSDEEP
  
  192:B9/O0diZIZazZ9VZ5jZfuZcQZ0pZfSy9C/sC/QiO4TEoz6t9+r4:bO0d+IZad3Z5tficE0rfSyo/h/QiO4Ti
Score

8^/10
- Blocklisted process makes network request
behavioral4
- Target
  
  Separate-Files-Version/Check-Activation-Status-wmi.cmd
- Size
  
  18KB
- MD5
  
  9532db59d6b3fe352aad951fe1fea3b0
- SHA1
  
  751db10cb85b7da9f9f2d1a8fae9df1d02e0e8c4
- SHA256
  
  1149b91927a002002f404115b12b10179ac198bec0365610ce5a74166b256ea6
- SHA512
  
  dea458e7fd48ae5e1105fc2a9d358f0633778031baf6ba2532c08c82e1ee50101b69031ed0cdd09f6378e81188bd2073f466a1f5388b874800ef7ed59c8ec799
- SSDEEP
  
  384:AeeEnXRdwyo44hN8ivJ9EaRVVY7UTdPU0EGT0SGFS:Aee4yWaNY7wdVEGQSGM
Score

4^/10
behavioral5
- Target
  
  Separate-Files-Version/Extract_OEM_Folder.cmd
- Size
  
  13KB
- MD5
  
  d20ab8c217126ef446b943550a8b80f1
- SHA1
  
  adf66fe58c2895f1372934895031697c6da54472
- SHA256
  
  f02992a952f90f2cdd819077a81401c35c3cffa6ef701a99a80b0a4c67807097
- SHA512
  
  73aab3c085ccfbfca380ad14d7933443d16e84f19f37fc0d5c727ff50a685a4ea036ed5bdcf9d45a7af033d5e2da055179db5850580bb4de51dd588df86a0adb
- SSDEEP
  
  192:tUDP04IDn3xdL6Y2RA2umJG3QWzDt2/oWzXc56uWYoz4EbpQLWYoz7urBoLWYozu:Zn3xouBMLPqu
Score

1^/10
behavioral6
- Target
  
  Separate-Files-Version/HWID-KMS38_Activation/HWID_Activation.cmd
- Size
  
  40KB
- MD5
  
  f61abcf62a13c2e5eba6ecc6434ebd58
- SHA1
  
  86ba076c91f26793e0495f7b186351a9cdf1703b
- SHA256
  
  ed5795d770a0f4afcb1cfa0b977d8c79dec5a8ebe3497ccd119c724cefb26665
- SHA512
  
  c70f09f1d6871589e48ff6cb257c29883e1bfcf1632b88cd0b06b4c67876380bfe6f93e3b9caf516f1db0687d1349c0b274349caeeee460625a49f97d93e550c
- SSDEEP
  
  768:bknCJ5yZdAzxV8+lTdizm2eFkxHH1K3/j+ouK6/:93y7KxVxlTdizm2ym1k/Coh6/
Score

1^/10
behavioral7
- Target
  
  Separate-Files-Version/HWID-KMS38_Activation/KMS38_Activation.cmd
- Size
  
  44KB
- MD5
  
  84eda82a79562f13313520ae7a831ee0
- SHA1
  
  32247c2681cec3dd49eab2816fedd7177dbeb28b
- SHA256
  
  c20d3dfd698155f8aa7624bb56c1d8950fab8d60543c42171b4a35282521967a
- SHA512
  
  4ddf4b6d111efeeeda3b6554c46be790ed7b0d3f05ac5baba8852d52cdfcc16d6cdabdceda5c347730128b83cdc80182f2b5d6d7436a43048c0136ff0fbf79df
- SSDEEP
  
  768:3eQnzuJ5y/Bc+O5ZbFEN0t8xbIyzi0D2eFkxT966HPMkZ6/:du3yZtO5Zio8xbIyzi0D2ymhpHZ6/
Score

1^/10
behavioral8
- Target
  
  Separate-Files-Version/Install_HWID_Key.cmd
- Size
  
  15KB
- MD5
  
  a29a8d30d62d365dffba307ffcde9b25
- SHA1
  
  001863b0349c67a2c8bc54fd0cfaf1e58f505fa4
- SHA256
  
  a3dbe4b712888ff5d0b1caee65987806f36d379ecedd9ff059a069516a188c4d
- SHA512
  
  fd66d921fb648780a24cddfa473966a2a958be500b2c4907aa5d934270ae502f0261fffa92ba92349294c42fc7e2b093162f0288885d6316da92e1008014779d
- SSDEEP
  
  192:tIDP04IPIn3DX/GLeI2HActg5hC6UsG+ez3+NKhhXEZVjrBzkhibiwlVvsOHp+K7:qn3DX/RpggnnI7rBzzlrn7
Score

1^/10
behavioral9
- Target
  
  Separate-Files-Version/Online_KMS_Activation/Activate.cmd
- Size
  
  158KB
- MD5
  
  3b3714aed59b1ddb6b98fab143092283
- SHA1
  
  7fecb0434364841e0b7591771874b47101a940ec
- SHA256
  
  3be71613bd368fc7a720ce692412830343e2937066b26ca800a8c9e265d1afbb
- SHA512
  
  f823ebf75f2e7828f486745fa6ecb598aeec219faf5bdc31e52d3e98e1c6f9219903e5cd7e121596fcd0d84be621d8a265bdebacf599858d3a170096a4320b8b
- SSDEEP
  
  1536:LW86vb6vWkuac+4lCXjsisxsGLaNwgEMTV62m0I+1GnFSZVUQG4x0j+E0tNIZleE:QbguFMTVFp31GnFSW4xiiInT
Score

1^/10
behavioral10
- Target
  
  Separate-Files-Version/Online_KMS_Activation/BIN/cleanosppx64.exe
- Size
  
  19KB
- MD5
  
  162ab955cb2f002a73c1530aa796477f
- SHA1
  
  d30a0e4e5911d3ca705617d17225372731c770e2
- SHA256
  
  5ce462e5f34065fc878362ba58617fab28c22d631b9d836dddcf43fb1ad4de6e
- SHA512
  
  e0288dcf78092449d9cbaef4488041131925387c1aedc9e9512da0f66efe2fb68350ca3937f6715834e62e7c931c5dad0fc8bc3c6c0c3daedeff356d6feaac2e
- SSDEEP
  
  384:gQAInWKpEFFzpjq37oIOU6GHq33QPiu431VP:gxWTpOFagUb2qiu43P
Score

1^/10
behavioral11
- Target
  
  Separate-Files-Version/Online_KMS_Activation/BIN/cleanosppx86.exe
- Size
  
  17KB
- MD5
  
  5fd363d52d04ac200cd24f3bcc903200
- SHA1
  
  39ed8659e7ca16aaccb86def94ce6cec4c847dd6
- SHA256
  
  3fdefe2ad092a9a7fe0edf0ac4dc2de7e5b9ce6a0804f6511c06564194966cf9
- SHA512
  
  f8ea73b0cb0a90fac6032a54028c60119022173334e68db3fbd63fe173032dd3fc3b438678064edb8c63d4eceaa72990ce039819df3d547d7d7627ad2eee36b3
- SSDEEP
  
  192:Xdaz2FKIaphXuVX3uKny+gASTGWyQG0eJIL+uVl9tUDY5Kajjtl9w++zOzrPwaur:NbFuUOvAiG0gIVDKDYgmh02HPwzi3An
Score

1^/10
behavioral12
- Target
  
  Separate-Files-Version/ReadMe.html
- Size
  
  84B
- MD5
  
  574e18c1f9b32a47f988ac91588901ba
- SHA1
  
  4c0827e3deeb84cf442e0356dfc1883bcb131fbb
- SHA256
  
  8932bacd828c0716b136af6aa15011aed0015e7838006f2cff7a64954a5696b0
- SHA512
  
  4c480c530af4218e5ac276228a372fcd799912eb183685f805b6c47b5d6971be42a4dca2baa016425dc2499367624cb70de12d280ddcb7b613001460dbf820f8
Score

1^/10
behavioral13

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Blocklisted process makes network request

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13