Overview

overview

8

Static

static

8

interium/README.txt

windows7-x64

1

interium/README.txt

windows10-2004-x64

1

interium/c...NIZMOV

windows7-x64

1

interium/c...NIZMOV

windows10-2004-x64

1

interium/c...hd.ini

windows7-x64

1

interium/c...hd.ini

windows10-2004-x64

1

interium/crack/v4.dll

windows7-x64

8

interium/crack/v4.dll

windows10-2004-x64

8

interium/crack/v4.exe

windows7-x64

1

interium/crack/v4.exe

windows10-2004-x64

1

interium/s...ot.ini

windows7-x64

1

interium/s...ot.ini

windows10-2004-x64

1

interium/s...sc.ini

windows7-x64

1

interium/s...sc.ini

windows10-2004-x64

1

interium/s...ls.ini

windows7-x64

1

interium/s...ls.ini

windows10-2004-x64

1

interium/s...ot.ini

windows7-x64

1

interium/s...ot.ini

windows10-2004-x64

1

interium/s...sc.ini

windows7-x64

1

interium/s...sc.ini

windows10-2004-x64

1

interium/s...ls.ini

windows7-x64

1

interium/s...ls.ini

windows10-2004-x64

1

interium/s...ot.ini

windows7-x64

1

interium/s...ot.ini

windows10-2004-x64

1

interium/s...sc.ini

windows7-x64

1

interium/s...sc.ini

windows10-2004-x64

1

interium/s...ls.ini

windows7-x64

1

interium/s...ls.ini

windows10-2004-x64

1

interium/s...ot.ini

windows7-x64

1

interium/s...ot.ini

windows10-2004-x64

1

interium/s...sc.ini

windows7-x64

1

interium/s...sc.ini

windows10-2004-x64

1

Resubmissions

15-01-2023 00:36

230115-aybg9abe6s 8

15-01-2023 00:11

230115-agp93sfe58 8

15-01-2023 00:06

230115-ad4y3abc3t 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    interium.rar

  • Size

    14.5MB

  • Sample

    230115-ad4y3abc3t

  • MD5

    81b60c6e7141465635226d21723a9df8

  • SHA1

    f3767058e15bc105966717a7aee3cc6f011cd8b3

  • SHA256

    6413b835503a6c77f347a262f0ce18de15ea59608658aa8c2e51a3433ffe1624

  • SHA512

    72a8b78e44fc3e28ec689917c5ec912caf6c2e17d3d162c7880cb80f3a82077e60f2db0f9a74183e1e8871852ff0fdc9e2d223c46d2793572710ed3612531402

  • SSDEEP

    196608:M7Xj8bBRci2CjBJ+RonUoQ3h4AnhRyZjZU/mqQxG38rQF+DaMJTnsyMf7d8zb1tb:MTj81l2ClJ+IUoQ37c1U/OYll4QgRh

Score
8/10
vmprotect

Malware Config

Targets

    • Target

      interium/README.txt

    • Size

      214B

    • MD5

      032fb6e43c11311a515c72c165c80e92

    • SHA1

      2f0f901b061f600700e45cefd81619b4b411b8a1

    • SHA256

      ff96343be6317d51a67392ae75fde1073b27639dd7f7449c0e00dec4b8ca66ee

    • SHA512

      ab29a15789d3e3b6ac4ce4caa3382b550b8a3875d78b5677a95268535688ab54b437188e7ef46dbb3cac7b865f335fa2ff13bbc3f43b817fb36f8b70563e6819

    Score
    1/10
    behavioral1behavioral2

    • Target

      interium/crack/Cracked by suga, QHide, SATANIZMOV

    • Size

      33B

    • MD5

      047b1f5064da469bdc44622969466ef3

    • SHA1

      b03194eaa0dda5c91c8d1aeb6124a01e34a52b70

    • SHA256

      00b005a6109c9b7da41c263627e5e6cfc8458d5d96b76373dd9aad299e4b2695

    • SHA512

      4a405ceba266e0ea24dcae0f3961bb6e81a1afc54a66b4b91aebf1f245e3096919993fe8c4a2329cc8b638aee1ea2a60c794fef5e7a317da80d715324f8493bd

    Score
    1/10
    behavioral3behavioral4

    • Target

      interium/crack/injmthd.ini

    • Size

      1B

    • MD5

      cfcd208495d565ef66e7dff9f98764da

    • SHA1

      b6589fc6ab0dc82cf12099d1c2d40ab994e8410c

    • SHA256

      5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

    • SHA512

      31bca02094eb78126a517b206a88c73cfa9ec6f704c7030d18212cace820f025f00bf0ea68dbf3f3a5436ca63b53bf7bf80ad8d5de7d8359d0b7fed9dbc3ab99

    Score
    1/10
    behavioral5behavioral6

    • Target

      interium/crack/v4.dll

    • Size

      14.7MB

    • MD5

      4b25ddde53db2c330ba626907a215567

    • SHA1

      d9b91e07b7c865d665c1304bcb6c5f6c23e21458

    • SHA256

      71030519768ec7c316add9d354df5d05c307218c459acf6b57f1d8cf3007f7aa

    • SHA512

      f193bd0d6ecb0f27e3c37acfb64ab6a0658ad88d42b15655be6f42bf83b6aa202088acb9d4e590fb76263d88926f9b063bb25c1593b2bfcaa3018220a433aef7

    • SSDEEP

      393216:jl7MsZ1LWvPSdVZ/QWjHc+p1y/cUpt+zBK9ub:jl7HEPS6WjppAEot+zBfb

    Score
    8/10
    vmprotect

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral7behavioral8

    • Target

      interium/crack/v4.exe

    • Size

      5KB

    • MD5

      67601d1b4381c7dafe8e7ad94f38a142

    • SHA1

      16e6e3a8f666429c1a4941e9c0945a22afd6377a

    • SHA256

      04a007a31de14d111ec54030e3646422d5ee224177dae95795ac2826a55336f7

    • SHA512

      63b4666f7212f08c8c9ae24cf914d1694dec5a1daacad0e9e742c0dc39662cc97f1c66722dce99656d3a70277485b25374eb5abad06821c55e73b7f3be7172a3

    • SSDEEP

      48:C7zRekJFF6G3N1zcuzrRr1nnzrQYAPSC1iF9vhAHyhdUXhQB8sXlE6mN0F3ybCV3:Kjd6uzrh1nf2PSCA3vhghQK+l2K3iw

    Score
    1/10
    behavioral10behavioral9

    • Target

      interium/settings/Golyb0u_No_Psalo/legitbot.ini

    • Size

      21KB

    • MD5

      756d1f4adf27bde7dc09b90853cd0b79

    • SHA1

      60ee856117ea86da73315d05c7cdfda583cfe993

    • SHA256

      87c23c780154b3bfb39183579590564d9bc1dba048ea47f3511a1042e5aad04a

    • SHA512

      0e61d18dd4422a4b468eedfc68c8f711995b34e731c8e1aeb9352a2d59edcb03f305ada6683539d9ca4eef827a9f1aed6aa75f3eec1efba645ab84428f47d1b0

    • SSDEEP

      384:e2J9ouT4yaVtzdLIADQnZSBc6F1jeXhyaXzX6XbXXX4XEX6XhXSXyf+iwocudqD4:1ouTTItzdLpDQnZSBc6F1jeXhyaXzX6y

    Score
    1/10
    behavioral11behavioral12

    • Target

      interium/settings/Golyb0u_No_Psalo/misc.ini

    • Size

      1KB

    • MD5

      9ac40aba114264eca1a5f8f7cc655ebb

    • SHA1

      3c594cc3383d85c4eec7e4bc3cf3b6a8ab31df22

    • SHA256

      8bc23d59b617fc9e2048ab47e24c95222e5e89bce23b4cadbdaddf9a85d80e9e

    • SHA512

      2a8a433d15fd1103b2ee1305db08bfbc065e91d82b76e719ba681ae984bf7e7bda2e070fd3a801b18cd1974aa8389096180f16bffea876a9254a57172d895bef

    Score
    1/10
    behavioral13behavioral14

    • Target

      interium/settings/Golyb0u_No_Psalo/visuals.ini

    • Size

      5KB

    • MD5

      320a6df5f66b9937c75a298bf6833b2d

    • SHA1

      28c92d27919b597e72b13bdcc602b87e7c65d057

    • SHA256

      54f753d9b7d29c8f3506b85be0e510adbca7a6a23bfc3ac71c95ab4bdc8ceeb4

    • SHA512

      2fe11a56bc38c08ed69698746713425056a2861226e2b169dc5120e9a40ab77f908121a9bdb45fbfcf0c804c97e3a78f85e2dc4fc16d7b35fabb4523ecab592f

    • SSDEEP

      96:lDmIPaKJjCeqTTqO53/vsgUVX9F55A4DCzTU3p+t29DHtp8DA3tPQ8v8c8u8Y49m:laMaUjCeqTTqO53/vsgUVX9F55A4DCzs

    Score
    1/10
    behavioral15behavioral16

    • Target

      interium/settings/Golyb0u_SemiLegit/legitbot.ini

    • Size

      20KB

    • MD5

      e5633871b0cfc1b1b9755181b1a19ae7

    • SHA1

      639ca672f299486f9e94fcce2422045f03d099e0

    • SHA256

      f005d7b23940c30beaade96a961af3c2700f75306822a341fd7d20f2e55ef559

    • SHA512

      a93c388dcecb6d08ae8daa6316f1b7b67bd6071bd6e8b5b77e4b22fbe42e5b77d56c6e0fb63874573d50c6d4241fd651f4e3bd94aa9d06f42186fdd6aa7a848d

    • SSDEEP

      384:e2jIZP4IazxkRkIk4NtbDBG6F1jeswGaXzX6XbXXX4XEX6XhXSXyf+iwocudqDs6:VIZPZuxkRkh4NtbDBG6F1jeswGaXzX6j

    Score
    1/10
    behavioral17behavioral18

    • Target

      interium/settings/Golyb0u_SemiLegit/misc.ini

    • Size

      942B

    • MD5

      4f9d6107add9981db03b3edce4398880

    • SHA1

      c52122934e0bfaad5fef481eee4f64a06e0672f1

    • SHA256

      6dfa1243213c1b71c5c13a7d415d753c40746dec3c9c7dba82329f6e345365b8

    • SHA512

      c074280fdd7a06ae6591b83364eb57133ac42ed52ba37042a423a6666e2dc14f5374887ca895f77a9be0f34a477e6913f25c0d9318b35703e3ea1744ba92336e

    Score
    1/10
    behavioral19behavioral20

    • Target

      interium/settings/Golyb0u_SemiLegit/visuals.ini

    • Size

      5KB

    • MD5

      8abef8abde2871379ca6b49447871570

    • SHA1

      cda2209e17b2b01198c6c54401c3316ec30795c0

    • SHA256

      4d0421e5590ccbe3f7835fe7603f6388d53eaecc39f9718fd8cc13c686f85d68

    • SHA512

      3b7fdbea3741f7c2732402d51d48c85a6a06329c073c7d7045a799945cee52a03a3114be2f1cfe322db9a80b2b8d4829bab09dfda9eb6a520a356a64cef15a12

    • SSDEEP

      96:lDmIPaKJjCeqTTqO53/vsgUVX9F55A4DCzQ+t29DHtp8DA3tPQ8v8c8u8Y49mEln:laMaUjCeqTTqO53/vsgUVX9F55A4DCz1

    Score
    1/10
    behavioral21behavioral22

    • Target

      interium/settings/Golybou_SemiRage/legitbot.ini

    • Size

      21KB

    • MD5

      b7eda56f2f5d76a0fb86f0fa41505c59

    • SHA1

      d2c1356f471fe39cacf4254f51ed6c687f8862e0

    • SHA256

      55759f209eac6de88ec5b22350c8f332cf0797e69c08e0b2625417f614f75d63

    • SHA512

      902225725dc6263437855a4edd77df5e653ab29dbbad63d92975d0477e9304c68cdae5926b871c1e9fd341a87db8215aa96ba0ab2ec02b7a528e98d27a1bc1bd

    • SSDEEP

      384:eL8kMb76rf5lQ07aq4fw/FqAeYLmqoaXzX6XoXMX4XEX6XhXSXZOsBmunT78ALAN:oMb76rf5lQ07aq4fw/FqAeYiqoaXzX6G

    Score
    1/10
    behavioral23behavioral24

    • Target

      interium/settings/Golybou_SemiRage/misc.ini

    • Size

      1KB

    • MD5

      0692a9aee49c11cf21ed641312bfa070

    • SHA1

      a1721a93c333df0c47bb041d24d4f02825f2cb0f

    • SHA256

      871c9aeed27cee61c2c9797ca6e186eb975678c996688d02036e5c283e921d2d

    • SHA512

      dec22fb8605357da57973915d0247fb4653192935fa69910488efa8910eba146ef8f0e281abba01fabd504f11500f8ca0f15ca219a12339af32e9cdf7e6311e1

    Score
    1/10
    behavioral25behavioral26

    • Target

      interium/settings/Golybou_SemiRage/visuals.ini

    • Size

      5KB

    • MD5

      819d6aeea2fbe00e6bb2452f1d1c2c4e

    • SHA1

      6d737a0a1263aead27f1db36f2ca6f0fdde1aa15

    • SHA256

      415f0f88fd28ca6062879f9c6c3a249ea56c239899fc69405aaddf34c7845442

    • SHA512

      07727d2752c8dadb496d5c3816d426757cf794f274f355150415c51d1cb63b2dcc369447c387452022412e3e5d4759dafee51f9b690fb2edce1c467bb4047b20

    • SSDEEP

      96:lDmIwLQngJjCeqTTqO5PO/vsPUVX9F6AQf2ETU3p+t2sHtpZx3PV8v8c8Yemt8uf:labEnSjCeqTTqO5PO/vsPUVX9F6AQf2T

    Score
    1/10
    behavioral27behavioral28

    • Target

      interium/settings/Legit/legitbot.ini

    • Size

      19KB

    • MD5

      164b15b602fd262be385486b006b4df9

    • SHA1

      7781f6d65f5143ecb94c1e1b162d92800cee6ec5

    • SHA256

      8c03a63272709b55d3a3bb51f44ca1833ecc0542b4c35212228809f73975a955

    • SHA512

      c055e6e0697cc7485fad781128003895d6f7ef6026e4a9ec86a4747ef121273e8cb21452fd744137d4dc5b08a8d42100954f3ea1c4863fdf0ba16c6019643106

    • SSDEEP

      384:eL6LzpdycfOZWHiQwhqcyF7HO2FeaXzX6XbXXXLXEX6XhXSXhfDO4ocAWAaXAUXJ:DLzpdycfOZWHiQwhqcyF7HO2FeaXzX6E

    Score
    1/10
    behavioral29behavioral30

    • Target

      interium/settings/Legit/misc.ini

    • Size

      1KB

    • MD5

      7b51f26bcb4f5eff0b46eb86714c8a51

    • SHA1

      64b1237d70ceb669c78cf92bf60886600ef4ae77

    • SHA256

      397a627758374867a6f47a11aa8b0503b8d99cb33fe1639532278e989b6fb2b4

    • SHA512

      5013ecab56a5ab39056305dda965f08ded1b5cc9e2baf1418809981466ba791736e08717bddcb5b0ea5fef9f3819a0f83c84b2b64b63793462648d6c7ef641fb

    Score
    1/10
    behavioral31behavioral32

MITRE ATT&CK Matrix

Tasks

static1

vmprotect
Score
8/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

vmprotect
Score
8/10

behavioral8

vmprotect
Score
8/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
1/10