eec421cd7f3f5e2928ba156639ada000a7ad057fec33b7c8c716b9af0f07204f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Iperius.Backup.7.7.9 - XYZ.zip
Size

64.0MB
Sample

230310-td759sed75
MD5

32f080666f64641e58145e17e4cef62d
SHA1

9db8a7e59c8fa31724745b3f755ac21e87ffa84e
SHA256

eec421cd7f3f5e2928ba156639ada000a7ad057fec33b7c8c716b9af0f07204f
SHA512

d924c90734093f81e0516a8e02cbf1b2e00fc7a220f5d4c188dcfdc1d72071730c1e91cee0d1b27322180ae228691df10dd659aaaf6e9611e6909f3b817b70d9
SSDEEP

1572864:EtdY60ttSBzbGcovkPUJGSmbKn5gFPEoO3ruJpAkgYtJQhf6CyBWerZ:E50yB+JM0ixk3Wx1Jsf6r

Score

7^/10

Malware Config

Targets

- Target
  
  SetupIperius.exe
- Size
  
  64.1MB
- MD5
  
  98d6200fe91cf862a890805e4b89042b
- SHA1
  
  48f928d5d9b659a91ed8cd01a27057a37ea1c2ab
- SHA256
  
  5020b1bf87b614e1f9897cd35b035a16ac1fe213368d3a843b1dcef631ed15ba
- SHA512
  
  032e637d5cb3f76829a61a368d510c91c76b6585650817cbbbfd022aa2dcd545c40da064fe7c8e84cfc81c8e59c3811290faf73871ad7e4f75e71bf21939bfe4
- SSDEEP
  
  1572864:hdjwYSAAhb2lT3gRSgxojDqI+1bZ9c0sHZdAEQHhuit43nUagA2SUv8V:hjS/bsCVV7HI8BYp3UagQ
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  keygen-tsrh/Iiperiusbackup_4_x_x.exe
- Size
  
  17KB
- MD5
  
  a1c3ee102978546583a37134882b0373
- SHA1
  
  a9526a4a0079dec6e1315df4c426277e47fff84d
- SHA256
  
  273d99011960a7801cc8b5d4b00605a97a8c6382e2312593b612c94b2ac96360
- SHA512
  
  13cae3a0c612097ddcf17b36168e21681e1979fd4e6732c00334abc1bedbaff444698af79b118e422055186427077da25f368c98afd855209b90b116842e86e4
- SSDEEP
  
  192:aq+sz6K5YbgsVBfNzOKy4ugu+idXpQwrQgp84K:a2UB1VwpQwrQg0
Score

1^/10
behavioral3 behavioral4
- Target
  
  keygen-tsrh/file_id.diz
- Size
  
  345B
- MD5
  
  18658a3420dc531e0292d6bfca2876eb
- SHA1
  
  dbb013541fb56ddc58eae1e4b13b9c0091a80412
- SHA256
  
  f5c128b4c4fbefaf8a1c42d755a7cf1aa55b2be9c114fd4585e840a49d49e367
- SHA512
  
  bdf85a60b27e18d5df883ade9d6da9b45c877befe797d21bcc905d87fb7bd603a637254cdb1ae0710392e7ec4afc50e233e88244de7160acbcc69291f1467a4f
Score

3^/10
behavioral5 behavioral6
- Target
  
  keygen-tsrh/tsrh.nfo
- Size
  
  9KB
- MD5
  
  67eefa960d6ed9613a57097c5a51e2e9
- SHA1
  
  82238f5e9f43e78d4de31f60e042e536da4f6a8f
- SHA256
  
  aabeda08e91e817dd278e2eafdb38cd22a7754fafa654757aeb30def47d7283d
- SHA512
  
  334d467f0c309b1999b92363be6d736ae6b22abf3cc8df3d48857a8e8bfc5b95efc211ec09bb7783f4c01e4850f0472c510871928280a4f4e7d9145723937cff
- SSDEEP
  
  48:SKJY1DdV8KtRnFiUGq/difmXA28HJoY4jA0gZxo/5oh/do6Z9kwLn6X8oXR4jCp6:uSQFxYfmWH74jA7ZG/e/PLnqVqVpzT
Score

1^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8