708c3a754f66c7ea424f1853f6076fd19434f729efff1c7ca5f68c76648f9ca3

Sharing

Copy URL

Twitter E-mail

General

Target

CCDISK FULL 2021.02.19 pass_w..w..0016.rar
Size

10.1MB
Sample

230311-rgh97sbg2s
MD5

88d1565da4233220d350a06f44118ae3
SHA1

e33ddfe8839e963955412c412946f129496e7c1c
SHA256

708c3a754f66c7ea424f1853f6076fd19434f729efff1c7ca5f68c76648f9ca3
SHA512

06900e11183e3c405a69528198c83f3596145d0bca0280d1be694743f95d870da1b5ab9b5be14b30c04a7e0b1b32bbefd3f1fa4d75e14cd2d357f41441f6fcc9
SSDEEP

196608:Bp25qN/5GdLo2Mqn7+rof2ZVQ4QNDUdItSskeiqAOtiRD+3B3:BHN/5G5vVniUf2XQ40UdItDJJtiREB3

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  CCDisk (v2021.02.19)/Crack_HK.rar
- Size
  
  6.1MB
- MD5
  
  de194d6dcbc714281fdbbc688a19db9e
- SHA1
  
  af297fe15e686b5d986c9cf2d4663d9741bc986a
- SHA256
  
  9b0ce01ccefd1b7b90868e3e5ac81aadc19fab7dc7ff7154071558dbce0a77a4
- SHA512
  
  419308eae37f5189d982b8e1311f038ba93844c6ac41c3741234726e6f22fa8feb22deccacac311b52c4934cc007c6b65d6e43143ff2d47843fa7899cc415c46
- SSDEEP
  
  196608:Z1JzXRqlEn8ml3RfFWyLDBzo4dhACs8nP:Z1JzMo82TFzo4psw
Score

3^/10
behavioral1 behavioral2
- Target
  
  Crack_HK.zip
- Size
  
  6.1MB
- MD5
  
  b758b483c53af320e2585991b65cd2d9
- SHA1
  
  1b537b71ff1afe5787492141682551650883bbfb
- SHA256
  
  1408d798dd57c889f4742819a33d1abf4969229acf6dbf118c2c9214a5228bd0
- SHA512
  
  19f58232d6ca98abb9cd320ae2c71d43710028dea29f14da63468fbaae283dd35d9e9e4590d13e6449ee9bd78df46bec9570cc2fc012f82a89b29f7352e7f36e
- SSDEEP
  
  196608:F1JzXRqlEn8ml3RfFWyLDBzo4dhACs8nT:F1JzMo82TFzo4ps0
Score

1^/10
behavioral3 behavioral4
- Target
  
  Crack_HK/CCDisk.exe
- Size
  
  8.3MB
- MD5
  
  65880a8f779eb94c081ce381ed83310b
- SHA1
  
  c3209593839b20370c7f85d5f428f705d9b808dd
- SHA256
  
  219dbfa799298bd99183d1a8674f6bd835174bcd8cfbe60de18f898c3b0e6183
- SHA512
  
  e3099d4af8e68a9cc63f5f0ce86507b91c2227130df6738380f335806b9771efd7901a38e7585069ba65456cfa24c397e2977e70a85bb22ef306f1709a0b14fa
- SSDEEP
  
  196608:qlsyv38jNWpeCcykc+ZiQ/ZGzf84hSuRSYpnsNeWy:ssyQWpeRyoZZx4f84k1YseW
Score

8^/10

persistence
- Drops file in Drivers directory
- Adds Run key to start application
  persistence
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral5 behavioral6
- Target
  
  Crack_HK/CCDisk.ini
- Size
  
  203B
- MD5
  
  69f6c720781a3341e0e9d69dec695bd6
- SHA1
  
  06e5a16954c9b66197f9513f50e76f17caa9ab86
- SHA256
  
  99b39f182aec58c1a31bb550eddaa7d54409b594258b646871d578b1dd648400
- SHA512
  
  900967e02ebb46d30581813d40b31b7000c7ddf149b8b8c2e9f550199a3e614f4594523233479ecb2c481a154442db3dea4bf503eb8ce4d490cc3d8fcea0fd0a
Score

1^/10
behavioral7 behavioral8
- Target
  
  Crack_HK/CCacheX.dll
- Size
  
  354KB
- MD5
  
  f6e6293f35df9b8caa1ac6863262b1fb
- SHA1
  
  c1d9022f13c3bff372d5dbd9539da1ead1efbc93
- SHA256
  
  344020c8846614c427738f1e7c1448a8cb375d6dfafc55e86eb2fe5d31a35465
- SHA512
  
  54e887cda37c8a58d783518806831759624302f7d6de509ddfa67bd57054bd0c6d0ec97901794302eed32b1a96aa1814fa48d9d7526a606fe13f01aa073d353a
- SSDEEP
  
  6144:YxhV7A6U0WbLuJI9zVVrzNQsSx11XwUsUNF/WLqm6XDNNekjqz:Yx/7t9WbLkizLrzKuUo8XD+Kqz
Score

3^/10
behavioral10 behavioral9
- Target
  
  Crack_HK/db.xml
- Size
  
  456B
- MD5
  
  01fb5a7568b821eb1e91a270b8b7d39f
- SHA1
  
  e5a73ed9622652466b25440ddc81dcb54883c249
- SHA256
  
  bb48eca39212f71af10838c9a906e68bcdfed94515ab8c23f9cee5c80c55005e
- SHA512
  
  9ec6a63982c9c6ee08b6979d77f428aa83cd32f36973fa830af2209f776e9ec9c504afd61ce5283c922413dbbeb8dae1a6bbece4fc3ec079464f96c6612341e4
Score

1^/10
behavioral11 behavioral12
- Target
  
  CCDisk (v2021.02.19)/STOP_ALL.bat
- Size
  
  226B
- MD5
  
  8b9abbd78e36c4469d8e64f5ca425917
- SHA1
  
  aaa5d00f34e29b83fa02d8dcac56d821eb1a70bc
- SHA256
  
  7c7ab179f5761666b1ea88917f0765d0bc043077fe09b64407f11f148a420f8e
- SHA512
  
  03da1c42a86b02514e82c4490705d55f5f2909bbff60795ed275b335fcef2c5884b66003962b0e23bd49a04437fcd9a8c32aa118400b4109c49506c5b65e96ae
Score

1^/10
behavioral13 behavioral14
- Target
  
  CCDisk (v2021.02.19)/ccdisksetup.exe
- Size
  
  4.0MB
- MD5
  
  dee9faa70dd7776cb8f21e4de5e908ca
- SHA1
  
  1dd6c2d94f55fa7955f61f845741af981021e368
- SHA256
  
  acbdef532ec5dfab992396e07b8d4c86597d567d805c8855184e0523c169f1cc
- SHA512
  
  ae1222ab83f881527ebcff24870d83632b9c69cf14adfe891b3788b3a4ef2fa09494508902244f8b539c872165f8f6612108ebac6a874266b42fbc72bdc6991d
- SSDEEP
  
  98304:C9OYMNeGvmsrRsusL43x/JW/IB5+JiPZ3lgoT:2yeGvmsrKj43xB6I2Ex3n
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral15 behavioral16

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Drops file in Drivers directory

Adds Run key to start application

Suspicious use of NtSetInformationThreadHideFromDebugger

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16