8368f4e0dd1afa3390c1bb72eb17eb1804be9fa4fffb4e7d5a6119e0d7367943 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Downloads.zip
Size

22.7MB
Sample

230415-3kjwpagb53
MD5

818fe49f8169a4b09aa1d7ca1b0590be
SHA1

7d27552d0a2a482bb0327a214839b32bba438938
SHA256

8368f4e0dd1afa3390c1bb72eb17eb1804be9fa4fffb4e7d5a6119e0d7367943
SHA512

e9ab83f40786d0a2bd6b879e80333155a1e54f7eff0434c80cc4621393600642582d6e48b81fdfbc4792650ebf4818bf3d034fd38f0d1412383af9bd08ed8300
SSDEEP

393216:T1VCSoBugkLlArRg4E46JeK8Bqaqu0cAQmcKCey9Jl3AUDU9XDDnh7qe1k2Dofl9:JNomL2rdV6MK8BvrAQLKCeQ+zJ7p1GL

Score

7^/10

pyinstaller

Malware Config

Targets

- Target
  
  Downloads/AnyDesk.exe
- Size
  
  3.7MB
- MD5
  
  871eb4b8aefaea1113dd3f08b7cb535c
- SHA1
  
  441a52f0112da187244eeec5b24a79f40cc17d47
- SHA256
  
  aea8f85e569443a8c00b94fa19b5155b9122183f05bedfdcdccd1d18451760fd
- SHA512
  
  64e81e1f4975f8f4571edaed80acce93a06abe4feee2858dafe9f0275edd4734d12c6b7987eb3b9cca84c3e071b0423656a4c8568b9bafd48e3cfadf2dbc5277
- SSDEEP
  
  98304:bJ9toRH4BY81fY8i2k5x2Vy5nkvusNFl0K9xdo:bfee2Gtu/GusNf0ax6
Score

3^/10
behavioral1 behavioral2
- Target
  
  Downloads/netscan/PCHunter (cr)/PC_H_n_cr_64.exe
- Size
  
  6.9MB
- MD5
  
  5b7b962c06e3f26103cc6ed442ccf2d1
- SHA1
  
  eb42eeb56f0ae50dcfa81a2d45b32c5ee1c1ea68
- SHA256
  
  f91e5dfb25efb2984ea22e7080d35801976dde7580143ffe1ef1292536faff14
- SHA512
  
  d901bf716cbcc6bfc578a93ec6b27bb6fb6280d957a3d3d3a2d73af4075981ecc093b8d1a6f23e344daee52aa75c37437cc1dbcf9f88d8ae9487bac226a558d2
- SSDEEP
  
  196608:oHKJNQwFzoCtFrJMclbZyycGaMUGneXeaXR2RlubUP:oHKJ+wFzoCtFrJvxZafbXLCUbUP
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral3 behavioral4
- Target
  
  Downloads/netscan/PCHunter (cr)/datetime.exe
- Size
  
  6.6MB
- MD5
  
  571b574c50341b4b8adaae00b9f6884f
- SHA1
  
  8d66e4eb1fa67708dd36f39bec97b9a4377ddae4
- SHA256
  
  ad4abf419f4e39e78770e5bfdea1f58b178745953bc0a695ad251bd077366976
- SHA512
  
  ddc62e608718ab845b77c547abe0df43ebb9dd171859a95f652efe0f532c901d771eec08a572b0985764dcd210927aaf7499bc6bcb4ca1983940e82388bc0ea5
- SSDEEP
  
  196608:gNooqdQmRrdA6lsuErSEEJwdFt1LOzYPQZoi:b9dQOls+9JIOz3t
Score

7^/10
- Loads dropped DLL
behavioral5 behavioral6
- Target
  
  Downloads/netscan/netscan.exe
- Size
  
  10.2MB
- MD5
  
  ba8763fc59d73b28b070cb6eb393aa83
- SHA1
  
  ee682488fe843d8bb826854d23b2cea73fad4969
- SHA256
  
  fb9f9734d7966d6bc15cce5150abb63aadd4223924800f0b90dc07a311fb0a7e
- SHA512
  
  512e5cfba7e35708604944fd044a1a1a75ad0e39fa8623ec0f344f6cd31a2570688e272846273ff8330f9d505a17e840825bfc4cde8936e5a5febf9891e023e8
- SSDEEP
  
  98304:8ZBIX/1XITWNFul+5cGidn8KSG9ftA+GdiaNcoYPW7yFMCZePzot+:I+Al+unU2+LYaWPyCwPE+
Score

1^/10
behavioral7 behavioral8
- Target
  
  Downloads/windows.exe
- Size
  
  33KB
- MD5
  
  3ce7cdbeaa2e5d51613f4ebba9131eb1
- SHA1
  
  edde61c895059af2632a2b518f40e8d39d5a16a6
- SHA256
  
  23c2ae8af8c09f82c4dc15b1e8181d6f9e946235937803a136f5f10ceba31264
- SHA512
  
  a07baa853d0cdf807952d5c15e57e0f9752743a6e614989aaa3fbb0e45b1b53bda922511643e4b3b4f672804e29a6277eb77cf9c937ce38da19b1b26d11555b8
- SSDEEP
  
  384:fnD2E4faBx6/fwfoAyrZ4NIi1xOmAhvLC3t6p5/QfP1bMhgW++fDmft+t7yN0eWh:fD2E4EYSoENIXCdM5/ibMZ+HB8t3oAv
Score

1^/10
behavioral10 behavioral9

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10