50d248d7401ad61f56115c032e60c2ec6a1a844f30293ec80577f8131acdfa88

Sharing

Copy URL

Twitter E-mail

General

Target

UXTU.zip
Size

28.9MB
Sample

230528-w47zasgb43
MD5

048da8c1ecebc9ba2d0988526636ce58
SHA1

703de34fc80e65940f042f88d1ca090a823aaf7f
SHA256

50d248d7401ad61f56115c032e60c2ec6a1a844f30293ec80577f8131acdfa88
SHA512

dfa8a94ae0484e2420106e538d33690df9116326ec03ae2fd7e9fe8aa1a4799b0018ee72e5f85d3c4accd59bff09069baea276433de5339f95ab1ddd39332e63
SSDEEP

786432:hEGFK4NCPfIT9QA5ckST3w3kvsvvk4nvN:hE14NCn/IckA8kv2nvN

Score

8^/10

Malware Config

Targets

- Target
  
  UXTU/AudioSwitcher.AudioApi.CoreAudio.dll
- Size
  
  76KB
- MD5
  
  1a3571119038a479c298097087635803
- SHA1
  
  95daf8034c518a52639fb845aad28bec57fd5cd3
- SHA256
  
  f496f74f48f3dbb499474ef0a06894079087871342b3e3bc254c5903e4aebf91
- SHA512
  
  d534bc4117a3ed5ce0a14f6658679b75a05453a41522d6307af4e0ab3bbee7049f70671a50db7dc3804fe5f6ccb6a4496f1a316222eab076deb6d39ac93c4c43
- SSDEEP
  
  1536:QlhKei7+LjzyJmJtJhendwV61ncQmlp/bV:Qo7+3zcndwIncQM/bV
Score

1^/10
behavioral1
- Target
  
  UXTU/AudioSwitcher.AudioApi.dll
- Size
  
  40KB
- MD5
  
  3f88b41942ec020c9b66f464b3d1c899
- SHA1
  
  a846f0855d5250dc4dda9d3c37f6862e93ebc802
- SHA256
  
  26ff364fca496ee1093de596645c86731c156d81d026b5d020de46b0df053513
- SHA512
  
  dffe0b98033258ba3e58c43bf4e17e280ffb44c0d3c7a5b1c58761acc0ec2e4c30a035bae6df220c5ec07c641d494ccb135bc7b75977021dc2059f2e4e735af0
- SSDEEP
  
  384:iFo07NXH3jI8tRM1sGyfPodV/FU92983yggIwFTIVk1yUsUg43prF7RfrEEJvHQb:iG07NDI2ql8PQVtd83p40VoFtsT5h
Score

1^/10
behavioral2
- Target
  
  UXTU/Dia2Lib.dll
- Size
  
  57KB
- MD5
  
  be6474b726207994decdc22e84936a3c
- SHA1
  
  ea1d16f16de16b29a576a1b5cc4baa31bc5db9bb
- SHA256
  
  6c4cac68010fe032218efe5e9fcf46eef9f77bfaa5f3bd33f03c5ff77d5a8fac
- SHA512
  
  d204240213a0b509101ae3c9b691e9f6a141946cf3284244f56314183c84d24c1cdaa28661444fb8e1dc018e24f8aae4505c35f9994e368032a9913c9de8ff59
- SSDEEP
  
  768:MQMT4Q3O9ymyKJcy3Xs3y4rV50sds8SzUwHhvoVi+CLr0:dQCye14oGs8SNhgVVAA
Score

1^/10
behavioral3
- Target
  
  UXTU/HidSharp.dll
- Size
  
  236KB
- MD5
  
  8d3eb299f8447b633334d1c426a2f0f7
- SHA1
  
  8497ae75f2dd9271d9158a27250288905e8cca28
- SHA256
  
  8c58e5fba22acc751032dfe97ce633e4f8a4c96089749bf316d55283b36649c2
- SHA512
  
  e1b65393bc4c338a23e31ddee7071129aa70597b651c51c07b90e6d93d5d67e45f7715e0fe034c3508df4f2196f37360b2e07969036370b0a6170b0d8627cdfa
- SSDEEP
  
  3072:ct5N7ozr/ES/jKLCPuamzT/n3yJ/TLSIIeTnImstJr39ipdDnVnc0CK9MaCr6HGo:60zzZ/eLrJ/nkrIR3EpdnFp1MEGdZY
Score

1^/10
behavioral4
- Target
  
  UXTU/InstallDriver.exe
- Size
  
  48KB
- MD5
  
  f25a0a82ad1eefd4becd6f034c078dbc
- SHA1
  
  75c1063c318bd528b90e8a29bfc419beb1d35654
- SHA256
  
  2f6cef951a937f898ff24bc6adcdffb321b55fd3d21769ca9580e0233bbeed5a
- SHA512
  
  5d16a06664a22d95b4a9c553608456e1e9499c72db3fa76e429e3e3da83c9af589fa76f0b66c867976d71b26c4c6d5cc67afb1d0861af3751852368e5d7c7e3b
- SSDEEP
  
  768:zsfqbtPnPlt0RBNxamrr1A081ZadarUq3XEOgbtwg:FbFP/0D3DriT18w1etwg
Score

8^/10
- Drops file in Drivers directory
behavioral5
- Target
  
  UXTU/LibreHardwareMonitorLib.dll
- Size
  
  700KB
- MD5
  
  407e6e89b4e0247fdcc1fca64c720482
- SHA1
  
  0a03117157857dd3daa1abc706d653afbe40ab1f
- SHA256
  
  5caee64378881ab138b4849fa3f4d89485995b6af6ea70144e635e5750c4dea5
- SHA512
  
  e8fa7644172c125974c57963fcdee45c2b5f325d49e6564202f150b6602b1b44988ef2cedd650762b46a2ab859e11c09fe89bf5b22e804fe801e6ccccdfb0982
- SSDEEP
  
  6144:qswDuEfRV0ueb+OL+8XfLKVvx4PWxzKBFyO+ZgrGiseV6DJlW2FWdZQtxHAjfb4g:bKzKBW9ise8rxHKb4fu0CGYp
Score

1^/10
behavioral6
- Target
  
  UXTU/Microsoft.Diagnostics.FastSerialization.dll
- Size
  
  73KB
- MD5
  
  c5539a6d55eb73eb48de8605cb7f614a
- SHA1
  
  b90e65ce24596e8627b68ff72a1ba53bbec740bb
- SHA256
  
  1ed0f1fa26e392be9bec3c761212c6fc65e2928980a69f565c753662ca2620c5
- SHA512
  
  b526c021251985315dad7d2fc56937e5c00d44a4202c165a238ed933257bf9f1ef72d2db0c5b0e460e2fe36c077efa22b41af4fb4c0d90239602cb0212846b86
- SSDEEP
  
  1536:fGQVb8A9ZQWU8ok2qGhxkJAsSSQ11BJQZLa1Vzuk:fGkb8A9ZQWU8ojIAQQ11BJQZLaX
Score

1^/10
behavioral7
- Target
  
  UXTU/Microsoft.Diagnostics.Tracing.TraceEvent.dll
- Size
  
  2.9MB
- MD5
  
  c5e52621596660b8eb003e7563cb1f1d
- SHA1
  
  8b65950c35d27ce8fb2463db01b387c50eca5169
- SHA256
  
  00004951cb36aadde17fafdf71f671190334ab51a0f9298c758444a19845f806
- SHA512
  
  4796a1991618e97559ce2c4ea1418301476eaad370cc14f212aa8268a7df80c5609fe2f2bf7f2fcc247f4e50502710c44eed66a044a42b5166fd3941cf53cde0
- SSDEEP
  
  24576:l7+yd1Xe/xTIoZ9P2xcF3AFrIvUbSZTHt1hlnH2azlDycdDriRG3DB:5+ya/xTNZ9Pn3AFrY2ahDyj
Score

1^/10
behavioral8
- Target
  
  UXTU/Microsoft.Win32.TaskScheduler.dll
- Size
  
  326KB
- MD5
  
  a844ac745a4005fbd3f51d79ff88583c
- SHA1
  
  92671774fd4be9781a77d2788a8dddbf8981ead5
- SHA256
  
  74fe1a6a1e36be7d893e31bbb4d4bd83bf4b927e715276cd5607982139818ebd
- SHA512
  
  5f0734058d9146ffeb552abf443df5097cf134a4737bed499467830e08d97f5d1996c1f1647c5c12289ca4d4209effd480010afebc59d50290d4ca7d45bb41f8
- SSDEEP
  
  3072:o1sSJApTSnQU/x0ImhuDzHfs4zbYOjujDRfygDgKQINXLLHIaKlay8weCycJ5Dfm:o1sSmRIt/xhtsOju1DH5NXnIKAc
Score

1^/10
behavioral9
- Target
  
  UXTU/OSExtensions.dll
- Size
  
  25KB
- MD5
  
  8e2701fa04c2f1739a043d92f1b73144
- SHA1
  
  bb2acb9d74048f40d22b45a8399ba883240a06f8
- SHA256
  
  baa6f35d01ed3a99983ff252f491345623ba4ecbf792f2e18052f2cfc22ec537
- SHA512
  
  7cc4de3adb0a4f63f794eceace7d2f78f2e3529ff389f4e7e8c45b40a3c48a4923d0e396f5077f37ea94ae5e9c83c3434a9e1376277233be798d829d484df2d1
- SSDEEP
  
  384:FxwBEoAtX0DEh9Aq5vyQaifxsFG3jqTl6Kczfe59nLs1WXk7HRN7eWTKAR9zxCZP:Y8toEhraBUHj4oe5tLs6AeW289zKP
Score

1^/10
behavioral10
- Target
  
  UXTU/SharpDX.XInput.dll
- Size
  
  13KB
- MD5
  
  3aa932318beb4a089726ba441b9f66f0
- SHA1
  
  a09a691671e4d43f926e13ea5b4887932a674f5c
- SHA256
  
  b4808043d91f93f31369ade5e40b5d1016c527956c7868602d00e51482e34e33
- SHA512
  
  6e452e4c84647c556e29a4927f79ecbf1df861eeb2ec276ce49528bd432ecefd51220d0bb871d62394b1f2c4864af17a92e4bc98d6ab536c2cc06a272f80de74
- SSDEEP
  
  384:aqGDz2M2x43EKnwnKxlEbYy5REZk6EZZ:aqOz2M2m3Fy5qTQ
Score

1^/10
behavioral11
- Target
  
  UXTU/SharpDX.dll
- Size
  
  268KB
- MD5
  
  c52a44933d17d576d4c97b4cb0545841
- SHA1
  
  092696fdcc034910aa02c94a5c93f4e1e86e0c50
- SHA256
  
  a0af255ea4b09a8cdb995b8c6fd1075e46f098e23c2351c974e6ded9b8b620cf
- SHA512
  
  8273ddb86a54c4834d469bbc856d1793c86f2577e21411f30083d4e597427170fd9ca38da2e86f081d284043d5ea4a6d3330037eededd17e37aa885927d0a76d
- SSDEEP
  
  6144:IyfsmUCs3Zchh2UBSFKu033XbEUsHBEAT0C:Iy7UCs3Z22UXuwbkHBX
Score

1^/10
behavioral12
- Target
  
  UXTU/System.CodeDom.dll
- Size
  
  31KB
- MD5
  
  bcd6daae1022cbe0c86da778cb874b6c
- SHA1
  
  0c696ca7f7a0ae7f6c749c6376d61f79a56bf82c
- SHA256
  
  d4047cdc0c372b06afc9cbed39b717fac18dced723e5851806a19f1bf42de1a3
- SHA512
  
  eab2278ffac26b21df01fad86eb7747bae59706f854e4bc86efe536904210258bfdd79aae1090d25de40fa8852c23844cf8ddea6c487cd6221e30bf8174083b2
- SSDEEP
  
  768:/ccaU602gaB3EqYChzZpXc2uo0hGJm9zWAw:EcaGsYCh1pX0o0PzWAw
Score

1^/10
behavioral13
- Target
  
  UXTU/System.Runtime.CompilerServices.Unsafe.dll
- Size
  
  17KB
- MD5
  
  c610e828b54001574d86dd2ed730e392
- SHA1
  
  180a7baafbc820a838bbaca434032d9d33cceebe
- SHA256
  
  37768488e8ef45729bc7d9a2677633c6450042975bb96516e186da6cb9cd0dcf
- SHA512
  
  441610d2b9f841d25494d7c82222d07e1d443b0da07f0cf735c25ec82f6cce99a3f3236872aec38cc4df779e615d22469666066ccefed7fe75982eefada46396
- SSDEEP
  
  384:EybU8ndrbbT9NWB2WL/uPHRN7bhlsQVryo:Ey5ndvWbMPVryo
Score

1^/10
behavioral14
- Target
  
  UXTU/System.Security.AccessControl.dll
- Size
  
  35KB
- MD5
  
  527595c86ad17045a101d567d7d3279f
- SHA1
  
  83014e2a98f7597b9a26e424a0759e5a3d2ecff1
- SHA256
  
  ff14c5f628b9a6798d173aefbba0a43d61e66f715108e2576ac0d3dfab9071d0
- SHA512
  
  9ebaaca1623bc8e2fc8df158f338b5e415670fa53e212bb38771e7e25af9688301cc4aee055c5b64e33f8aa24729ed896e0be8e2dbce54386583c660476c5dda
- SSDEEP
  
  384:zdlIF91FhktexyvaMAdB+w3G5h9MF4YfzMfpcrqmf9wEJqIxVRvFNgfBkyN17xWI:ZlM7Ke5/WBkyN1hhMPS
Score

1^/10
behavioral15
- Target
  
  UXTU/System.ValueTuple.dll
- Size
  
  24KB
- MD5
  
  23ee4302e85013a1eb4324c414d561d5
- SHA1
  
  d1664731719e85aad7a2273685d77feb0204ec98
- SHA256
  
  e905d102585b22c6df04f219af5cbdbfa7bc165979e9788b62df6dcc165e10f4
- SHA512
  
  6b223ce7f580a40a8864a762e3d5cccf1d34a554847787551e8a5d4d05d7f7a5f116f2de8a1c793f327a64d23570228c6e3648a541dd52f93d58f8f243591e32
- SSDEEP
  
  384:VyPa16oAL4D+wW9IWmDIW4IWYDMFm0GftpBjMIraQHRN7VlmTpF0:VWs6oqDjADKeDYViG+LN
Score

1^/10
behavioral16
- Target
  
  UXTU/TraceReloggerLib.dll
- Size
  
  22KB
- MD5
  
  63d53278de054ac54da51d94d2bc0c9f
- SHA1
  
  66eefa94909b3d8e2ed0f1d366c27d9b261c1a7b
- SHA256
  
  6830c0f1d3f3c17719181e73dd5cfa8ccbb3f3c575329d2120576545103467b5
- SHA512
  
  45aafdc6d20f6eb49f149e6c5fc3930d78d06169c95ab87f7b2aefb13cda1e9072ce7bf5d9d7a07483972ba9d87f7ee98fcf6cd543fa44c46fad49d0a9fd516f
- SSDEEP
  
  384:PoMeAKyr1jSC6JW1m0GftpBjyMi5aQHRN7vzslD161Y7PW:PoMbKK1OBQVidi5LL10W
Score

1^/10
behavioral17
- Target
  
  UXTU/Universal x86 Tuning Utility.exe
- Size
  
  528KB
- MD5
  
  2485703b2294d30e34f3e6dcb0213cad
- SHA1
  
  9f376d32f02d3a1dac9ba27eb4e2d6c1c17fcd8f
- SHA256
  
  5ed0e79ebdfc1c16037480ed46bf232d2a4d1a224d8e96103236afd94cdc5638
- SHA512
  
  251b8a7f997f0daa48da75179073fcd07d46200a14a33effbb189d401a476289899d4bf6b166163e97f4846d503d6f7f9916aef63d9b1331f759a1db0b440dcb
- SSDEEP
  
  6144:eaU+lDiXHgGKQsmKyMkVbVvHYYOmEC9KJ1o4p66knJ1o4GwN8XcN01ZWSy/oZYJB:6XHPKQsx+vjEWK3p66kn3GLMOm93
Score

7^/10

microsoft phishing
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Detected potential entity reuse from brand microsoft.
  phishing microsoft
behavioral18
- Target
  
  UXTU/WinRing0x64.dll
- Size
  
  61KB
- MD5
  
  eb31c77ef331ec4cbf7262cda4d1233a
- SHA1
  
  ffeb0f08f18a4eca1bf8c4e827f9111ae3c64716
- SHA256
  
  a746fd5728e7485f741cc330a279674bc8590b1b8007d8614046c49f58698485
- SHA512
  
  b1143d419e278c1b09ad5d750d5dea1fa95ffaec1c0ee7d9c0d7160929981e1b5815fd45d6e0f8ab7aff1cae4518cb4baf1ed69441a040bb584024c99aaea0d0
- SSDEEP
  
  1536:7Vz2GiL9ZooLCYtdm2R6CKQlqlLLuNsCMku1fT:Pw9ZooftdLTKBLLAsCMkk
Score

1^/10
behavioral19
- Target
  
  UXTU/WinRing0x64.sys
- Size
  
  14KB
- MD5
  
  0c0195c48b6b8582fa6f6373032118da
- SHA1
  
  d25340ae8e92a6d29f599fef426a2bc1b5217299
- SHA256
  
  11bd2c9f9e2397c9a16e0990e4ed2cf0679498fe0fd418a3dfdac60b5c160ee5
- SHA512
  
  ab28e99659f219fec553155a0810de90f0c5b07dc9b66bda86d7686499fb0ec5fddeb7cd7a3c5b77dccb5e865f2715c2d81f4d40df4431c92ac7860c7e01720d
- SSDEEP
  
  192:nqjKhp+GQvzj3i+5T9oGYJh1wAoxhSF6OOoe068jSJUbueq1H2PIP0:qjKL+v/y+5TWGYOf2OJ06dUb+pQ
Score

1^/10
behavioral20
- Target
  
  UXTU/Xceed.Wpf.AvalonDock.Themes.Aero.dll
- Size
  
  85KB
- MD5
  
  c7913647a8e8817757782b85a67022a3
- SHA1
  
  43c90f9218ad1d56a0beb0a280525828eb141798
- SHA256
  
  661687f04a42030ece1508868e13ae1682ba947d2146f437d8ed03443d657051
- SHA512
  
  ae15e7439e79b46e5815ba0ce1a1f24c798d5848492d52ce2648b906a88753378b5942abeba0ac1ca90b3016a33fd734ce015bfdcd9c7d7d50a22b94d07bc6b9
- SSDEEP
  
  1536:Gr4GJ/yox7dMEmjVWm+NdXYoAv/yCJnjtZthvlQiQaNtPTATK5wsx8NTNf8McZOu:GzJ/yox7dMEmjVWm+NdXYoAv/yCJjtZJ
Score

1^/10
behavioral21
- Target
  
  UXTU/Xceed.Wpf.AvalonDock.Themes.Metro.dll
- Size
  
  77KB
- MD5
  
  8c16751767340d0890a9ada3cce28936
- SHA1
  
  24f5e2319e3ce2d2d211d76ad0a2f3863bbc3caa
- SHA256
  
  df860b57162fbce89187cd01dca7a614924ce0b8f265705f2f0a34bea9cd076a
- SHA512
  
  1598d14f662f6d7341d5896619b3e62478db0375039376b6778d863c70e149147bb9a40496a8fc6e9dd9285a8d9b3fed85543241915ecb299d7af1cc844fc126
- SSDEEP
  
  1536:Sfks2HNz9vFPPjJo0bsHMN+AQo+V+kM5yCbX:SR2HNz9vFPPjy0bnN+AQo+0H
Score

1^/10
behavioral22
- Target
  
  UXTU/Xceed.Wpf.AvalonDock.Themes.VS2010.dll
- Size
  
  82KB
- MD5
  
  56734b70fd3bd57c889196145bc151c3
- SHA1
  
  2b69969473ad6a851a28a351073bfbb2ad6fcbac
- SHA256
  
  070a7bf42982a9f2cf2925bd23ddbdd75825b63b6e06561cdc1d582b0f22f9dd
- SHA512
  
  b0ee9805f781714dacd9677765f88f2855c17c51e0708b589f6b76e0ce6838e7c05b2778f991c26af436a008c7533dd95bf32d8e550508006b0eb7fd12eb0164
- SSDEEP
  
  1536:JnfsmzcesTEWSRnqS++gGeqGqPjJo0bshfjcwKD37niMogEw3o5EZwXkHH+DOhl/:JfsmzcesTEWSRnqS++gGeqGqPjy0bwfG
Score

1^/10
behavioral23
- Target
  
  UXTU/Xceed.Wpf.AvalonDock.dll
- Size
  
  438KB
- MD5
  
  161039f1ff12f3a3fbf8ec9ba0b8cecf
- SHA1
  
  f2eaf42c7b078985323cec93f4dfc5261fafd252
- SHA256
  
  311dd6ecf2a3905998977a111df73d5d20a3da7b61d5c33eb73579639a0deab7
- SHA512
  
  55701825e50301a36cc561c1c9de6a74e2952d5d175d4adbe69a5711bbc9aa6da21f255247fd49698bfffa7b6cba02127aa030cbaf841ec43183812e876d16db
- SSDEEP
  
  6144:xWK0ONivTL4hA1QP1kcKBQ+8BnzxeFdX80m6lEBtAWk9+ukMg6U93lsa6BBrdLXx:4oOL4GoPncXLmtjAWkcuz69XMf
Score

1^/10
behavioral24
- Target
  
  UXTU/Xceed.Wpf.Toolkit.dll
- Size
  
  1.1MB
- MD5
  
  57444184b578e63a1cffe05ad426f049
- SHA1
  
  739581b2fd861fd918342453c2f43bc3df9f3808
- SHA256
  
  01470b2096448d6c9083061edc705cc5ce27a98ae2cafcd10ad3563df4c5027f
- SHA512
  
  74c657d0ea8b36f0014671789080ca00fd863961a4c1beb4c04ff8da96425b8d5df9e7f052faf7e289cccd39a2e5ab0a31c8b28a51af8341e06e3d1de851000b
- SSDEEP
  
  24576:XuMgn8KTFmpA8oYorooo95Xooooooo8yTooomoooooI5E+ooooooooooooI5I5oc:XuMgIA8oYorooo95Xooooooo8yTooomJ
Score

1^/10
behavioral25
- Target
  
  UXTU/amd64/KernelTraceControl.dll
- Size
  
  260KB
- MD5
  
  b1c75bf2b5095ac3299403e34d462c4c
- SHA1
  
  e558815bc2c91e67a7f416bb1baf85f82068ff1f
- SHA256
  
  98de2f1de4fb1711688c04e2cb0187bf8c47e627771e8f51329671f296bfc688
- SHA512
  
  653fd18acb07962a5bc865e61a73ac0645a4b70ef2b31ebb0b4cf50e6ccfb1c22eb665db98e9d1b232de6feea3d7254b785ae58946ce1dae090ca1f71475951a
- SSDEEP
  
  6144:/lPLikZqxz9Prt9e1bd6JcAMaLD0qjR0FC4YPHZN:/FmX9e1bd6JcAMq+FpGZ
Score

1^/10
behavioral26
- Target
  
  UXTU/amd64/msdia140.dll
- Size
  
  1.7MB
- MD5
  
  c66b2ffa599c1c5c43f88583f5c36329
- SHA1
  
  fc94c93bf6ada07c58f992c4d635b921e255d747
- SHA256
  
  4ce86cf7f9f142ce94f11b8cb7d795b7b9eeaa64a24df0fa8c9a5fc3a8f26570
- SHA512
  
  46ad83b2d3b639b0aa745b01f90d3154d7adc5aeb0be4fe560bd916c10ad574fd420366b150e907924d18606afd7e1fdd2738d5dd2c3930160aa544159d5fdca
- SSDEEP
  
  24576:hSDHG7NzesaXYLewIMaaQ88U+GbTja2U87N7TT+Qd86:MDGBEIiPb88Km2D7dTQ6
Score

7^/10

persistence
- Registers COM server for autorun
  persistence
behavioral27
- Target
  
  UXTU/amd64/msvcp140.dll
- Size
  
  554KB
- MD5
  
  f3ff13f1e83afec41bca6140030032c8
- SHA1
  
  ac62d2e6b9d454ce43cf6a4b218112f5ad773ad3
- SHA256
  
  92b315040c9cdb42492c8bf19339f95b758dabba6e492263cc00231a4c161f29
- SHA512
  
  140c6ada9ab0b12df00c3ad8420463a4e159d10b0b0a7f4705986de38d21640e39c4bf7e331221ee67459fd0f5872d2d4c5a2dd8236a994927a4d6836bf46e33
- SSDEEP
  
  12288:1k81h3wi9M2OgltEM70X5KvRg6lCEP9pSa29pttcuzQEKZm+jWodEEV8Gmf:1k849pHQEKZm+jWodEEuLf
Score

3^/10
behavioral28
- Target
  
  UXTU/amd64/vcruntime140.dll
- Size
  
  94KB
- MD5
  
  703a2b415437cbb4b03a4c1d1740ab51
- SHA1
  
  87315c86a29012b5af3e3549215c3810514082d4
- SHA256
  
  69ae8da07c71d09728260897375c7f0ddd317499969f32a4a2971967aa1dc9de
- SHA512
  
  c2aa0c9c015e1596fa972de460dc5de9174e96c376d108a6b7651762ca824f032cfc9c69846e837b7f0b6ff6cf0a25708a547fc589f951a96ccd41020016da37
- SSDEEP
  
  1536:tT11/9nhu8HQRC/lYLFy1E0CWtVn3GlD2/becbfQqu2x:t5NF/eLUCnWtVn2lDSbecbftuC
Score

3^/10
behavioral29
- Target
  
  UXTU/amd64/vcruntime140_1.dll
- Size
  
  36KB
- MD5
  
  0a5a6000d04c290978e0a3b00fb89df0
- SHA1
  
  8bb57cda5cd501b9831ccdeb206d46f1bf29b982
- SHA256
  
  67a4a07ee9fa855c7a505d78569f403430d9dc4a06f04ad8dcf55afba4224009
- SHA512
  
  2e77ac55575fe98dd68c339f5310b4acb497c23ae127e08b364c0fe10228d2730adc7379a08f644df26417e9c8b2fed8dac8de7cd505db0462932159943e0e0d
- SSDEEP
  
  384:I7sFi8rEW2UUtAAd928q4qXnU5fBLn8umItRWqoVJtYf45z/U3ZNvVWr9KWj14g0:e8gW2UUt/yXgBLn85aRZoZS4kZiZmo6
Score

3^/10
behavioral30
- Target
  
  UXTU/bin/Notification.exe
- Size
  
  384KB
- MD5
  
  1f77a4194819c57f7d23966e9e5a8f3c
- SHA1
  
  efab4193b16ea3a2af356abdb6dfdade3c8ae836
- SHA256
  
  56761c74fcf14efcff7949fed0d6162aece1d687190751de70b29873125927ed
- SHA512
  
  d8fa3f0eb2abf50007d65eac994ece3697104576358fb8e8788804e11495e9e088390eaa55508f7a0b94b440a3c1c6be41b85eca660818e81c102de6f451a956
- SSDEEP
  
  6144:zJ1o4owYYIQ4gs+b5z+dwfIbQkXZARcE3YyBEi8FSycddn/8qVZ4sLeOJg:z3oIIQc1qfIskpA53Yy8FDcde46sqig
Score

3^/10
behavioral31
- Target
  
  UXTU/bin/intel/RW/Rw.exe
- Size
  
  6.2MB
- MD5
  
  22742c3686026e3d01514c51383eec46
- SHA1
  
  8b363f41f9cf3465b71e6ddcbf326029af3f4f29
- SHA256
  
  6af73063a90f1e1673090e648134d327a26eba033237edd92d789c9d6647a6ed
- SHA512
  
  8dd33c5b347b14a3a1e0ef5fee88f25a88327e363d6a08026c1d67364b8cbd854c5731645cf2970194ad65a0404579d5db8aba6b931932332b32e9ea934f29e6
- SSDEEP
  
  49152:TM/A6HDleD3rbAGH+vccuvBZyTwsBrepWSuFDjKO4XHx6tUtcHyhqe:TM/AODleD3rbAGHqtWh4PDj6qyhqe
Score

8^/10
- Drops file in Drivers directory
behavioral32

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Targets

Drops file in Drivers directory

Checks computer location settings

Detected potential entity reuse from brand microsoft.

Registers COM server for autorun

Drops file in Drivers directory

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32