ab5ac412a81f55e6fa6b35db8ab575a0171985c1f24cafae597947bc9fee8374 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

UDWoof 2.1.1-20230605T162318Z-001.zip
Size

88KB
Sample

230605-txxhwahf33
MD5

0dbbe3be64fc1cf98ee907ef8d2e72b9
SHA1

f3e598cc0e0253f7e0172a3ac5f049c0fb2cc4b7
SHA256

ab5ac412a81f55e6fa6b35db8ab575a0171985c1f24cafae597947bc9fee8374
SHA512

652a44b357caa93891f5e117fa2e80d4ea2ffa8cea559119cbd367f14eefbc345800310c257b7012acd5e101af9a43f61fc767646f80c586d6e641127aed5bc3
SSDEEP

1536:+A4dgOMHbzodUG0SSQaHXZvxvQUsnRz4QeAIapPwu/N43xdxDumWaQuPe1kzQ86B:+AkgFIdU6SQk34UsnRzzx5GhO08dyph4

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  UDWoof 2.1.1-20230605T162318Z-001.zip
- Size
  
  88KB
- MD5
  
  0dbbe3be64fc1cf98ee907ef8d2e72b9
- SHA1
  
  f3e598cc0e0253f7e0172a3ac5f049c0fb2cc4b7
- SHA256
  
  ab5ac412a81f55e6fa6b35db8ab575a0171985c1f24cafae597947bc9fee8374
- SHA512
  
  652a44b357caa93891f5e117fa2e80d4ea2ffa8cea559119cbd367f14eefbc345800310c257b7012acd5e101af9a43f61fc767646f80c586d6e641127aed5bc3
- SSDEEP
  
  1536:+A4dgOMHbzodUG0SSQaHXZvxvQUsnRz4QeAIapPwu/N43xdxDumWaQuPe1kzQ86B:+AkgFIdU6SQk34UsnRzzx5GhO08dyph4
Score

1^/10
behavioral1 behavioral2
- Target
  
  UDWoof 2.1.1/DeepClean (dels some files).bat
- Size
  
  902KB
- MD5
  
  602ac0bd731b2615933dde1442e96ff7
- SHA1
  
  586be9b5bb086aa301eea7df5ee998390756b912
- SHA256
  
  97c781dfaa813232a8d13f7dcdfd1490f355ab85823b2cd73b9dd259d3a1ad07
- SHA512
  
  d5cee12b3c99cae442808c463636faa0f96cdae24d6caff13fd5e27a40f74ce58cd15f43430d5ebd15d968588d491dee17bb31b3f7c19ed7d55e2882a25d30eb
- SSDEEP
  
  3072:kOW9mafKzoz3g8gzRnvplYSc5mzozEzoz6zozn:5ykyuykyn
Score

8^/10

evasion
- Stops running service(s)
  evasion
- Deletes itself
behavioral3 behavioral4
- Target
  
  UDWoof 2.1.1/TUTORIAL (README).txt
- Size
  
  363B
- MD5
  
  19dca197e6fbc8d991a46bd8b16167fa
- SHA1
  
  d8de801624a5eced99f070a1fa62ac805e4f2f49
- SHA256
  
  2f0e75be99a3e1f90d1d840da627643e6dbf33b085b863744da5bae6cff1934f
- SHA512
  
  eab3201d8ab98808584711e10e718a23eb00778076be4303af55a0e2c31e638d8ef2641cd4f348baaac3115872faa12a627ee7ee802f893a16f08e8549a5d2fc
Score

1^/10
behavioral5 behavioral6
- Target
  
  UDWoof 2.1.1/hwid_spoofer.sys
- Size
  
  13KB
- MD5
  
  58084c38b12c40b02980688fe5fdc8e1
- SHA1
  
  09c6b2c455daf9208bf9074350755d5e04f3456e
- SHA256
  
  15615a245bdb932e0b4f7f71f02f36538a155b84dda8920caa458b535d2e1b3a
- SHA512
  
  7be17fcf69c637263a8554a2a58c911e842cc6b4c824c7a874a464e5c9e70cba42ecc4bc3f757af082220d44b5a9cc54a6ea41fc21fac442bf656f0fcf3fd1ee
- SSDEEP
  
  192:80e/OXjvcX4G0dHYAsIpuyyKvOBiSdlYDkfp8iG6tYcv9LqBC:XeMv24GTmvOzlYDkf685VLqBC
Score

1^/10
behavioral7 behavioral8

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Impair Defenses

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8