4f98137a7d8cea117fe163661d28f4a4f8cbdc93187bc21456bc9b9446e18015

Sharing

Copy URL

Twitter E-mail

General

Target

6f58e964634ce4dc1c189e1324ef415a.bin
Size

10.5MB
Sample

230612-ca4j8sba91
MD5

6f58e964634ce4dc1c189e1324ef415a
SHA1

cf08d595ed35eefd2fbd1955301066697f85bf33
SHA256

4f98137a7d8cea117fe163661d28f4a4f8cbdc93187bc21456bc9b9446e18015
SHA512

250b07afe02d12abb9c00e0ddac54302252e9af7e71953e93a0f5a64b7abcfa15bd156b5e197d0a3f49f17d1e29fb307f48bba2c85d510c7911af24fc9fc0eb3
SSDEEP

196608:2vAIDVEz/Bb6g5N1nFv3CLJUM2HBpQVBX64ZEcY2cEy3eagDn9nAhg5/kuTZhRDZ:IAImz/dR5N1FvS+M2HBpqZER2cleagDH

Score

8^/10

evasion vmprotect

Malware Config

Targets

- Target
  
  memenite-master/Run me.bat
- Size
  
  45KB
- MD5
  
  4c3f1f1a63102a7b6f8167a95d2dc975
- SHA1
  
  246d06defdee8289f77ef8f964166c9cf5e9de20
- SHA256
  
  2249ecf66baece44e152eedd9c2e10c9593fdedb22265b1246d096dd323d522b
- SHA512
  
  9e908893e8ad10a537a910092451c9a04f175474bd2e504f1890fab740373cff7fdc5a11240fdfd506c16cfa0e0f5a6104fe706d02d89678c31c8cae9e4fd510
- SSDEEP
  
  384:fuOo+SMS8Sn16d/s16JijVAJ9OSU5RCn3I3k4L1oPunRz+eV5pK/F23aKVed+NUo:mOoKSBL1oP6Rz+Enfdh9YL8oPby
Score

1^/10
behavioral1 behavioral2
- Target
  
  memenite-master/VSTXRAID.SYS
- Size
  
  298KB
- MD5
  
  a6cec1a878536f3d5c82cfdf6e4cfcb9
- SHA1
  
  4ede885a61be6d4a4761ef525b92874d33a1244e
- SHA256
  
  a569744957e492042994c6f1312c8f4ec2f20a559bd8938a6a09c15230debbdc
- SHA512
  
  f7c94c59bad114b2ed87511d5fc88753c4838f2d38ef6b7f3b14f6bb11cda672458dea5380611a705141ca7a74beb62b870eaf60d2bd3ac4d9cf8c98806e9d9e
- SSDEEP
  
  6144:YAZFvqEboBEm8/5XaCtJ/0B60BMhYa5Ep2vl4eyJtkyS:XSEmE5XaCP/0B60BqYXp2vKeUtk1
Score

1^/10
behavioral3 behavioral4
- Target
  
  memenite-master/loadcheat.exe
- Size
  
  5.5MB
- MD5
  
  9a9ce1911efea388a090b14fcd5b616e
- SHA1
  
  48089e1feb420a7a6cf1cd310e2d7fcbb26e181f
- SHA256
  
  5f18528d89f0fad6830feb611772d9e918298125504fc913277d6614d2dd75ef
- SHA512
  
  26092d2b26dac2e9803908d0f714b685a619da09698796ffe9dca7c58fadc989aada31c1449d3212ed97a763189b3f877aa001784a8546311dfd4eea3b5eaae2
- SSDEEP
  
  98304:MgSz8rEHLkDXruhOSgx8lzt/SBMzLiwZKtrCms6DERzpHWcBBR2LDnLYDeiv:MgSzsEYDbIOLYxzLfQX500cBBRaDLYDb
Score

8^/10

evasion vmprotect
- Stops running service(s)
  evasion
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral5 behavioral6
- Target
  
  memenite-master/mapdriver.exe
- Size
  
  358KB
- MD5
  
  8c564c612e0c026fb381a1edc06e3677
- SHA1
  
  5207d14bb24b131d2ff26e1028b785c02af96c10
- SHA256
  
  8164305213e548256184aaf8830875fc7020f2c595aacccab5c13f70621ab844
- SHA512
  
  f327d5aa6c92f3b0f3b664573ddfb16be1cc8cc74a4dd51bde39c5690333335277b7b0b0ec41b7f3f707ff9cfd249b10aa2834c09d72351ed2d049a5d560178b
- SSDEEP
  
  6144:LZeWk1OlWdm7brTMQYFcIPDBGrkBjbwmohj/Wl6H+tM:teW+pdm7D8FcIPIqjrowoH
Score

1^/10
behavioral7 behavioral8
- Target
  
  memenite-master/mapper.exe
- Size
  
  4.9MB
- MD5
  
  8d68bf555643d03cc0a254199581d2a0
- SHA1
  
  045a40e16fb21596527020012bd5dc14408a85d3
- SHA256
  
  9b2aa35e6eef2f49691bbd69ddaf23d88005f3f6e3f4cffdf9bfc0dccefdce25
- SHA512
  
  8650e65635749b34ab5becff54eb4f054c7f9886063dd4c9906b89e99725a2f591ea73c83ad403587ef54accf554f48a7736fb602c11c60da52a725c99017ffe
- SSDEEP
  
  98304:Om+BR8fD4d0A2xXxy/lGobJwbLlqxhwvnUDo2KQu4v1zAzNlb:OpoDtXx6Jwb5COnU0Q/vGz
Score

5^/10
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral10 behavioral9
- Target
  
  memenite-master/maven.exe
- Size
  
  681KB
- MD5
  
  a142523fc1bf32ff9903c9043b713405
- SHA1
  
  f9ba3e95a3ebec30e4efb7fdb3fa07adc9cd1f9f
- SHA256
  
  39a661e3346e929415c230034557f890696f312188fc5f2f7a269b251d1fcd27
- SHA512
  
  34f2cb96384727936da14531b9db65a554a4313aff8ecc65c37109405e9b741b6e6e6efebe7710af3fa6fc83b6015034762a502383d526a2c1179db77c1b832a
- SSDEEP
  
  12288:USaAmfWXF0U10o2eC0ZipyMZMIfrB1plRKDN3K3Ofr/ZsjnA:DmuXFJ0depcpy81pKp6+r6nA
Score

1^/10
behavioral11 behavioral12
- Target
  
  memenite-master/print1337.sys
- Size
  
  8KB
- MD5
  
  570fa1de0b1b346a8270c0b2c26df3e4
- SHA1
  
  2d5eba73edf0a7de3b3890f3a2d735d5f5c30abc
- SHA256
  
  957d5f4cb7204f32d99baf241c95111c9c0afc0ddf0698b7a395081c3cda5a2c
- SHA512
  
  0a97c594f27dfea11bde785d5b176b79947132dcb7fcaa8ed5896002fdc3fd30f466ff12b9cf48d71e0b929c44bb0e962105c29cffa5d854f0a8effe1b7a77da
- SSDEEP
  
  96:lKABK8sXPsMD4sqB9JA2tXYPpdxDNZnxohfrVVhcD:lXxsXPsMEvJVwpv/nxohj
Score

1^/10
behavioral13 behavioral14
- Target
  
  memenite-master/spoofer.sys
- Size
  
  6KB
- MD5
  
  96756deaff1b2667883d4a21e43f4f65
- SHA1
  
  bce3d6fb9eec3f2d2695d96e61442a58039d594a
- SHA256
  
  1992c044963f5c77aa7b5462e2bb69a37c66bc0e13032524fb1663c0314fd420
- SHA512
  
  b6f472c8296bbef5da4baf638e98c2e0c42ba3fa783c69a6c0cc1e2f92f4c365d6d1c0bcf26e1644bacd4a001fd97c19b5fe2b616ba3c0982fc7edefcb59ef7f
- SSDEEP
  
  96:eA/w8VE6wC4NrkXyhWZ2JMQ4LI5aUZ1ZM2a3:v/f/skjZAMTOA2a3
Score

1^/10
behavioral15 behavioral16

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

T1031

Privilege Escalation

Defense Evasion

Impair Defenses

T1562

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

T1489

Tasks

Sharing

General

Malware Config

Targets

Stops running service(s)

VMProtect packed file

Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16