8cad66adb36b1f4f64204a4328a063ae33695dbbd5386f761cfb56c2c0987471

Sharing

Copy URL

Twitter E-mail

General

Target

MicrosoftProgram_Install_and_Uninstall.meta.diagcab
Size

218KB
Sample

230911-ba5lvscf7z
MD5

7421b66d5262513da783747c831df792
SHA1

06ffc487a37374b15e81b4d272f78f2b574cc765
SHA256

8cad66adb36b1f4f64204a4328a063ae33695dbbd5386f761cfb56c2c0987471
SHA512

15f75477e7aa6a80eb26aadfc2d9741989a1ee8f359f7b6ddd229ea3b166f17acdfd0358b92c618de82c1d8d28854d114f46b249ead412ae3da0d82c719b85d1
SSDEEP

6144:B2CHE7b1ABl947ylLipv6jAoLmLbvzSqz9f:BbE/6K762pviSLTzv

Score

5^/10

Malware Config

Targets

- Target
  
  CL_Win8Helper.ps1
- Size
  
  11KB
- MD5
  
  e7a665b03533dacfb4f3df3d8efe01c1
- SHA1
  
  8c1aa0ea2447fb6c319a1251032b3f90f1db2fdf
- SHA256
  
  1a1505f948eb08624a4a7380ca25ef18654b5c0a15df9988209f70e958f5337b
- SHA512
  
  294dd1b62bc9d6d1b01c6fbfc27864b0e45c1cdb4cfea6cc109490b9874420f66ad15afdf988af870926631952439a2faae608db3e97744b21d464fc4cc57189
- SSDEEP
  
  192:oK5+re5p31lwtRZizkYeOcJlQwHx7cprxi8RZkeuYT1bLKRoguwCsXsoz+ppjGk6:J9AtizkY2JSU7Mrw8Rme/T1bOw7gs3zG
Score

1^/10
behavioral1 behavioral2
- Target
  
  DiagPackage.dll
- Size
  
  2KB
- MD5
  
  0ae02945834e3a8be734dee01ab879d9
- SHA1
  
  39a55df41bf82bbb08a4544295faf3ced62d11ca
- SHA256
  
  be2f0bac4a5ae87af8f6bab5875c0977792ee5ca5959a96181c146976b671fd2
- SHA512
  
  22a5568c37bfbb373702eed748218e5eaf411f2ffedbdf535316c6ca20cddb57761b0b71eb36a9e133993dd89faa9c43659419d79d9f9d328d85800e4bf7518b
Score

1^/10
behavioral3 behavioral4
- Target
  
  MF_WindowsInstaller.ps1
- Size
  
  11KB
- MD5
  
  266c4c475454ab9d7f6e9be97bb60964
- SHA1
  
  76e74e4930a436ed7158078be0b9fc8c8e8e0a71
- SHA256
  
  c79377a9a222fbd6578c7c1129b4f1e751f4b556ff0b751483d2b7b7ef82b268
- SHA512
  
  7fe007c7407daa72900be1a284d58f740ef4963c65649b856653040ac3fa8fc401ad2e4f2b0795656e40a895cec198c44549e07e39725692d49e9136e40aa272
- SSDEEP
  
  192:jd0/OrwjHUIy0DvUizkYeOcJlQwHx7cprxi8RZkeuYT1bLKRoguwCsXsoz+ppjGR:jyWrwoAQizkY2JSU7Mrw8Rme/T1bOw7Y
Score

1^/10
behavioral5 behavioral6
- Target
  
  MSIMATSFN.ps1
- Size
  
  88KB
- MD5
  
  653ae832268cc19c84817d86e4a976b5
- SHA1
  
  e278fbf01b65c6d73fd9f19a787b3cf50a5a7d3b
- SHA256
  
  c8e366db1f77b7efa57e4b9c4db6e4ad1c82c7429d33944ad3f717d0731d7e53
- SHA512
  
  a85ad177b99f2a9835a418a965584e346b36b3a1fec0bfe565ea2670c92f69b623213fed92dc082f149942c75bdec64935dd9a448d8a74f9df8f5bb39be70801
- SSDEEP
  
  1536:VNzJiCPnUfTxgrSBVmUerHC+SDUJJ/aA9jKx4W/pF9/9VF:VNzJsVmUergUJJ/aAxKx4Kz9lVF
Score

1^/10
behavioral7 behavioral8
- Target
  
  RS_MissingPatchCache.ps1
- Size
  
  11KB
- MD5
  
  09343a5f4abec165faef3f574d4dde03
- SHA1
  
  1bd223b390e8f10a7859cd093ffa028b4f484ff3
- SHA256
  
  e56c4a6e00d206c88399257ee93f20a9862dd52eceeb5c8a627509c274516b54
- SHA512
  
  8bd1cf13d7ce0a6e534aedca328019cd97e83e78094f92e3df4eeab76dddce85868d487e21a419bf0dc1659c9a6e7e0a38a2f8a9b0f1ceff3d64639192fec36d
- SSDEEP
  
  192:jd0/OrwjHUlsYuD9kYGIdRQwHx7cprxi8RZkeuYT1bLKRoguwCsXsoz+ppjGAw7b:jyWrwoK9kYTYU7Mrw8Rme/T1bOw7gs3k
Score

4^/10
behavioral10 behavioral9
- Target
  
  RS_RapidProductRemoval.ps1
- Size
  
  13KB
- MD5
  
  ccf5400a91c0d3c5912eecf966f468c2
- SHA1
  
  1888420720ddb379d801892b3a1a6df7a9a551ee
- SHA256
  
  90d1e1c152fa5a52c02f7b256bf00220e5e61c25748472fe9ab5b73b37337e86
- SHA512
  
  6eaaa99b170758e5fd27812217dfe7d0a9cdf057191d73f3b8cb95c9168041d07f76af0b98a794386f960c5c03ad6d1347e462dc3188ad3b8e866ec2219ac2e8
- SSDEEP
  
  384:jyWrwoJizkY2JSU7Mrw8Rme/T1bOw7gs3zW+L0gxqC:jyWVizP20IMUmme/T16wEF+A8qC
Score

1^/10
behavioral11 behavioral12
- Target
  
  RS_Wow64Detect.ps1
- Size
  
  10KB
- MD5
  
  4d50f1bd2c0171a9ecae29c5f81abd8e
- SHA1
  
  c00e6f06343dbf31c907190e8fc1ab0998e4fb3d
- SHA256
  
  1e41f88756ef5f354f3cfa8a793e34b324d30a109f65efa93af2f9830a3ad530
- SHA512
  
  72d8e47d2e7d5034f33abb9be3a7ca7683b7dce9578093d61b51ac6b870da4a45f24df1d618340997c954c0c4dbee9af5bf186dd23ae365abf52dad86182941b
- SSDEEP
  
  192:jd0/OrwjHUymNHgkYFQwHx7cprxi8RZkeuYT1bLKRoguwCsXsoz+ppjGLww+JIOK:jyWrwo/NAkYyU7Mrw8Rme/T1bOw7gs3O
Score

1^/10
behavioral13 behavioral14
- Target
  
  TS_MissingPatchCache.ps1
- Size
  
  11KB
- MD5
  
  1c3130b9ab767b08ea09fc1cc97de844
- SHA1
  
  5ca449dcae2d457b4d1b0f2f317c03c753ef264a
- SHA256
  
  7fdefec9551db1f40a54d397c441bc4e5505eb8401aae148e90437ece414b296
- SHA512
  
  df7b89d330ba0e21b57032fd646ba14eef81f0afb2f1bcfbbbd4cd0990e2081495017fdcf2b89e63bb35bfb9a78e6ac52436537b0b7d6bca775722dede362cce
- SSDEEP
  
  192:jd0/OrwjHUDr5THgkYFQwHx7cprxi8RZkeuYT1bLKRoguwCsXsoz+ppjGAwThhj5:jyWrwodAkYyU7Mrw8Rme/T1bOw7gs3za
Score

5^/10
- Drops file in System32 directory
behavioral15 behavioral16
- Target
  
  ko-kr/diagpackage.dll.mui
- Size
  
  4KB
- MD5
  
  50603d6994cd9aad61c089245340c21b
- SHA1
  
  5858a83fca2f1b2ee3f6103c21707fcd7c9f1e3f
- SHA256
  
  3ded5cd77362c2ae3967b47a53bccfbc10367fa302050f3e5d5219f209b6ae9e
- SHA512
  
  85bd3bd228b9a3a7c0372cbe4536f31b40644d12b9ea2ffd73b2c0370676cc66dbda919d48e3df68cd83d3a6f9dced4f29c6364a13dc903ebea43a2d29d8971c
Score

1^/10
behavioral17 behavioral18
- Target
  
  lt-lt/diagpackage.dll.mui
- Size
  
  5KB
- MD5
  
  91c29c885887fe322425ec45bf65dad3
- SHA1
  
  63d6605f6b368da8842acd8d983b630171e94330
- SHA256
  
  9a366a6e72d012bfd00cce2bdad0f10d2e480affb3c2de1119c4ec687de33983
- SHA512
  
  a7d0b2a33a12b79efd0fae71a9b70d625bd4bb2a2d09bed409a2ae776ddfff9b6eb40241ec42ec8621a5d69a9c664fc8fdfa22a4d2b32894f3084b57294d1612
- SSDEEP
  
  48:KbTMg6LX5QaQkiPrkxbxlVaPyaBOdaJgjzUWjMaDP/h3MSVSpiI1SVS3YvCO6WCY:yP3kikVavrcPJ3fVVVcO6
Score

1^/10
behavioral19 behavioral20
- Target
  
  lv-lv/diagpackage.dll.mui
- Size
  
  5KB
- MD5
  
  73af1bf72de20f4422ed45a0b7fd46d2
- SHA1
  
  6e088a2708cc993de51399113f6e01e5acff5d67
- SHA256
  
  05dbef20db2b4d3ae455a2f1ebf8e2d4c0eedd6e4aba09aef35016e19ee2d8c5
- SHA512
  
  ebd63f86b17b14b67e9611612ecb85ad81a6a774645a0a2fb38b7526bf1848cca227f08c1290b72d8fb6eee512e970ec1660f91cedfdeee98e81f1fe694bbc8f
- SSDEEP
  
  48:KbeZMg677UlNlh3nlhZlA+8n8is3enlylUxbxj+NaEUjfdaOlglNnlhZlAQnWulp:nnMUH3tkYrARaDtiluzZVYVNO6
Score

1^/10
behavioral21 behavioral22
- Target
  
  nb-no/diagpackage.dll.mui
- Size
  
  5KB
- MD5
  
  a949811a64c8612a1b20bfa320429252
- SHA1
  
  e34725e2221d9934a816f08b9ef69d2a66d83305
- SHA256
  
  ba1fb3c14fc1aa8424002f06c2649f3d668909ad296ea8df3f07646b96be1d00
- SHA512
  
  d2ea552e34c70925c7d896eb574505007ae914dc6a0f84e179f502df287cbd13b0abb424c8570c12f692a30de50166d992236a75b0a96af41177f328751d5d4e
- SSDEEP
  
  96:9Yo4kjePILVGSED5ED5ynILVgFQer3WUVfOKGVNO6:9Yo4kjeiID6DIKgFQedOKX6
Score

1^/10
behavioral23 behavioral24
- Target
  
  nl-nl/diagpackage.dll.mui
- Size
  
  5KB
- MD5
  
  2d14f4a6cfc7b3f835348712f73a14ce
- SHA1
  
  171768fb60dab7171b198d4db799e3f25a783635
- SHA256
  
  08b8ec36a5b91d4f0cdef3e2a9a6946e810da931b77b5dcb2416a34c9cbd78f7
- SHA512
  
  b22755fd76d18a484b06936c132925f172963d90c4c172c1ffbd8a8ebc00e62521a913944c479c5f84f25f90a79d9ac2474aea48903d03cbc5ca408162ecfff9
- SSDEEP
  
  96:KZcPkPMSPR3pPR3yqI/D5WdzEJXyVqyVNO6:cN3ppp7iXdD6
Score

1^/10
behavioral25 behavioral26
- Target
  
  pl-pl/diagpackage.dll.mui
- Size
  
  5KB
- MD5
  
  5e5cf57d37e1a7beef279901319fd0f6
- SHA1
  
  b6d5d10164308b015f99688c52a231c1c0569a53
- SHA256
  
  5960ad65b2d982dc61569322f8ccf1e304f539ff75109b6e249f062536231e4c
- SHA512
  
  693f3bfb2903d7efb1001cdc6c23f41d497333dda18f9c804229dad20176f48a4249dc0934b8256f89bd8143616d8415ea24c8ceabae7b4cd661871b60f7c0fc
- SSDEEP
  
  96:OwID6I40jH7SfH6IBkYQI5IWRnLIzAXNVcVNO6:OHBRqfdfnWWRn0zI6
Score

5^/10
- Drops file in System32 directory
behavioral27 behavioral28
- Target
  
  pt-br/diagpackage.dll.mui
- Size
  
  5KB
- MD5
  
  210a3bcf621eca408371ead467d08eb4
- SHA1
  
  36336d9657804e49acca033c8b6ebd7bc5fdf2a6
- SHA256
  
  72a051042b9704ecddd3e527d93d77a713a8598445223cf1aff7583d50244126
- SHA512
  
  809e7faf5ab5c69b1adb68e3462d65a3f55cd5552d93227c567779782380bddf6a6a3b1352004ad69863fd00ba072fa99ab560c4773bfa29571d1fba479a6045
- SSDEEP
  
  48:KhNMg6cSDTdebDdqsYKYK+1DTdebD9xbxYMZaggCGH8daieN1DyBKeDE2MXvRNVo:me4Kx4LZGfxyM6EfNVp89WVNO6
Score

1^/10
behavioral29 behavioral30
- Target
  
  pt-pt/diagpackage.dll.mui
- Size
  
  5KB
- MD5
  
  91226e3e89598b51cfd72ff88be23608
- SHA1
  
  9ae27ef71fa214e874be5524870c6158a41ffcab
- SHA256
  
  0999e47029ed8b32453fb89e3eca664fbf5aecd14c95111eab733c1a7b55118b
- SHA512
  
  d58fe14bd0e31fad2a69f06fe012c49ba2b200a8261d2c0137069904851834cad7a22607b723e501f45a4ead9d051aacbd6c7a2926dc4527a93d5ece262b8899
- SSDEEP
  
  48:KBMg6OAGpLDjdeKDKGhrYgrYg+1DodeKD9xbx2crW7aRgCGH8dahfwNTDw2c3/j6:UZRfJQxygGZGHo3w986INV/8nVNO6
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Drops file in System32 directory

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32