e22b39312f274bf684df96d1a69a0132987bef5dd97ad459cfe963f261dcf4e4

Sharing

Copy URL

Twitter E-mail

General

Target

e22b39312f274bf684df96d1a69a0132987bef5dd97ad459cfe963f261dcf4e4
Size

262KB
Sample

231003-rnzwjadd66
MD5

593bc8943343d323ca22fd021934e8a5
SHA1

6c98c9a50c9e480b466e9f8de8aa822ddb7e0d0d
SHA256

e22b39312f274bf684df96d1a69a0132987bef5dd97ad459cfe963f261dcf4e4
SHA512

e856e1065acbc90c2f7c24b73d03d38660ceda2184745074d113def371660a8612cac2c9124f53cc4cb6e7823c82b2645cdd01d93e3a2990ecf273b29fade5c7
SSDEEP

6144:TKM7Flh+h6313ismzkcnTndIfOfDOSbgh2eHgQ5Elo5xb/8n:TRTAh63UDzk+TndIGs7HjMMFkn

Score

4^/10

Malware Config

Targets

- Target
  
  Microsoft-Activation-Scripts-master/MAS/All-In-One-Version/MAS_AIO.cmd
- Size
  
  425KB
- MD5
  
  d3caa81fb77f8b2e90a81c47a43565c4
- SHA1
  
  9e47d9b039d325e66a22b874e4eb2d265669c4f3
- SHA256
  
  5697fdf7c6a11b7a3d48d492976f820a0f9c1a2d49ada258c411924a4e3c816b
- SHA512
  
  1bf881e71c5ae83b764a292fbafd12d6f7fb57547f7c064f434d81f36c5391b9ca97192d9988c27af5ac36870c9f69a5a66dfce0d95c01dee7e9b77af496022b
- SSDEEP
  
  3072:HR34RE57N9H7PIu0R/iNiYCCh3MPfiavbbJuAMTVFp6zGDNSCE2K6rOuW7EOGJGo:xjXEu0R6SChAbJu9p6zGDNS0K8OuD3
Score

4^/10
behavioral1 behavioral2
- Target
  
  Microsoft-Activation-Scripts-master/MAS/Separate-Files-Version/Activators/HWID_Activation.cmd
- Size
  
  54KB
- MD5
  
  7ddb1766a6574fd10e29303e24272ad1
- SHA1
  
  c91185a98353e64ebd4707e26fbbffa5d4d7e7c3
- SHA256
  
  005f28b334a8f0bc0b611a616e6558127d21dfec43a163ed4536c2bb46477ef9
- SHA512
  
  756b28a6787dc2de0d0372901982d4c384a02cf5517aa944ed2cbb2cebd23c172200f9220faf725b089ea97c8f81c878cd7e602a73b8721c1f89114ebe03549f
- SSDEEP
  
  768:h2zZiOKJ5yorr997+3YWSWMxahF438mpr8Fp9lvCRdi5NEjS+C7S4jFh0z1E6yfH:oi3yg2MxMMUflsdi54Em0Iy6yP4Nm36s
Score

4^/10
behavioral3 behavioral4
- Target
  
  Microsoft-Activation-Scripts-master/MAS/Separate-Files-Version/Activators/KMS38_Activation.cmd
- Size
  
  54KB
- MD5
  
  dccae2b581bcc7db35823e105ea23d1b
- SHA1
  
  c1a4a98bfc33a255c101404ad5b04f2caca92a0a
- SHA256
  
  d6877ca942cdc3da249f186b80967e4f787db2919bb01fb29bf57be9a0d0c3d8
- SHA512
  
  64abd95cbb6ffbebe1e09fae09902a867a21117b171b0d2d99ddd1d058e060f2fee7cf2eebd8a00ff0ad631c36fdc693d7a14ec7a040eac0388581c2ad8dab47
- SSDEEP
  
  1536:xD83yqy0xDSPfGo6nNm85Yu341Em0Iy+lVTt3rA6s:xY3MPf/15jvg
Score

4^/10
behavioral5 behavioral6
- Target
  
  Microsoft-Activation-Scripts-master/MAS/Separate-Files-Version/Activators/Ohook_Activation/BIN/Info.html
- Size
  
  114B
- MD5
  
  117c3b2bfa991a881ef5f9e13312b068
- SHA1
  
  1d3c780df9bebf6b2b2e73bce817f97c4210838a
- SHA256
  
  a903893a23ae98eaf0905f3206f90334ba0e4894eace804b9796a793c3ec2874
- SHA512
  
  fcfca996f1ed181d9394ad31ff43f0f39c97e9b479f96c55da2aa070edb9096deedd3e9897e57f83905f8d796519b75d68d3ae13b4958a856dbed82bb61c8581
Score

1^/10
behavioral7 behavioral8
- Target
  
  Microsoft-Activation-Scripts-master/MAS/Separate-Files-Version/Activators/Ohook_Activation/BIN/sppc32.dll
- Size
  
  9KB
- MD5
  
  8ae2553e91fcad5c9fb1b89f9dd803bd
- SHA1
  
  246730f83669d3460283c2a71b00c6ad93ebc87b
- SHA256
  
  e6ac83560c19ec7eb868c50ea97ea0ed5632a397a9f43c17e24e6de4a694d118
- SHA512
  
  2aa075ec134bc9359904b8ca174c3d1b002c87b5e7e50773c86f6b7d3a1654907dac49f906729c90cd1653cf97c32923c89451a0d9543d8a8b3cd66f0bb29251
- SSDEEP
  
  192:eRUEV7qv9X/XCXmXUgXjZo0ZfeXCXnyEJ1cNMBye+qTx1G:eR3uvy2EpS8l
Score

1^/10
behavioral10 behavioral9
- Target
  
  Microsoft-Activation-Scripts-master/MAS/Separate-Files-Version/Activators/Ohook_Activation/BIN/sppc64.dll
- Size
  
  9KB
- MD5
  
  fbf8d0acd889cc2c477dc2a7c42ac703
- SHA1
  
  ed581d67fd80292c13419e5310c078e8fb53c815
- SHA256
  
  c6df24deef2e83813dee9c81ddd9793a3d60c117a4e8e231b82e32b3192927e7
- SHA512
  
  4bdfbacd8cd49960876bc09b0e4ee6f42db9924f0ba5fbfa2a6fac67831001cb4cd8d81d21d7eafb1ec387781e4b512f1ebdf73aa36b454e0e2f305dedd4a968
- SSDEEP
  
  192:4Yakaj14DFqv9X/XCXmXUgXjZo0ZfeXCXnyEJ1cNMByi9qTx1G:Eakvy2EpSTl
Score

1^/10
behavioral11 behavioral12
- Target
  
  Microsoft-Activation-Scripts-master/MAS/Separate-Files-Version/Activators/Ohook_Activation/Ohook_Activation.cmd
- Size
  
  69KB
- MD5
  
  6122bb7fb2b3b041848d2f7b2d2fc94e
- SHA1
  
  b7cd8760ff6334f4fede1e2d280140883ac73702
- SHA256
  
  732a450c02b49a9410b89a864116a951ba10d0439f9a9de2383c81e231f59c37
- SHA512
  
  41aabc8997148c0904a6c2e62d3f8bc87e1a1d1e1ca4b4dae367ed6bded00edb9d77c80c145bae05709739afee9f1926bddd875052eca6f55c8e8ff701333170
- SSDEEP
  
  768:NgPYZirxJk994J2JPH8HkkRFpnGu/eR/95pjS+C7S4lFh9z1Em8IcY/GwhT4fkJO:k3k402HbPIuWR/95pEmMdyiNeZYgT
Score

4^/10
behavioral13 behavioral14
- Target
  
  Microsoft-Activation-Scripts-master/MAS/Separate-Files-Version/Activators/Online_KMS_Activation.cmd
- Size
  
  164KB
- MD5
  
  1945bbd917115976d38a472d0f986bbb
- SHA1
  
  8da5064553de2acf63c0245ca4486b63d0c2ce56
- SHA256
  
  bf6f4b7a45ee6e10b48d869f73c29bc90151ad74fc902ff6198bde039e679c01
- SHA512
  
  5fd220afb8f880e4162c1ed999f20c0e0fcf049a6550ee7faccaed0f87d95f9cc37fce7c3d75e513eec747fe24e578639b74f9d5c23ae72e0c9f762ed2c09568
- SSDEEP
  
  1536:A/W8j2b6vW5Tuac+4jCwjsisxsGLaNwgEMTV62m0I1zGDNSPKM0E2WYEDeFWwCI3:AwbJuAMTVFp6zGDNSCE2K6rT
Score

4^/10
behavioral15 behavioral16
- Target
  
  Microsoft-Activation-Scripts-master/MAS/Separate-Files-Version/Change_Edition.cmd
- Size
  
  37KB
- MD5
  
  5f480dc2aa5d68547a4a5740aa1a5339
- SHA1
  
  835505d1be2f879dba6bf3f712232ed5013beac6
- SHA256
  
  be31e962df8b24db11f6a203206e23c287ecc060f820ba40d92641fea7471273
- SHA512
  
  25e66a036b2b794077872be9692f7b9a8edf129310bdc2d2c0eeecb1c179a1176905b8d81f84e52346ed2b0bfd721487ab2317f46dd7c712973f5e93003ecca3
- SSDEEP
  
  768:XnZi42JYV4AtJ0jij9H5EiXw5iWK4u34uHfIN:Xysx6+j9H5EiXw5iWdu34u/I
Score

4^/10
behavioral17 behavioral18
- Target
  
  Microsoft-Activation-Scripts-master/MAS/Separate-Files-Version/Check-Activation-Status-vbs.cmd
- Size
  
  8KB
- MD5
  
  945711798605ca089ebbf216f17867b9
- SHA1
  
  fe1c121fb983c2cfc979c36ee4731b7136b0135d
- SHA256
  
  1818e67562f5affc6dc8df40a3c62b64012bd2105f75befd372787949d5c2fae
- SHA512
  
  50216e05ec723d23a57214bb4363eb52b6f5005de48bfc7354026df5e049ecbac51243cb578c94a1e7fa831659b2a3f0cdf5f8faf29b037552b06ab21d5b77d8
- SSDEEP
  
  192:BhoO0d/IZIZazZ9VZ5jZfuZcQZ0pZfSy9C/sC/QiO4TEoz6t9+rV:PoO0dEIZad3Z5tficE0rfSyo/h/QiO4T
Score

1^/10
behavioral19 behavioral20
- Target
  
  Microsoft-Activation-Scripts-master/MAS/Separate-Files-Version/Check-Activation-Status-wmi.cmd
- Size
  
  18KB
- MD5
  
  55ea790635e39d3cfce2ae6d4af60417
- SHA1
  
  70f1c2357ef3ca85cc92bb8cbfaac3a586e85e50
- SHA256
  
  4dd86774e105d60589f0540f6d93e0f43942fa32203853b8dcea52035f50a0f9
- SHA512
  
  cbbbcb1fabfa6b13c7c7fddb95d269a3cd752c2c568fa676ee3f7536a0095b4255ec17d4ac896b2e97bcc0000c3eb5c22a9eab27d1e994aa1167a3af4b2da2f4
- SSDEEP
  
  384:AeI7EnXfdwyo44hN8ivJ9EaRVVY7UTdPU0EGT0SGFX:AecGyWaNY7wdVEGQSGR
Score

4^/10
behavioral21 behavioral22
- Target
  
  Microsoft-Activation-Scripts-master/MAS/Separate-Files-Version/Extract_OEM_Folder.cmd
- Size
  
  20KB
- MD5
  
  09294a0db2a2ef14f505dcde5141e191
- SHA1
  
  abfc11d80da6fb77ce1d6ac9931ad670680c81dc
- SHA256
  
  8fdc4693d7a98498135d34d3d4a0e67d3581db2df431d48322ceba464228cc62
- SHA512
  
  f6eb9c4db8a952aaf0df2f15c0bcac2a038904718fce3d5366a0b40bcdfd833e5673db51299d1aa1f7ca36159f75d7885c4e363395aa6d692f3d54e852f96772
- SSDEEP
  
  192:RAxP0lwUdxZc3pi7d0YyCQIqpqeeGq+BAN8+znDeG3QWzDFzjccVWzbL2/oWzXcP:PxS3pi7rUpqeeGFAN8+jSqjldSPLz
Score

4^/10
behavioral23 behavioral24
- Target
  
  Microsoft-Activation-Scripts-master/MAS/Separate-Files-Version/Troubleshoot.cmd
- Size
  
  38KB
- MD5
  
  beac060647ef7ce4087fb790cb44d082
- SHA1
  
  e858dc008a6115735b39174dd3be4b9bff9a280d
- SHA256
  
  c7032a5efebea5ee06fed4cb58bcb67839e039cc73c97d466bbf1d318626b911
- SHA512
  
  c5f056df23e64d12330d8f1145268d292b090411de4adea40e1f59413d299fdf0bd33b24e59a6183b1746ae251d272d27ece64449dfd925a665495cd68425358
- SSDEEP
  
  768:PUZihR+nP2+DD1wA7nt79Bhl3XB+OLZrsxpjN:PZ+nPN1PBPhl3X9Y
Score

4^/10
behavioral25 behavioral26
- Target
  
  Microsoft-Activation-Scripts-master/MAS/Separate-Files-Version/_ReadMe.html
- Size
  
  84B
- MD5
  
  574e18c1f9b32a47f988ac91588901ba
- SHA1
  
  4c0827e3deeb84cf442e0356dfc1883bcb131fbb
- SHA256
  
  8932bacd828c0716b136af6aa15011aed0015e7838006f2cff7a64954a5696b0
- SHA512
  
  4c480c530af4218e5ac276228a372fcd799912eb183685f805b6c47b5d6971be42a4dca2baa016425dc2499367624cb70de12d280ddcb7b613001460dbf820f8
Score

1^/10
behavioral27 behavioral28

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28