a734553eab322544cc5373f3b7f185e45fd02c5671e329e63756e1c59d4ac486

Sharing

Copy URL

Twitter E-mail

General

Target

rubyinstaller-2.7.8-1-x86.7z
Size

12.1MB
Sample

231021-kmx7zsde91
MD5

6e8c2be6532594c34029827decb59b1f
SHA1

f1d1fec9f77f75dcbbc19bb1593b250f50ea9f0c
SHA256

a734553eab322544cc5373f3b7f185e45fd02c5671e329e63756e1c59d4ac486
SHA512

78225100921ae952be91bd65cbff5fb83f01c7bb4ae4a18f40795d1444ca5ada60de4522cdb05388fc9dd09fb3e48e79b7ba9890d0d3ccc6f38823843d93f8c3
SSDEEP

196608:8Y3zV4U7f5lxTjGHQjbWES0kRlow2ATnPAAiXDTdYbHjkF4AYIxK8u2uZ86RT:jZ5L5ffQQbWE0VOpXlYbDiJwouZ86RT

Score

3^/10

Malware Config

Targets

- Target
  
  rubyinstaller-2.7.8-1-x86/share/doc/ruby/html/ACL.html
- Size
  
  13KB
- MD5
  
  e106d3edf32341771fc736874d4ac6df
- SHA1
  
  b6139d277122c214510f1990b584e94fc3a73277
- SHA256
  
  c1782977dafb2ef73fda65a2ec284cd0fa2b787f8518a6fc5dcacc9f639cab4c
- SHA512
  
  17638c8f7aad2642c50d670bbc4934ac66864a6751dfab9e4eeb308288a8f701c5ac8ffcc423dd7921a18cd690449c24563393146c9065f7de33abecef54dbde
- SSDEEP
  
  192:+YXkyfnFBaByBaBcgmzCik+iyPUesMth8qS:bkAnFBaByBaBcgfikPyEMb8J
Score

1^/10
behavioral1 behavioral2
- Target
  
  rubyinstaller-2.7.8-1-x86/share/doc/ruby/html/ACL/ACLEntry.html
- Size
  
  12KB
- MD5
  
  e25cddffce50d5c4f07cbc9945926a60
- SHA1
  
  e7f080451acd41f422a19c376699ec6a290056bd
- SHA256
  
  f0cdb150271e971bc10381df3fef33007eae7a90251eec0a188fc3e9de89b855
- SHA512
  
  4b617cfc4205047389bb07171fb744e64635de7fc76160f46ecc4a13abd762cce9afc34960b67c1bce02bb281f7f31ec6996a32cc0451c2dd28100d435f88350
- SSDEEP
  
  96:QaXNCHmD4PWm4xfmHFBoUiB3BbBO1aT+mYq0aEsnD0EOddTO/6nPnsXadbTlUGS7:QaXqyfgFBaB3BbBOVmYXabAxPJpVh8qS
Score

1^/10
behavioral3 behavioral4
- Target
  
  rubyinstaller-2.7.8-1-x86/share/doc/ruby/html/ACL/ACLList.html
- Size
  
  6KB
- MD5
  
  61def77eaf9f4600a02ff02d9e402523
- SHA1
  
  3fdfdf2f91a3716daf76dffe54f21201911b517e
- SHA256
  
  f2edf398fb72dc9c4f13c514551b217f09bd502281e4b5657d0b9efee514f6ae
- SHA512
  
  b99ca27766c1384309d8a756281d4b9b238623724b1c60ff36b88edd0c0a1eae0f53df1ad44efb5faeff239d01e019d8524584ed04976cf73a92a8d075934c98
- SSDEEP
  
  96:saXNCHmD4PWm4xfmHFBoUiBvBO8ZPlnoaMXbWdqIynrh8ELS:saXqyfgFBaBvBO8D0SErh8qS
Score

1^/10
behavioral5 behavioral6
- Target
  
  rubyinstaller-2.7.8-1-x86/share/doc/ruby/html/ARGF.html
- Size
  
  91KB
- MD5
  
  73d3b395caf5f07eebe8cfdd55931fcd
- SHA1
  
  84e35c46cede76db762c30d5a497d6dce09a0397
- SHA256
  
  7062a6379c664196ec0bcef73a82deabb1c1e0c35b5cd3191ef7fd440abd3aa8
- SHA512
  
  54bdc172d44cc4e0ad5b88ddc4cd10a8c48e466b68a72a1c972e2a25d15f251bd2829efc7f2235540ad153a1ad24ce0405b600e5dccf2ccfc026622cc1a1c58e
- SSDEEP
  
  768:G435Cx9dgPxd1lV1+RA0bVfpdxRzIpRRcZ9dCxJbbLlrfLhpB3b9NRBFhZcZsyvK:9ixVQ8vNLDJNuhPZrtZ
Score

1^/10
behavioral7 behavioral8
- Target
  
  rubyinstaller-2.7.8-1-x86/share/doc/ruby/html/Abbrev.html
- Size
  
  18KB
- MD5
  
  8364fe6e896bc00837a3d14136bfbe2c
- SHA1
  
  0c1a128d820c3c7337f9acf8560129fe409174b4
- SHA256
  
  8d98784081790eafd56b6e5d39cca3fd92b0b548d6f8874fedac1a021fa7c2e7
- SHA512
  
  d2d6f3911ea365b2e31497e5ca244ad7ae3e3fa089f4df0aae894c7a66f00dfbcb0e9ca17eb6c7928743cb341da03e4ff6523659a17973bfad30812d087a3aea
- SSDEEP
  
  192:iYXkygFBaB4Y//poWFCVrBU6lD/poWFCVrBU6l/h8qS:vk1FBaB4Oholho/8J
Score

1^/10
behavioral10 behavioral9
- Target
  
  rubyinstaller-2.7.8-1-x86/share/doc/ruby/html/Addrinfo.html
- Size
  
  101KB
- MD5
  
  84db7dd201806d6435fdf5f4d1604702
- SHA1
  
  045278b4372dbb8c2e9b4e15a5984edbdf0d7d13
- SHA256
  
  4d57da673fa0f7c1792d4a6e0495bdedf3853b4ac3b53d3aa53f8d78261f7484
- SHA512
  
  be8bacfca36ca68c9db751bc7b282deeb31665d016446573b93a94764a9f5521f2523c8f609902098777d8c3e3b24685fad3bb5b978acca166035211ac3970bb
- SSDEEP
  
  768:7C46AoC64Fz9Z9JXD15pHYLzl5YIoIIksQ6yQsgwVoseMVt7jhlgsir7548VczqC:wB3Wee6esIzstpl
Score

1^/10
behavioral11 behavioral12
- Target
  
  rubyinstaller-2.7.8-1-x86/share/doc/ruby/html/AmbiguousCommandError.html
- Size
  
  2KB
- MD5
  
  430abfe3067efd6bfd1728739caa35eb
- SHA1
  
  7b6f45fa77ef5e9d850148611fccb2f0203ddb8a
- SHA256
  
  8241a87ba495065f0afcf937d753b3e4f0f34c39cb3c9274e795afd44f0868c8
- SHA512
  
  c95a7eff53b6de32239df293dc18f303e823868afe8c93c917d8f7bc7f587bef8f3d1fcf86f69c7eee8acae49b229dcd965ddb78f9d41d7c7dbb5257301bd3f7
Score

1^/10
behavioral13 behavioral14
- Target
  
  rubyinstaller-2.7.8-1-x86/share/doc/ruby/html/AmbiguousTaskError.html
- Size
  
  2KB
- MD5
  
  dd0fc76eb6cd76513c7242e5826853bd
- SHA1
  
  1ee48b4aa836f6f5ca8154171554c40c2758788e
- SHA256
  
  191dc1e9d51335894ccf92fc06f0d5244f67f657f5bb0ba8b15f8f9cc964428b
- SHA512
  
  101f16169a7c6c0187a8921ca2e1fe07190fc77404d5eb97b1fa2aed0e70a4bf2a4a4bdd51de1b8b402003a973ba093035dde7b0bb4766f0dea9e33fed8a2ce4
Score

1^/10
behavioral15 behavioral16
- Target
  
  rubyinstaller-2.7.8-1-x86/share/doc/ruby/html/ArgumentError.html
- Size
  
  3KB
- MD5
  
  d64f5944846dd9b3909e7de4bc666b8b
- SHA1
  
  62026ef237e1f77cf9bb99eef65406f2c7569290
- SHA256
  
  35db2ccfd139965e3288fcba4517f6832cffe40d801421b94c98cb166c775415
- SHA512
  
  0ba5b721d4aaa730ef8034348c0f2502baf66e7ab19597bc00e5b534a8107d232b527161adb45d1cf9d2466c75c04959ee8c12993b6026e4164853b4c5efbe26
Score

1^/10
behavioral17 behavioral18
- Target
  
  rubyinstaller-2.7.8-1-x86/share/doc/ruby/html/Array.html
- Size
  
  332KB
- MD5
  
  378beb03b2e50facc06ff6206ad682df
- SHA1
  
  343c77833f0bb67a1459104f76084f9c5f090e41
- SHA256
  
  a2c261cd3fc55a2d394ae657dfa3c0e9adf09cd20ab0c20d32ae60685f51da33
- SHA512
  
  c2ceddadfca09079ee849fed172d5754493955c6887d202de6d89ee44f375730cf04b2fcdd1e7654e3887b8d129b05ca4677824afcff3dc6a507ca241f329fb6
- SSDEEP
  
  6144:jXdaXyab203sPYtAE9Byb36tlWwqTKLTCGcowaSwBXXKufqULXWHMZDVMgvZD1Ev:jc+JRgdDqZ
Score

1^/10
behavioral19 behavioral20
- Target
  
  rubyinstaller-2.7.8-1-x86/share/doc/ruby/html/Base64.html
- Size
  
  16KB
- MD5
  
  8a7e2655ea63fee74fdadba9e6d5fc33
- SHA1
  
  8e03d595cdad3bc5fc3edb0870d1ba3cda29401b
- SHA256
  
  13a4ab3abf5f173a5a7b5be43c8aa307674950b6f4cf897c28aee353458b9b5a
- SHA512
  
  81c2fb56ed99203a0b4bef82291316f4316eafc7b6610dfc5c827c8c0fc35c6213990eaa9b54d67954b9e5a45bb49790606f2765c4cef861992e8a5154e365e2
- SSDEEP
  
  192:rYXkygFBFBxBvBfBvBiW9LUbxQ0dWQEw8+4YIrh8qS:mk1FBFBxBvBfBvBiWybxrWN8J
Score

1^/10
behavioral21 behavioral22
- Target
  
  rubyinstaller-2.7.8-1-x86/share/doc/ruby/html/BasicObject.html
- Size
  
  39KB
- MD5
  
  ddc7978feccf9c0cc8c50239b21e4d72
- SHA1
  
  980b41d26cf030939eebb0b1044f5c3ecaf9429a
- SHA256
  
  35df923b94fc8f2dd1fac99b3d6fdb41452a925d82a14d9b7269efbd0c954413
- SHA512
  
  95c4a82583590bb18e0c687d06329330e195a463cfeb8cebf41560853262ac3597c6cc1d6e4ea29ad9308f5d1c061cbe8c015f048514b7ac45ed7f1dc58ad7aa
- SSDEEP
  
  768:56oR8+xzSxRDv/KJvkpVUH8u9eGH01vkpVInXGt3ko8c:fH103eP
Score

1^/10
behavioral23 behavioral24
- Target
  
  rubyinstaller-2.7.8-1-x86/share/doc/ruby/html/BasicSocket.html
- Size
  
  78KB
- MD5
  
  803bd4afc104ea413301e985284b1d25
- SHA1
  
  231d1722bd1d03f891c1ac4d2f1e0f8df951286c
- SHA256
  
  29490036f8813e15c2d84f707ab9c5c8935eab8366a107f457dd01a03d936520
- SHA512
  
  e9a6e1759da73a6b948c9aad4b5f6eb69179d4e3c70d3f8c13075db30272f8fc5aea5dbd5d3f48d8f6e3b93641e8e5dade371a6f9959e63eb63aa5d587223124
- SSDEEP
  
  768:7iJkJ34xGmRYKd4rRZRz53FND+izx7hun8B3I7bkQVqkshSxtKvtiF9r0y7EXXTe:zVszSXXwIQnwzeoyILEubk
Score

1^/10
behavioral25 behavioral26
- Target
  
  rubyinstaller-2.7.8-1-x86/share/doc/ruby/html/Benchmark.html
- Size
  
  64KB
- MD5
  
  e4974a892ec4bee96d74bc6365adde92
- SHA1
  
  e1048879661fdb6f33e272fbb05a30f4197e22b1
- SHA256
  
  ae865820788ab84c5468a5f2774d47ed3d1bd4f27ee13b098b93da183210d581
- SHA512
  
  c9ba1d04a526a8aadd285d012697b9cb67f81f581c549221c444030240d1f80d71772765563e48bdb634e3e663c18f23b953cc72dd53ae08c32c878f3be800a3
- SSDEEP
  
  768:hHe8o4DiPxxLN93i6YscKKVhD5ttqsKDelnwKKLvD5ttEscDelng:vif38ThwhDelnwtvm3Delng
Score

1^/10
behavioral27 behavioral28
- Target
  
  rubyinstaller-2.7.8-1-x86/share/doc/ruby/html/Benchmark/Tms.html
- Size
  
  29KB
- MD5
  
  b9f44cf10b0d336084ff93cd12e66d69
- SHA1
  
  4ba21f3e75a4481b3c0244267c1b9cbeec24daca
- SHA256
  
  a04d075bbc6e20397f22f033e32ee1fdc5ec7bcc2ecbc8ffff8d7edc4cd73268
- SHA512
  
  05b3cacec595f8e8eb3341a6251b95a9797e7229150f5e7c17223a1d002f9a3578fe9e8defcf1398226e14f179fb9d2499bb1caabf457a344ef38f7569df2016
- SSDEEP
  
  384:KqAgFBaBIBqBmByBvBMBvBZBfBSi5ap/9G6YJ7lCnHqsYRFg7nlchcILti3ZkDwm:r5omMYMxKh7REi5TsxnWhcKti3u
Score

1^/10
behavioral29 behavioral30
- Target
  
  rubyinstaller-2.7.8-1-x86/share/doc/ruby/html/BigDecimal.html
- Size
  
  134KB
- MD5
  
  9ad70392b7e7bd6affd3471ea2c7f9cb
- SHA1
  
  3ab5dca11307c7b4de4d046b3d062f00135c41fb
- SHA256
  
  740afb927eb28da79576bb467e78b77cfb4fc29c207c46b63b9f80bbaafaa061
- SHA512
  
  d19f7c73d7d2da07363da797c52f68eb8980192909a75db7c4050fdb96eccb62a0a86ce5ad5b0dfd8fa1c36b60b31b711a202a28eeeedd5aa84efe146264c2ab
- SSDEEP
  
  768:13lmJmmyacqc4RmwMTYHMUJtk+lNqxBxxx1hRxhqpIJFrj4pTjIodRh5xphbJPVu:pEJEV1iYTw/QiVCWbaz+twA6
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32