Overview

overview

9

Static

static

3

total comm...et.exe

windows7-x64

9

total comm...et.exe

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

General

  • Target

    total commander poweruser v.73 portable by ha3apet.exe

  • Size

    271.0MB

  • Sample

    231101-yctcyace4w

  • MD5

    a34f3e082d853e82f9f0d5d4308d0e32

  • SHA1

    7b0e59e0623b71e6d470192814a921779faf97c2

  • SHA256

    827b609eef3893e1f67ede6b83d326f3c10b11a0f9313ad712978fe9592622c0

  • SHA512

    afb4eed7c0ac15376561ca4ba3f2079ee9533bb47e0e92fde734669073ff2b6fa706411c362c2afe2504bb4e088b80107ec6fc697fd1526652f3ec2b4242ad10

  • SSDEEP

    6291456:Y04fZUpz6LDezTcjpQqvIzd+4PA4OxRWL5RORCwjRY8hq09o/:Y04kz6WzSSZ44OSL5RO48h1Q

Score
9/10
evasion

Malware Config

Targets

    • Target

      total commander poweruser v.73 portable by ha3apet.exe

    • Size

      271.0MB

    • MD5

      a34f3e082d853e82f9f0d5d4308d0e32

    • SHA1

      7b0e59e0623b71e6d470192814a921779faf97c2

    • SHA256

      827b609eef3893e1f67ede6b83d326f3c10b11a0f9313ad712978fe9592622c0

    • SHA512

      afb4eed7c0ac15376561ca4ba3f2079ee9533bb47e0e92fde734669073ff2b6fa706411c362c2afe2504bb4e088b80107ec6fc697fd1526652f3ec2b4242ad10

    • SSDEEP

      6291456:Y04fZUpz6LDezTcjpQqvIzd+4PA4OxRWL5RORCwjRY8hq09o/:Y04kz6WzSSZ44OSL5RO48h1Q

    Score
    9/10
    evasion

    • Nirsoft

    • Modifies Windows Firewall

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks