7e920f57ec7172fdd2d2df6c0c4102e37c673b603f65ca84fa5c100ec3fff7a2

Sharing

Copy URL Twitter E-mail

General

Target

7e920f57ec7172fdd2d2df6c0c4102e37c673b603f65ca84fa5c100ec3fff7a2
Size

1.1MB
Sample

231106-fa8qqsgh9w
MD5

5a9f68444515c0e78acffd503ebaaaed
SHA1

1456adc64f0557d8cb313b9840969f89d6d40cf5
SHA256

7e920f57ec7172fdd2d2df6c0c4102e37c673b603f65ca84fa5c100ec3fff7a2
SHA512

57cf78b5b89e7a120f76811c8856b79b102fd2e4bbd1881d75702159c7d6aac107230e9dd7e51ca8976262ba93ed3023e3500528a57385993654bda89b6d7656
SSDEEP

24576:PIhcFr0z8WprUa9ZpQGbMxcLaPLFI3c/a10U4r/aF2J7h:ghcd0zGaLpQGvLaPLcaa1ZAPFh

Score

3^/10

Malware Config

Targets

- Target
  
  WINPG_V4_279/RTIoLib32.dll
- Size
  
  125KB
- MD5
  
  76a673ecf4590d17632af0411eeb3bca
- SHA1
  
  72a4fbffd74a21107a9c747bd96041379b452192
- SHA256
  
  11b2e2e650ed56e77a6c0b0553aa36239a849cb79459527cc246009cb2d65efd
- SHA512
  
  9c272212f7255c1defe8df55a95ce12232e6b4ca3b88a82fe4eb0ca495cb254bc6ff21ee692930d76867face739b8099135f0b13d9adc1fdfd206e40d0f50daf
- SSDEEP
  
  1536:xdKGyrzNAmMEwyHmJYwM5jRflLaiSKH3uUntko/gyJysbMtrUfph:uGyrBAmjz5VfJkUntkoYyJ9
Score

1^/10
behavioral1 behavioral2
- Target
  
  WINPG_V4_279/RTIoLib64.dll
- Size
  
  155KB
- MD5
  
  23b63b64c57ffe0129af6ee4b38ea7db
- SHA1
  
  ce0cec8e15d7d9cc861613a6b2599cf2d580c70f
- SHA256
  
  e68365ab48c6fa3b3c8036c578cd61793e645b76c8a17641ff07ad01038ccbb8
- SHA512
  
  3a5b19c4363e4bafd6a6ddc538ac592afebd81b6de05687e7f169c402c232ca9685ac36391c03719e588b919cdb0fadd56b42d26ae90b1e3aa3e231e0686e4ab
- SSDEEP
  
  3072:RMmIcRC1BP5gn6ENjoJszSKKmNdWTZILJpu9S5:OURC1yvm2f9dWYpJ
Score

1^/10
behavioral3 behavioral4
- Target
  
  WINPG_V4_279/RTNicPgW32.exe
- Size
  
  675KB
- MD5
  
  4852b09e3a1564fdd6e42d18e9499e5b
- SHA1
  
  c27c87c95e6bdeca8296387f46ba865a3c7811ef
- SHA256
  
  6a245ea31c3259b21b44febacdebf81a465d9ace39cb64b2cb89c0779e540e7a
- SHA512
  
  4ac0d902aebe1fde990ef465bfb969db71e06a1fae60005f82b11bb062240665fec3f8691e2bbec8e29ada0470e518823ca0eea184751584c5493e4122546d02
- SSDEEP
  
  12288:iYtWYvtWzFomVPLEys55BVJ/4qDMCDYJbnVwyPT9JUREHUoiEgkFmzTw4D:iYtHWPkCCDwV/T4eUuozTx
Score

1^/10
behavioral5 behavioral6
- Target
  
  WINPG_V4_279/RTNicPgW64.exe
- Size
  
  794KB
- MD5
  
  1a1153a5363e0cdcd67fafc9caa431c1
- SHA1
  
  2a0fa6aa1420990e95e5cec4448edf510631b9b4
- SHA256
  
  14d40f06d4aa91991409e7bbc3ffeedbd1583c808e757343b129a5a827991a1c
- SHA512
  
  41afdc0fef886ed4b7a72da24d8131e4356d508e02163ca1ab87a526aff84cb8f80c3c6c4b764089c06e8ef3641c1b8dfdd7e63bc50ba32191673efa6b96c11e
- SSDEEP
  
  12288:/4nM/w20p9kBu7Ychzg04nm5MoHKxJJL8zKH9rM1CKu77+VJtNWTiU70YXi/P79y:l/eZr4m5MoHK7NF7CJt08H4
Score

1^/10
behavioral7 behavioral8
- Target
  
  WINPG_V4_279/RunCmdMode.bat
- Size
  
  73B
- MD5
  
  df05447cdaf1623bbf726777407bb61f
- SHA1
  
  9499f5441fd1c8d0f9d47ff1a974b28072209ded
- SHA256
  
  61b70fd0b0d61e91f106c54141f0feed294d541ffa2cdc2d5a80b704af63da92
- SHA512
  
  d95793e70e4218724765ed1eababb432461e25ef267928b2d4bbced6f8d33cd51ef3b43c641216a750ddc7306c82a668a13d7d5a1ec92192d5868a4b6434ff81
Score

1^/10
behavioral10 behavioral9
- Target
  
  WINPG_V4_279/WINPG32.BAT
- Size
  
  423B
- MD5
  
  cbf394ff14a9f4e6dc0b2039caf5e79c
- SHA1
  
  7218848b9fe9bb1a97290fcf957cc346b3a464bf
- SHA256
  
  81cfd6bc9b3967b20a364dbc92df9aa9d256bdae0962279b7f3c561e9464138f
- SHA512
  
  277f79d4c5f529258fda7cb881850de3887e79b6cc359d7b2cb93e221b9b8ff0de422ce4b087268a1c94380afbfc87e21f253eb423e473160ea8398d3c4a6995
Score

1^/10
behavioral11 behavioral12
- Target
  
  WINPG_V4_279/WINPG32_DBG.BAT
- Size
  
  583B
- MD5
  
  d33e91c2b096699ff2cf20ae35f2d441
- SHA1
  
  93f9e0162e10f411b548fb898c52149265f94a7b
- SHA256
  
  784760b7a09a1aacd36180d0f5e7081a9b53e59a49a70de3d7a2b8fbff25c69e
- SHA512
  
  bc38562af5c39d9307c735f674fb86d4ca23304e985ddd7a5621a282177b6fc3435e4973f9f2f187cfea4a5184151851518dca6c10efdf6408e90600b37cdf6b
Score

1^/10
behavioral13 behavioral14
- Target
  
  WINPG_V4_279/WINPG32_IOCTL.BAT
- Size
  
  210B
- MD5
  
  bfcac971b7f83cb76862b2589d5ef79f
- SHA1
  
  783815a96b5bf2287aea273b9fe98b18e15b30f0
- SHA256
  
  a182f9643120fc05aaa4e896b823b55889c55fbf9b459850ae8e90a207d3c5cb
- SHA512
  
  9108a7898e364249541db29faa7f0db52c71c233b429cfac570565788631cdb69a71efd031efccb9564be1830e4998bf53428e1d8d7d5d62d4848db01a60d77b
Score

1^/10
behavioral15 behavioral16
- Target
  
  WINPG_V4_279/WINPG64.BAT
- Size
  
  424B
- MD5
  
  c89a69fc7055df40f3d55ca3db031dd5
- SHA1
  
  761011d225a987f0f54cffcc53c24d092cff9483
- SHA256
  
  231b16c7c97f64c6c9a0321212808122f58be90664e02524b48a169942ee04c0
- SHA512
  
  1ba0ed3bde270be7de63410dce24f6ebde9d82c0be551fabcc4c571d2e4925fef54d96266a4f25d3e9c581c63ddf7801ebc70d42d1998d583922afcb445f304a
Score

1^/10
behavioral17 behavioral18
- Target
  
  WINPG_V4_279/WINPG64_DBG.BAT
- Size
  
  583B
- MD5
  
  7baac5294a780de9948bfcebbd8b6506
- SHA1
  
  299ba8389844e1f6fe984f462f5c3e575ea8e3e6
- SHA256
  
  5d20768fba883ad547daec13e7e05d8be0b188c9806f3cf54aa9c460b7caa1eb
- SHA512
  
  10438b0cb9e381d68651bb358a5e521a532aca9411b1be237d843fd7258b2af4d4215a4653a1359c3164e736779817b7ceb0050649d5bbe55653e1b038faf640
Score

1^/10
behavioral19 behavioral20
- Target
  
  WINPG_V4_279/WINPG64_IOCTL.BAT
- Size
  
  209B
- MD5
  
  e2b77b3d63ac91079e74b6952ac04eed
- SHA1
  
  e35f7706efb98582a97c8bcda663f00d8243f5bf
- SHA256
  
  4b0a9a7fa39acc51630239928dd6130ad20287e0597572eaed2f12972f83a6ce
- SHA512
  
  0456f2c1fe2a9c7833e60655d814cab7836640637a14c8d77dd215f5d89c36c69d3ade14895e783785833bcd81605b2c90f705221e05b31e262e83aa594d2c88
Score

1^/10
behavioral21 behavioral22
- Target
  
  WINPG_V4_279/devcon32.exe
- Size
  
  92KB
- MD5
  
  8650a26a9c8210a3166406f2db87b0d4
- SHA1
  
  dc0537ed39865e96e30abc26c439829af6399137
- SHA256
  
  1ce825c05d731deafe2fbd2d4791ca87fdfefdef23eb1ad5fcfb7c7b940074cc
- SHA512
  
  17e285bb47f55baa17bbcac961ac24073d55ddec74ef5006273cf109ee8a30bf03c262bc53f8b008ef26013afbdf0dbe91f815d06453d0290b9dfc818abef5be
- SSDEEP
  
  1536:MqaGxqHg9KLfYHvEaBFiaAc5VmPFMqO7Wsd2o60AUfu:MqaGMg9KLfYHvEmFiaAc+NM3W02
Score

1^/10
behavioral23
- Target
  
  WINPG_V4_279/devcon64.exe
- Size
  
  97KB
- MD5
  
  e0bc467515ec6306f78d26e517291716
- SHA1
  
  dbd27fff7c42e8cb6fbeeedb1d83292b9e8dcb41
- SHA256
  
  35aa07efe5f8c535106419eaea44438260029dee83026cf617afd33f4ebe4afe
- SHA512
  
  fa68c069f90a10fbeac133b2f0a085445e20501270a52e2bc90e6a1b8cff0ab83cde5952f8f55d8537fc8fb405c473eb38e50cce9e18a0ceeebc34b9e8aa6cd2
- SSDEEP
  
  1536:vZBiu1fRlQRDhJ2xSe9EejUFc5VdiPFMqO7W/Q2o6JvUUfr:vrhlQ08wEuAcFiNM3WYar
Score

1^/10
behavioral24
- Target
  
  WINPG_V4_279/rtkio64.sys
- Size
  
  53KB
- MD5
  
  96e10a2904fff9491762a4fb549ad580
- SHA1
  
  02a8b74899591da7b7f49c0450328d39b939d7e4
- SHA256
  
  4ed2d2c1b00e87b926fb58b4ea43d2db35e5912975f4400aa7bd9f8c239d08b7
- SHA512
  
  06f477ddbcac1b1e79f142b4c0476e5c27b2a002b8d84ca098fc2d66df9b6f4ce6fe2e4c1648b061f594ad7c410e6daa37526a84d4f5b379699e8c8a89147ee9
- SSDEEP
  
  1536:raz9Zl4jhovMHMvi78HOXtcrEC4RsbuaUfc:wDk+MsviouRC4a
Score

1^/10
behavioral25 behavioral26
- Target
  
  WINPG_V4_279/rtkio86.sys
- Size
  
  44KB
- MD5
  
  a0484424d6507567f9ae79ad0af44b14
- SHA1
  
  4193f67591849a4a6dbd17879e7d8762ca03d5b4
- SHA256
  
  eaf3ac4c8882979b852b8b73c2018eda3d993403a0a65191359eb0e770656659
- SHA512
  
  1062c0e4c73f2835a83370f8d0b1fd90a5cd683ff74dee0f22317319f2f21586f8619d5019f42d5c8262018287fa382ac0bada0411620c400659f2f059104001
- SSDEEP
  
  768:MY5Vg9EikgTV7feeFSwEGUpp2sbKgZiIjAUf2hz:MUO7GNGccsbecAUf+
Score

1^/10
behavioral27 behavioral28
- Target
  
  WINPG_V4_279/rtkiow10x64.sys
- Size
  
  63KB
- MD5
  
  96a8b535b5e14b582ca5679a3e2a5946
- SHA1
  
  f6b3577ea4b1a5641ae3421151a26268434c3db8
- SHA256
  
  ab8f2217e59319b88080e052782e559a706fa4fb7b8b708f709ff3617124da89
- SHA512
  
  ca8ec4cec41e47560cc4d3b3af7bffa5c27455a1f55cc6ca1f3b1553ceda93b501a62a3f3599db1c88fd20fdeb48630973255ca23129b7036e938c7faaaf0376
- SSDEEP
  
  1536:+OsdGoYvrhm0Kxu4RN496QOxsbXgkUfQOLf:Rm0K321OcoLf
Score

1^/10
behavioral29
- Target
  
  WINPG_V4_279/rtkiow10x86.sys
- Size
  
  54KB
- MD5
  
  0da8baa77abdf52e91d1081fc68b9a30
- SHA1
  
  70ff1933e8526512c5cd75c6adc0076094e7ad21
- SHA256
  
  c7d664d7a2c787bb64973dcb9e845be8fc6a8fd69866dcf8903c5c86c05601fb
- SHA512
  
  ee21dfdbc2b9563644539d08be1d1e777efe33bb2b1c9150bd282b17b1ee2bd2972dc385b921d456acaa8f31ed8837ad6dc214f94baebad7547415ee5e075a78
- SSDEEP
  
  768:4M09x6u41cEykgTihKbdk9d3F/Jlb5rsbKgaiIbbUf2h51p336J:A6fc+KbdAFX5sbribUf4tA
Score

1^/10
behavioral30
- Target
  
  WINPG_V4_279/rtkiow8x64.sys
- Size
  
  54KB
- MD5
  
  480f2ca1679056019dbc8abece3fa3cb
- SHA1
  
  98ceed786f79288becc08c3b82c57e8d4bfa1bca
- SHA256
  
  b205835b818d8a50903cf76936fcf8160060762725bd74a523320cfbd091c038
- SHA512
  
  4dd77a852e69d9e0535161dc141cd4465671bdcaeb9a829a99a7d4acfd5455a936182ee439ec6c2e9e4e547d0347cc7755fd1f5a6fbac4decc79eba205324479
- SSDEEP
  
  768:8Os8DIrTDBu/g9eQfS29z59cTVoujeA4cTk7raUOs1ua58oN+wdyRn0sbKguiIVH:814/oTftz59ciDReUKNoN5gZ0sbvoUfw
Score

1^/10
behavioral31
- Target
  
  WINPG_V4_279/rtkiow8x86.sys
- Size
  
  45KB
- MD5
  
  67055cbf66806eb7f2697ecb1cdc49dd
- SHA1
  
  ad6988763c59994a60c6a708f8dfeadb4a0852cb
- SHA256
  
  117390e5e9dadcef282f3f3bce0334e372193f506c27c7ed2864653dfee9f540
- SHA512
  
  ef4a38f5988bea951c4b77542281a1be945b5cc6bf79f89f099946a76451de8bb96efdd621aa28f503f64a5f53f9e93c7c739d24a2ac95ec13403eab827994da
- SSDEEP
  
  768:2Mv+B6aJnDEkgTmhKbdk9d3Ne/JlwwHEsbKgniIZCUf2hW:i6SnBKbdANe8oEsbQiCUfz
Score

1^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32