468d99ebb7dc2e10bfec80b8636513e8e3513c235e8810b1e6b810369b08893b

Sharing

Copy URL

Twitter E-mail

General

Target

da434f7a169ed07c805c43514544d233d182ec856fc9e65bc3617b837feb521c.zip.zip
Size

26.3MB
Sample

231107-regnlahg47
MD5

a87fe1f59af8fc2eca0c8383011b088c
SHA1

f23e4a473164d9d43b3e89c0a675d5539eff8636
SHA256

468d99ebb7dc2e10bfec80b8636513e8e3513c235e8810b1e6b810369b08893b
SHA512

411fb5f93b16b654ab5154f782b4c8fe8d01c3dd54819e31e9945c465621f9a258e1e00ce0f52dd6992c44eab4945216c49044abebc6a71ab9086ccf18209773
SSDEEP

786432:RSZvU+jkhLIeOLsZaJsNyG2CBlIWlRdZFmslm:RSZvUIkIeOcaJEj2sH/m

Score

5^/10

Malware Config

Targets

- Target
  
  reactos/bin/binpatch.exe
- Size
  
  40KB
- MD5
  
  b25e4672fb6c56189e88975667ded26a
- SHA1
  
  7467e1f11f64161bb7089780de49f498e2bc5ea7
- SHA256
  
  83a6585f9b2af9e4fa0379505aeab59c6c4e5a9332415847cbee36a732b04424
- SHA512
  
  98580604305554940f300a5bd193169b1e89e01c6cd99fbeeca6e3aefc45cb6fa88d1fa00e4628406a49c8a7758964fcac7ecb1ca4cfaedf0423516ff46251b8
- SSDEEP
  
  384:pssExgvlNylx9BHzfeqGeJmr8c4YeR3Wfqz5J75:q3+lNcZzZGgGdeR3K
Score

1^/10
behavioral1 behavioral2
- Target
  
  reactos/bin/cat.exe
- Size
  
  28KB
- MD5
  
  623a0e0afc1dcb1fa6916b3065634ce1
- SHA1
  
  3b957bcc075745bf5a38cb1ca03f87c6096010d7
- SHA256
  
  bde2b154920e1227e597a11bcb1942b625e8f44cab8e35e99a9a24274bef25ef
- SHA512
  
  eb84b10f3bd6baf747074bcd5bcdbc51aa2bebb7b0654d2d709ea176b4108074206974af20eed237d0d17f84d85ba65d9ae42d61ddfbeacc1a901af4b5184535
- SSDEEP
  
  192:BIMiFo0WhHgOtoaBnNKqX+No/E4o6b8QphAEXGW10:NilWptoaBnNKqX+No/E4o69AYGw
Score

1^/10
behavioral3 behavioral4
- Target
  
  reactos/bin/infinst.exe
- Size
  
  28KB
- MD5
  
  424423c18dee601a973c8466330eee86
- SHA1
  
  9493f5ee04880885073443a4c84c4450d4a4541a
- SHA256
  
  3ea1f661b4f7bcbd5e4496f208ee2828c86c99adf83aacdfc2e06550f0c21c5d
- SHA512
  
  50bf1bec2acedab10c51786377624697a81c5b74ab3bccb094b43eb66d436d86066250838994aff3f5fe6d992432f85b343fae8580ac90bc91f057c03533b400
- SSDEEP
  
  96:VUY+JoggjHTVDtDOFGfnSRQwRRKEBfl0UPAZ7KUplVc/5eHEw8ZAM2gtEDCed10k:sfMH3OFGvSRQ6waAMHtEmed10k
Score

3^/10
behavioral5 behavioral6
- Target
  
  reactos/bin/load.exe
- Size
  
  24KB
- MD5
  
  3d47b185f0d7b1ded0d38dfd909a74c7
- SHA1
  
  8ee3c3c80d9bbd446119d0e86ed57628911d7fd8
- SHA256
  
  c80dc9dc442b9d401376f782aa3ebb83fd939b0ab952fd20a0f34bb008b6d224
- SHA512
  
  c19bf18d0431c67d65623ac2a03633c9397385225ed48fec7814587187c174b2c76c3fd56b0daa171b895dc605535babac1635b7e41c7bd70110184b3eb7a92f
- SSDEEP
  
  96:ypzfwJg+9UcgFhLFl157KNT5JsiCtvnztzKE8PZdo3Ti9ZYCAOewTOhSCV5LFkC:uUJUHFl1lVicu3YCAOe2InV5LFp
Score

1^/10
behavioral7 behavioral8
- Target
  
  reactos/bin/nts2w32err.exe
- Size
  
  24KB
- MD5
  
  5949e5f4f6c82f6825f9f64b062a7feb
- SHA1
  
  5101254ebf3619f88ee41d6e3c67a6e53070014e
- SHA256
  
  5921c7e3a3635395c646c3bf9ca98276029db1f2dae2d8e0d79100b49915a498
- SHA512
  
  9b59de986116320f963720436bd2ca3dfd182a42837c056d9c8978cb6bba3568f5881d2998b20ab12965c6cb1b6b0a13ba5bac0cd8de824645fc9dce491ef458
- SSDEEP
  
  192:01bM1WFGCGsWWJ29xkQHjT2QM52Ea5Vv10j:0SMB752j/42jDt
Score

1^/10
behavioral10 behavioral9
- Target
  
  reactos/bin/objdir.exe
- Size
  
  28KB
- MD5
  
  d01cf4714133f2829232f2b7e15a65fb
- SHA1
  
  9db712a94b43c436ce2aa9602a119d4d0dfbde3c
- SHA256
  
  9316d9684a4523fcfce9b3ae6684c1d0476f4b783b6750792287efaea429202d
- SHA512
  
  fdc9a05d0083be10ffb122cf0f90e5c5f4beb728cac8f12ba7672db0d8607e1bef379a527d626f62efef7233e9036680dc10b542799044122488db04b3474d29
- SSDEEP
  
  192:6fDIUro1YnzwZu/GDA+9FGwK6uba4BaWMJM6CgbMg7e9jEMGKNiVfEv83e0Dp:A55zwPA+9tK6ub5BaWMHoCeXNiVfUQN
Score

1^/10
behavioral11 behavioral12
- Target
  
  reactos/bin/partinfo.exe
- Size
  
  28KB
- MD5
  
  d7a242d9c4267252e51ff4b9d3c13cc6
- SHA1
  
  4cccddd33be12b8c0aec24b941b9c8db0aae36cd
- SHA256
  
  f97f0134f5a58a981f995fa79bef0c0641aac43c8f35adf594866f171da5a940
- SHA512
  
  68c68aa37ac57f9d91b322df95a416add25d8fab3ae18783223fc8339e5811d160a25cd8f1b371a32d6e71f4196b2293df000cea484c82f9b0a38a642a28295d
- SSDEEP
  
  192:XMUBhpMPJ9qdEW54MPgCkd4oH37c7ExKbK1Fg:cUBhuJ9qdEW6MPTkHQ7sgs
Score

1^/10
behavioral13 behavioral14
- Target
  
  reactos/bin/ps.exe
- Size
  
  28KB
- MD5
  
  3489d26c86a3c2c9a41b225d81a8fb69
- SHA1
  
  78156be5e94cbe81311ccb8f77acdf4c184274e1
- SHA256
  
  63aff64dd4c437e75542adccb02bc7c673dbb374e7cd75ea78d9b23335d54911
- SHA512
  
  2cbf034e21a4aea41621393f4b30e415318da99a5a184a409bd1e9a8b2eddea74985d068c37e46bc2be879f7332e9c5ad4a9e7640bc4c0e71a85ab2e4f9c6c7a
- SSDEEP
  
  192:uXDqF4RbxbZor+LnMYRdLTX/dgkeJaCIYva4nU0p1NYwUl4uEoTV4c0ls2:KDqFwbxVsHYRRTPgvvnUO1Ju4uHH
Score

3^/10
behavioral15 behavioral16
- Target
  
  reactos/bin/stats.exe
- Size
  
  28KB
- MD5
  
  17b519301eabb1ab526e35a7df6fa6cf
- SHA1
  
  8d05fd88fb9e7085e7a783be3b95b17bb1425621
- SHA256
  
  0d4d16064400229b5bb3db169aa4d9015e39285a99099e8bb96a283f5f63634c
- SHA512
  
  8a753232eddff88b25b0b58e67b36cb57b4bb97125b1ea7335617b4936713755c0567e1ea522f191ca1808bfe084d449caebc3ecdd9199eea98a711d3e92051e
- SSDEEP
  
  384:qxZKu7/c3gU8fa5JQDYzj2cm4BOKiVufg:aZ5/c3vBOKMu
Score

1^/10
behavioral17 behavioral18
- Target
  
  reactos/bin/tickcount.exe
- Size
  
  28KB
- MD5
  
  cbbe61423852d702d4b37d8af933ec30
- SHA1
  
  7577c9e288b66491de4852ddfcbbf63e4809820c
- SHA256
  
  50fca77158b978e3cf18ea940e50c24771a5abac850cc73c5a198c43b6319fb4
- SHA512
  
  1f775e69479e8485557fdfb461f0831079fac764662675609e2495c55f987942ac3cbff9c23e59ea7febecbd75a19840231544f83027a78b94103454e12ebf0e
- SSDEEP
  
  192:mTocJtyahX1rmTF1X5j/6TNFZt4d/ROJGQzA3tY5VJf0p:mTvtv7ST3d/63ZKd/aY36D1
Score

1^/10
behavioral19 behavioral20
- Target
  
  reactos/bin/unload.exe
- Size
  
  24KB
- MD5
  
  4c21bca9d670d660804485fd0712b073
- SHA1
  
  01b4ab567008c1d1dd0699bbd19fd4f4bead7c5f
- SHA256
  
  9b48c972740f8f8c078cf72f71e6e84955cbf85d9189900c248d07a6d5665930
- SHA512
  
  942e38523a1342355081b682faeae131fceb423dd7c899873bab478540409b5b263416b790c294787682fee2941c30ffc58b8f74d1ba9cd1db83d491abe7836e
- SSDEEP
  
  96:yVzrwJg+9A4pc5rrFl1xV32lTqtaZ7slg9ZZCAOewTOhSCVULFSC:CwJEFl1xVGdqtaBsO3ZCAOe2InVULFn
Score

1^/10
behavioral21 behavioral22
- Target
  
  reactos/dialog.exe
- Size
  
  32KB
- MD5
  
  8c08576f099074ceb25c07f03d9d7b9e
- SHA1
  
  17814b830cf8689b08f0f789938ed371745d3bbb
- SHA256
  
  35e2731ca7e613f6dfe71634bf354c29accb3462213b80d2afc5ff6e2d6bc3ba
- SHA512
  
  2280591a3a22d320cb62bf7e5a89622f2a8c47861fb074e01d7b3b9ca231b9d66d6d076b533b14f0e2f9f43aded7289bac949032f153891fc4489e5dcc315435
- SSDEEP
  
  192:Fu7WCnHucvRJUqRo9TgmqXz0vDJp1IcYVJZUQTecPtJh8w1mnT:FuSCnvzFRo9TCXz0LJp1565tAu
Score

1^/10
behavioral23 behavioral24
- Target
  
  reactos/explorer.exe
- Size
  
  3.3MB
- MD5
  
  31922f2a9f442d71786e1943e1a01ffa
- SHA1
  
  2f1dc2e7d50c72b9f5cf1b12a83b02470c25bdaf
- SHA256
  
  2d967d25af938811261444dfc1d9244526fc6afcbb939c79bbd3cf0002102965
- SHA512
  
  299644ce72ee12080d10662e97b6d6dd82cc445dd0b8096da6c1603a87be2c6338569378344655c60d4ba5978dfb7496e1f21d8bc679d7850e56040b25454a7d
- SSDEEP
  
  49152:tdMO+KNHZoUtj20f366e7AaGMXGgIR2tEbvwTyC0zsY:bh+KN5xtff3VekaGM
Score

1^/10
behavioral25 behavioral26
- Target
  
  reactos/explorer_new.exe
- Size
  
  200KB
- MD5
  
  cd18e07e6ac8c759c4b29e9d1ad7ffcc
- SHA1
  
  d752ee62846892f1817020e33b1357249464015b
- SHA256
  
  36a67427d6791d309b92333c5e43cac5b7905fce05a6c300553c2f439df07649
- SHA512
  
  62c0974aef9251deb746e0018cce9b116907ce83bc220048bda51de6ec0f309bd9f6ab102b3f3becaab5a1559b5beba01c0323020b688da4165f510b83adba6c
- SSDEEP
  
  3072:HOKQyIb2lPXWoxi2sxiYdNO8T9JGGX8GOw1GF:8Db2oVi888pB5O3
Score

1^/10
behavioral27 behavioral28
- Target
  
  reactos/regedit.exe
- Size
  
  480KB
- MD5
  
  3ba21c14984b377b443885c8acf189ad
- SHA1
  
  0be125bed06b13a3c68a16a9c94d584fef001519
- SHA256
  
  3a9de4c088bc5bfc95db66dc282a5a585ad407dfcd9fbfc45feb47485ba2b858
- SHA512
  
  6a06ed2c9dd1fd91a1552b0953569a3cf83ff25fd5f4fceb0fcd268bb85cc6380e6108c1e4f58793a58e594062cfaab47b6cd43779735ca451b9a67c3b58ffde
- SSDEEP
  
  6144:qJyqBYlbzRHFPI7Q40bF5ys2Yh1HPGDPQTvsGkjPy5:qJyq6zRC02s2YhNuGGm
Score

1^/10
behavioral29 behavioral30
- Target
  
  reactos/syscalldump.exe
- Size
  
  28KB
- MD5
  
  ea6308555ec5a3fdf4b5dfd9c754b726
- SHA1
  
  ac5e2245f6c8b88e52585d69498bf41aeb99d7d1
- SHA256
  
  f5f558d8fbb14d8b56d5ca5cda800a7c17a14051ecb961064a259f8942b3a0ae
- SHA512
  
  71047f8b26c2ba9dc351f4cbabb393d8da78e0149df84712a20c8a8746352d9ab16db6c9824ab12f7154bfc6c139a784d94aa5896ae6e3c39e38fbd4bb5524d8
- SSDEEP
  
  192:RtkYPsglwnMn5Bsbl6CVt0sY8iHdgf7p/77IbOZV754Hm79GT:RHPsawMnfsb1VqsiKpgI75umpo
Score

5^/10
- Drops file in System32 directory
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32