Overview

overview

7

Static

static

7

extensions...rol.js

windows7-x64

1

extensions...rol.js

windows10-2004-x64

1

ac'tivAid.exe

windows7-x64

7

ac'tivAid.exe

windows10-2004-x64

7

extensions...ew.exe

windows7-x64

7

extensions...ew.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    99f7d0a7921458577c7b6aeea4d35ac13651dd11793d22879a653bba032a325e.zip.zip

  • Size

    947KB

  • Sample

    231107-rzedzaaa2x

  • MD5

    36f9bb1fc11c0ba1bd99957623743428

  • SHA1

    95bedc1392fa5173737bc12c0f46c7b59c6c22c9

  • SHA256

    f99a6e138372b0ef8876506751656477627a0376e951d3414e0603e973aee39e

  • SHA512

    460bedb2bc89d648d0a2e55e09e90ef15ed7e6e06e303f93df387a4a2d0a4ac0883ef1c56b87c9f751b599bdba058eeeee8c203ea4208dc06498b3d4b93ca53c

  • SSDEEP

    12288:aOCr59Vv6bGxbvcEtwUnZ2uTebpaDbfVawFyPOKxaWayowXaseMkctVlUW2TQL4H:4rHLKFuTecDTSxafR2alTQLf8

Score
7/10
discoveryupx

Malware Config

Targets

    • Target

      extensions/ac'tivAid_MusicControl.ahk

    • Size

      18KB

    • MD5

      3377ceee60ec2b34b4da01f3bb526984

    • SHA1

      b7dfdcb5f87ff9920c854e4eb4947a812f1a5c86

    • SHA256

      ad80bef45007ce63963e6c0aa387b2dd388cb801122d14a3e4eafa726c67854e

    • SHA512

      3eb25025e210d1a08f87d236f7645c9aafb2c3ce1a61c665be68417b5ee111c9292c4100dcf73797a86364b291dca470acc95bd7cf97e21ef15e55128faf1ab5

    • SSDEEP

      192:yGeo/mJJAkWMYhCZNFsV8OjckUxagsnXRDt0oWWI0O6dSGi1kK/rV7jHn1H777VU:Teo+SMkC6hqXJbVLHS4nUSowOvxRJPj

    Score
    1/10
    behavioral1behavioral2

    • Target

      ac'tivAid.exe

    • Size

      527KB

    • MD5

      c0b86d36956623a2eb81445e5d40eba2

    • SHA1

      191633a5e806da02fe0cc814c3d5896cc793b5bb

    • SHA256

      c364830f3c5f8d3a86d3c1fd70b24035d1e9dfb58ae8f8c4a587b606173a5fa3

    • SHA512

      c33e03ccb99ca6f7341becff4581952dbbe435cf4468dddac213f4b2a9003dbe907025e4c4d163c6ca5b357e881236d7d7598b3f10438b3ab75e35a47046bd5c

    • SSDEEP

      12288:RFVM4HyE7rN9bmGQ5RxlcXLwc4GQW3DfCsRog/o3HCSMkkEqmxr5:1M32RkRQwjGQiogQ3H7IEHxr5

    Score
    7/10
    discoveryupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral3behavioral4

    • Target

      extensions/UserHotkeys-scripts/320MPH New.exe

    • Size

      192KB

    • MD5

      b8f89db27c67959ca66d0d9a9e7da21a

    • SHA1

      1d743dee0694f7a62bd1580a812649e0aa60f88a

    • SHA256

      5bf47aaa56f982f343c94689cf29d677f4bca6cb0d530a14115b21c71363a5f1

    • SHA512

      10df4420d7f9be30afacff2fc8c87b527c0b6e16d34db250a185a5e3489bcfc473f3aabc46a7f970c233e45343d9f54560efaf83a4862d0e6245bcba9d3995d6

    • SSDEEP

      3072:r9UZ01z5thDb844ZbevDjz7C2fklojxrQ7En2YpLJSGVRNywmWj5FsO+IzxqcF:R8sVM44E77l4EuU2YpLMGVZmGs9Izr

    Score
    7/10
    upx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks