621cbccc9be27cabddca0d39b1ceddec5e7d8cf0762b2a1b683b7c180457b88b

Sharing

Copy URL

Twitter E-mail

General

Target

Monotone-HWID-Spoofer-0.0.1.rar
Size

603KB
Sample

231121-zfvwlshc6w
MD5

bf31e495a23a3b76a30ddb95252c2a7b
SHA1

aa80bc0232d33493ab03e2df86428551f7fc0afd
SHA256

621cbccc9be27cabddca0d39b1ceddec5e7d8cf0762b2a1b683b7c180457b88b
SHA512

cb9f5edacba6556e2c8d8d7f889407ceced5e04f1cac39b79a9b0fa8454aeefacb902eb34358736d3988eac1dd7753d919ff8bc8f3687daf266321c482d5d9df
SSDEEP

12288:fyq6YIwwF6OUcN2cgOqj0NOrf5rOHrdYiYJuBK+S/1qRy/STvR5YgCMdEju:fyqhl9S2cgOqj0NEf5rerdX9K+86L+Ng

Score

10^/10

Malware Config

Targets

- Target
  
  Monotone-HWID-Spoofer-0.0.1/Box.bat
- Size
  
  5KB
- MD5
  
  a95505942d3ebcf724f080b49d4e981f
- SHA1
  
  ed7202c5dd386d050a2a24745399154218569f81
- SHA256
  
  64556d24498bcd280cd7cc248a98ed22c4db921495d825f141af1547c8fdd275
- SHA512
  
  21046716caec7a2b26516ae37f3295445d8c7f1b3502ebcaf41a84469bea1888f0139e813111f1585eff9b27403674e4c61ef4d4a62503f2c1dd820bde8a3476
- SSDEEP
  
  96:0hsAkUFjSl445cLegeOGe1fjlV/SkJwxwotwb7MEussvil2YTUK:nAkQjSl44yveOb/Skxt7WisY4K
Score

1^/10
behavioral1
- Target
  
  Monotone-HWID-Spoofer-0.0.1/Button.bat
- Size
  
  5KB
- MD5
  
  96fefe69f2facf74197a8af3004a6167
- SHA1
  
  80baf02b5d984dd8055ac3a6f42593ad98b78307
- SHA256
  
  38aa0c1ad69d96732c776cbd73275f5ccb881d42158158b32815dad869ef9876
- SHA512
  
  1aa6335a5cc340191613c52fa3e55625ed058abad8bd8d5ed1575bb9cd59b19e1fb3fcf3f5df199ea6f9b9d10bdee45e099c9247457b35ea65c7b1e403f0e888
- SSDEEP
  
  96:X1UCLtcZQBjROHl4EF3r+QOAwD3MMcEzySfuP0wOYwwYW2s:XTeGBlqlXF3yDcMJ2+uP0wuwY7s
Score

1^/10
behavioral2
- Target
  
  Monotone-HWID-Spoofer-0.0.1/Commands/Hidden/Adapters.exe
- Size
  
  335KB
- MD5
  
  934bbc5411c532964f3bbe42cb1c1785
- SHA1
  
  dcddde340e7f080716abaa456971b9aa85bd084b
- SHA256
  
  b3de6d10d9f94037b88f736609e50a8a4c4d516ca50107dedd575797a654c28e
- SHA512
  
  8db126cb8381fe84afe25b25e854eb8de25e43f2638e0d87740ce3fe33338b032b09d9551655afedecfe39cb7482f88e72ccdb28afb59684474084a28da71cb2
- SSDEEP
  
  6144:QlGlXIiIGWbsTXO/P/bbUmmUhquD2S6FEJQzZnCvTkJCps9Q18RQj7dVJTrQkEj2:QlGlXIiIGWbsTXO/P/3mUhquD2S6DzZl
Score

1^/10
behavioral3
- Target
  
  Monotone-HWID-Spoofer-0.0.1/Commands/Hidden/Adapters2.exe
- Size
  
  341KB
- MD5
  
  bb36d4578ce201dc932ab6bbc079875c
- SHA1
  
  f614f8211bba9d578eb19e7d96a0314b5a51e662
- SHA256
  
  4c831252aa6f193c4474ba74f352bee7d00099dfaf5ac6e98ab1253e21999b4a
- SHA512
  
  ea66cffc96403f69f1b1a3e4f7b0c2fb5045655e2f10772f4d0e5dc9d0243e99c972ae9247c597de680ed7886896a335bc82dde8b162515f15ba368ff25fdebe
- SSDEEP
  
  6144:zlxFkdqBBydxtri9gvdRWKPmawYItN6atI/cFVygZnCv6hqGPs7fYv8dMQZgxiQT:zlxFkdqBBydxtri9gvdRWKPmawYItwax
Score

1^/10
behavioral4
- Target
  
  Monotone-HWID-Spoofer-0.0.1/Commands/Hidden/AlternateStreamView.exe
- Size
  
  109KB
- MD5
  
  caede4f12ac17f3e0ad8e3c923fd510a
- SHA1
  
  107616433f973110664ceda2ca64c21fb7a92825
- SHA256
  
  669ce40107a2e05fc93dd37df55c77eb155705b449b2e236423e8bb96b9985f0
- SHA512
  
  69898a4d39ba4415da8c8e5eb8a1a012d4db87f24e61f63a50b3af07e65d2aed6cc4b24ed315e5a20dea91fa1903fac92a5eefbbff8b8cb90c7259413cd93162
- SSDEEP
  
  3072:6SuY8BQkSJllKctuKvF2CIlMd1krc1uRCiOoCW7ZlFzG:E0wY25facROh
Score

3^/10
behavioral5
- Target
  
  Monotone-HWID-Spoofer-0.0.1/Commands/Hidden/Block.exe
- Size
  
  119KB
- MD5
  
  5782b8d469bbc9045ebd2316c2aefbd5
- SHA1
  
  f679adea19ac0e88a50cfefb88825a086102f77d
- SHA256
  
  dfd08e1d7a34bae6836b3915b45b8637b85cdc998198c5bf148fba5e96f15c21
- SHA512
  
  e57ed92d3c916b89e5f830fb52a63b330e404ea91a7cc0e0b0e8cfb03f9bea7252f1fa8fcf3950ae2bd404dcd189eeac27bcdc1cf529acd8ebde0bc5f457d023
- SSDEEP
  
  3072:u2sMWkzbJh1qZ9QW69hd1MMdxPe9N9uA0hu9TBfcXnI:PbJhs7QW69hd1MMdxPe9N9uA0hu9TBKI
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral6
- Target
  
  Monotone-HWID-Spoofer-0.0.1/Commands/Hidden/UnbanComplete.vbs
- Size
  
  49B
- MD5
  
  4edf8ecaf575c93e307bdce09aa46e8c
- SHA1
  
  76c189b32fd69a3694e1dd14776cee1c1cc6c483
- SHA256
  
  537f70f7b018610dfedd4bcecf041d845eab0c673e129185c2345eb68a95fe77
- SHA512
  
  ce5921344aadcc9fce5141d416ca92e5772c1c37a0e8724c09c6c2ac579528a21e5fc8659c91db68810763b403fd9760d75102f6c22db84f8f5fe13fefaf6f1a
Score

1^/10
behavioral7
- Target
  
  Monotone-HWID-Spoofer-0.0.1/Commands/Hidden/process.bat
- Size
  
  1001B
- MD5
  
  2d3f9b2d001abd6e58ac6f0e7337c619
- SHA1
  
  7053a604a394f479b643783098adb056d69a404b
- SHA256
  
  ef702ce2f8fb1bc71fb60e8b95cb83cef4fa66aa96afd7ca4fd67c96530b6e53
- SHA512
  
  60d4a7e203e37194f4a78f1c581728197b3cd6581d70e185ba6d0d8206aca3a732319b28fef776028015615ebc0ab164a9c935081cd2496b866c63ad6358fccf
Score

1^/10
behavioral8
- Target
  
  Monotone-HWID-Spoofer-0.0.1/Commands/Hidden/spoofer.sys
- Size
  
  6KB
- MD5
  
  96756deaff1b2667883d4a21e43f4f65
- SHA1
  
  bce3d6fb9eec3f2d2695d96e61442a58039d594a
- SHA256
  
  1992c044963f5c77aa7b5462e2bb69a37c66bc0e13032524fb1663c0314fd420
- SHA512
  
  b6f472c8296bbef5da4baf638e98c2e0c42ba3fa783c69a6c0cc1e2f92f4c365d6d1c0bcf26e1644bacd4a001fd97c19b5fe2b616ba3c0982fc7edefcb59ef7f
- SSDEEP
  
  96:eA/w8VE6wC4NrkXyhWZ2JMQ4LI5aUZ1ZM2a3:v/f/skjZAMTOA2a3
Score

1^/10
behavioral9
- Target
  
  Monotone-HWID-Spoofer-0.0.1/GetInput.exe
- Size
  
  3KB
- MD5
  
  2ba62ae6f88b11d0e262af35d8db8ca9
- SHA1
  
  69d4ccb476cfebdf572134fead42a12750580e4b
- SHA256
  
  3f5c64717a0092ae214154a730e96e2e56921be2e3f1121a3e98b1ba84627665
- SHA512
  
  a984212245e401b68872623437a512898a00d71cca7d7b0aa6733663020cae92d50ce1ae3abafbd811542a77e72c8b6a5755492c07d6ddeb2642d908142c2ccb
Score

1^/10
behavioral10
- Target
  
  Monotone-HWID-Spoofer-0.0.1/Getlen.bat
- Size
  
  1KB
- MD5
  
  8c1812e76ba7bf09cb87384089a0ab7f
- SHA1
  
  d3edf2ba081073139960a955e812e6bb7f63817b
- SHA256
  
  83ce5342710a2f2e385a363402661e3426728dd6bcfe9d87e22f2fb858b07bde
- SHA512
  
  618abe11f65fe95cdc1f1834bf24ddbbea789c971788af7d2248b880e53d11a3c4302bd8e3c3c36b934f5f7d975d1b142fae8fd23c9ed6cfa118c97e01f6fd14
Score

1^/10
behavioral11
- Target
  
  Monotone-HWID-Spoofer-0.0.1/Monotone.exe
- Size
  
  160KB
- MD5
  
  cd6cddac2686df01814705f21e6da343
- SHA1
  
  f29ad4efdc160ffba5cb63e01349ec9b84123e30
- SHA256
  
  0f7f86530b7fa2e693a2a3a5bf69957e61c2f45d39418d077285a1ea6f4bb992
- SHA512
  
  a673d521f316d3e0fa87a99effa33c5dc4fde315e72b7f6cbb828a94ffe8ebeed4bf9ca6fe858b3c69327aa4ce05ae02b37e2a392abb7cc728c4bbe2ab9a6de4
- SSDEEP
  
  3072:yuo1MlSEqhqJhJy0WTHW69B9VjMdxPedN9ug0/9TBfsdZK0:y5oaqJhJMHW69B9VjMdxPedN9ug0/9Tk
Score

1^/10
behavioral12
- Target
  
  Monotone-HWID-Spoofer-0.0.1/Volumeid64.exe
- Size
  
  165KB
- MD5
  
  81a45f1a91448313b76d2e6d5308aa7a
- SHA1
  
  0d615343d5de03da03bce52e11b233093b404083
- SHA256
  
  fb0d02ea26bb1e5df5a07147931caf1ae3d7d1d9b4d83f168b678e7f3a1c0ecd
- SHA512
  
  675662f84dfcbf33311f5830db70bff50b6e8a34a4a926de6369c446ea2b1cf8a63e9c94e5a5c2e1d226248f0361a1698448f82118ac4de5a92b64d8fdf8815d
- SSDEEP
  
  3072:PngbfXWm18pX82lOl7NuT7DLM5Weo5UFs5QM8JwDmtFk1glurXEa:/gbfXWVoRNuT7DkbFsKM1glI
Score

1^/10
behavioral13
- Target
  
  Monotone-HWID-Spoofer-0.0.1/batbox.exe
- Size
  
  1KB
- MD5
  
  cb4a44baa20ad26bf74615a7fc515a84
- SHA1
  
  2581868c3d560e2b200d4f21d83271430167b377
- SHA256
  
  9553bc17fa0fd08e026c1865812b3388e3d5495a5394bbf671e5a8f21c79989a
- SHA512
  
  d19e6d0ccd89e52efdd2363185564cf83fcf3a37b55659dd1fd8b6574cf45b6147989b2c7b1e8029ce8136aa7ff74900494c1a30bbb65b96d9880ab7f77b6140
Score

1^/10
behavioral14
- Target
  
  Monotone-HWID-Spoofer-0.0.1/colorecho-vc10-x86_64.exe
- Size
  
  129KB
- MD5
  
  e2f377052409beeebf852803734e007a
- SHA1
  
  4d5e977acc59912bd451edae77ad58d977ed086b
- SHA256
  
  76fe5f9cef2c3a5c4f765d4c45167f4cf26cc6d469031f0d195d96724e9d82a8
- SHA512
  
  d88d3319a32ec3a8475fae03c74b1a5d7d8e92f3f5ffa1bc3326779d7d39e0bd18928a511be1ac965fb1c2e2da1cf0935fea38bbf847f54033887c62b6c842d7
- SSDEEP
  
  3072:tJ45PBQ7m0bOfTbaeFCF5DCqzDlKOOXiX1w/A:n4pAmlTWPFhCg01iX
Score

1^/10
behavioral15
- Target
  
  Monotone-HWID-Spoofer-0.0.1/hwid.ps1
- Size
  
  3KB
- MD5
  
  05673d49cc5f31e3d4812b7cb7419641
- SHA1
  
  07b3b298b067439da6e6ae37e51bb1701c33165a
- SHA256
  
  c7c54526b07f457e58d423ab22d61a0efd78ad112be2ef0a1efe6c25013df185
- SHA512
  
  5f5f380a3cad0cf1aa95244d6b1fca4ccdd10c8c882e045405d5600f242b8ed3306f485a3396db9c362f345b79b03d2db79aad7a1d92f09167beea0acf524d32
Score

1^/10
behavioral16

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Process Discovery

T1057

Query Registry

T1012

Remote System Discovery

T1018

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16