5a25cec5efa849f8bab0d75de0e860bd576599cf3f3ed89cc6e847e2f19603d3

Sharing

Copy URL

Twitter E-mail

General

Target

13031598881.zip
Size

1.4MB
Sample

231122-nhlvyacf51
MD5

7fe167945a97ce8bb69a4ef69a6b12a1
SHA1

6f3ecf880a7bd3a4358aa0bc4673349b8e77801a
SHA256

5a25cec5efa849f8bab0d75de0e860bd576599cf3f3ed89cc6e847e2f19603d3
SHA512

a97c05bd31d56f14e265dfb49aba3ba8cebd0cb5c0f3fe77b4c9cddfa095e41eabbb75805a120221326b10cc3473fd228a40f1268fdf758ccdd6494957f60f14
SSDEEP

24576:4IUKXzAn58Z8qMYHLMC3oEtRezEOvqPclw3gwr94wEvdM:nBXMnqZR/3hWzp1Cx+v2

Score

4^/10

link pdf

Malware Config

Targets

- Target
  
  15ce1e97b8d8ecf3592358624ba81c29163860390d50bd6196e7f911bcc93902
- Size
  
  1.4MB
- MD5
  
  ad663fb150feb86d45cf0179c7d39e1c
- SHA1
  
  5c135e9a3fdab9f52725a75bcd164b97464a168c
- SHA256
  
  15ce1e97b8d8ecf3592358624ba81c29163860390d50bd6196e7f911bcc93902
- SHA512
  
  a111db543d16fc821dc6b6de6c966f65107f21df5973d8ab061b82c220e6d26aeaf9cb77e9a84a357f8dbc9e0cab00a90a367d21ae52c82521a57f057be0626f
- SSDEEP
  
  24576:jx5Yy5JzBaEfe4P/IRJppjPavqu+eVxgyVAJHaM6uyhAsLFIrs2S/55XKxRTbNi2:F5rBqq/qJfbav7dVAsM6parzS/nXQRTB
Score

1^/10
behavioral1 behavioral2
- Target
  
  Windows-11-v22H2-Security-Baseline/Documentation/Announcement.pdf
- Size
  
  375KB
- MD5
  
  a349bc490ab54bb6e4171571fd4a047a
- SHA1
  
  4a36faed6af94b763e119a1888f438698adab566
- SHA256
  
  cddfbf6ed2ae0b85790dcfa1781a488263c8184007e9b15a2e80462e5212982e
- SHA512
  
  b902e2957dd2439e46895dfd0bee6d763466d0b426d53610423a50f2f50f365465d716531fb7337c08d124b9919538ab555e50af852c0f0b743e025858017962
- SSDEEP
  
  6144:BRDWuczEPgZfIzFOnLaADjZAawyvXd53KS/2GC6DdEaBe1awx1fk7Fk1ry:BRDWuo2gh4FMLvD6awyfd5nX7BEaBeNg
Score

1^/10
behavioral3 behavioral4
- Target
  
  Windows-11-v22H2-Security-Baseline/Documentation/MS Security Baseline Windows 11 v22H2.xlsx
- Size
  
  727KB
- MD5
  
  8a44d70917d59a52902274de8b4d3f8a
- SHA1
  
  0f1b49a48ac052d49f537fb1f0a60648d18142af
- SHA256
  
  8ca7bd1f4fc4bedf7326275aa7218aaffde1595b60c931d864c75110fae089c2
- SHA512
  
  250775bad1a0534437f38734125b468d929a3c7f64d02d2b3bcadee010e8044c1591459effc0ac86d1d8cc102cdc79fd61260871422fa81f1bc8427c9314ac22
- SSDEEP
  
  12288:Bd06eYssEtKrQzalsWCqK2/Rp0JBhRBxcmVX+IsHaceuykPOA0jaM3z1A8fMhKQ:A6efKsXvqKyoBxcmVupHaceuyRAoNzC1
Score

1^/10
behavioral5 behavioral6
- Target
  
  Windows-11-v22H2-Security-Baseline/Documentation/Windows 11 21H2 to 22H2 Deltas.xlsx
- Size
  
  32KB
- MD5
  
  8854c349edf7955eecd5236c5c57b7a6
- SHA1
  
  a8db05fd1006066ce8c2d26521f0273da6bc9b7d
- SHA256
  
  0eee9d1ef2a7cd185f5c393197379dfa2c0363b2ab85e5dce43a977427ee3de7
- SHA512
  
  fb64781d057d4fcbc12e0350bfe9f06da4a13903c3b526a7bded5dcf40423b35d579e06253ff8d3768a93f9339ebf0aca729a00bb31a75f7044c1768ac2a97d9
- SSDEEP
  
  768:Yqqy0aYFYxMN6+3pdLWqxuDbMFHv+WHgCRol6mIJMs:5Z0nFYxA6MpdLVuPMdksol6mK
Score

1^/10
behavioral7 behavioral8
- Target
  
  Windows-11-v22H2-Security-Baseline/GP Reports/MSFT Internet Explorer 11 - Computer.htm
- Size
  
  498KB
- MD5
  
  c6482a2c05c5727d3f3cc3bdcd128565
- SHA1
  
  d182fcdfc464012587feeabcac0e69c94c5f837d
- SHA256
  
  0899a9e9d1e9da153f827dd383d3f7b408d523f4bc323f08967b9d3596cfae56
- SHA512
  
  912c2ec94339b800b2f0d0d0fe366fc76b8c714ca34c9f1d19c64113733a5a24ab180f1b07a28b07c72378dbe503b4a76899e52413ab7c86644731208eb8df7b
- SSDEEP
  
  3072:RG9WH2vQLR4WTmaDktpKAwn/4pVVTeAxRSR1gMWlRa+ixGtU222Q2+u2ryu8bJe+:2V
Score

1^/10
behavioral10 behavioral9
- Target
  
  Windows-11-v22H2-Security-Baseline/GP Reports/MSFT Internet Explorer 11 - User.htm
- Size
  
  142KB
- MD5
  
  8f51e6bbf2f4e90d7908ee8788f687d1
- SHA1
  
  b1a6bf4868a6c199416b232e4dd21e166eb0a24b
- SHA256
  
  4b47083fac3189a35f379ef13c304f1ef156511eecc4e4b2f4f48062ab2db5c1
- SHA512
  
  573f0bb556807208d17c7fb876e7de7653e939a987c6b49591342c9dc2f14fa24b53ef931e0af6c786a4318b65331863d8c16fdb9d008f8d23698963c3f4deeb
- SSDEEP
  
  3072:nG9WH2vQLR4WTmaDktpKAwn/4pVVTeAxRSR1gMWlRa+ixGtU222Q2+u2ryu8bJe6:wJ
Score

1^/10
behavioral11 behavioral12
- Target
  
  Windows-11-v22H2-Security-Baseline/GP Reports/MSFT Windows 11 22H2 - BitLocker.htm
- Size
  
  159KB
- MD5
  
  b59a21583b7d44b7d40c062cf59fc443
- SHA1
  
  5506f25b66b2b5ed5a4dcb01b970a225490c18ee
- SHA256
  
  62031cc47b5266feb7fb773cc5d6ee512c70238d3edb8a33982d3338d699d04e
- SHA512
  
  6b18c11a8d2e0a269c4bb3787c87c7cd8c99ae94d913c98f0d0a9b79e63ee5116a95d2c58aa33484eb3ce163347ddc43232ec6659f8f3c4dc5b95b98d4b6c7fd
- SSDEEP
  
  3072:QG9WH2vQLR4WTmaDktpKAwn/4pVVTeAxRSR1gMWlRa+ixGtU222Q2+u2ryu8bJeL:fM
Score

1^/10
behavioral13 behavioral14
- Target
  
  Windows-11-v22H2-Security-Baseline/GP Reports/MSFT Windows 11 22H2 - Computer.htm
- Size
  
  431KB
- MD5
  
  79465c327e99b3dce08c44279efb730c
- SHA1
  
  526556e7d1ed2f7d14c972b20e32beed1313fb4c
- SHA256
  
  4b9980fa886567335606f5788713b3278710a98c9542feb483cccee40ac0411c
- SHA512
  
  99b0a6f84d9aa86c9b31b8135971d5416a0b182811360bc89984940ba600ba35f67aec3db85ddb2c8e3cf442b519bf91d8e63c6fd1d7ceea33a8e184500823f6
- SSDEEP
  
  3072:0G9WH2vQLR4WTmaDktpKAwn/4pVVTeAxRSR1gMWlRa+ixGtU222Q2+u2ryu8bJew:bORrK
Score

1^/10
behavioral15 behavioral16
- Target
  
  Windows-11-v22H2-Security-Baseline/GPOs/manifest.xml
- Size
  
  4KB
- MD5
  
  d7d9ec9137ab52d58b7688defa3749f6
- SHA1
  
  d93c1c365f8ae7f0b824506f76c544b344c65597
- SHA256
  
  f6aeac12e89546fd02fa522bb5275c442dc1b3f6e99702d2b7df83d598f09022
- SHA512
  
  7ea104ebfe68546f27cd9e92a114b5e3df600f8f1e363c8331b91f24691c9fcc4321ac8900b9626a4f2a01717a1a46017e0c7a17a7a1f3bad836df08672b6463
- SSDEEP
  
  48:CJ+dIfuiPLJdUiY9ydciekdOItigHdLKix8dmS6i99djmCFdxmcH:CJ+d6LdpdTdOadLwd/drdh
Score

1^/10
behavioral17 behavioral18
- Target
  
  Windows-11-v22H2-Security-Baseline/GPOs/{03A608E1-608B-4ECE-A44E-ACE3AF1ECD8B}/Backup.xml
- Size
  
  7KB
- MD5
  
  6a0dbbbed20565436252d62a05e53e7b
- SHA1
  
  752111058eadc978518d217cef0f6af2ac5970c2
- SHA256
  
  a0ab6d8fa6b2dbacb0927018c01f751825a69a02d97d6a07395fdd6cc820039c
- SHA512
  
  460ed4666374e4f6fad2fbf6a41a862c4f3c9b6e2074ebba418f7788e180cda76ba22de835b19f5c69e925a3dac73d765e0aee0c0334009af54524c055833fa7
- SSDEEP
  
  96:YDdrVGW7Xk5X9X8fkNCV4Yj2V4oA/XhWt03zJR/Nl2NUDw1juKycrSc4kFUJLuIh:9SvSQWtKzv1sJng
Score

1^/10
behavioral19 behavioral20
- Target
  
  Windows-11-v22H2-Security-Baseline/GPOs/{03A608E1-608B-4ECE-A44E-ACE3AF1ECD8B}/DomainSysvol/GPO/Machine/comment.cmtx
- Size
  
  547B
- MD5
  
  4144a17526d94ada40e9a422bfa369dc
- SHA1
  
  a10033ecc7322a406bb510ccc1eaf631cf55a613
- SHA256
  
  624d822e257ebc6def32f1efa8d3ac0531b2fd76bbc016190e2f0730d90b405f
- SHA512
  
  669780a56da63dbdec0692fc6cd8410c031128db12ccec851f225ea48de1bc62489dafc4c148dd347c64efb898f200d198ef36e3d9d7a1f6e02327903a6924e5
Score

3^/10
behavioral21 behavioral22
- Target
  
  Windows-11-v22H2-Security-Baseline/GPOs/{03A608E1-608B-4ECE-A44E-ACE3AF1ECD8B}/DomainSysvol/GPO/Machine/microsoft/windows nt/Audit/audit.csv
- Size
  
  2KB
- MD5
  
  f2585ff1e058d80bc4f5907e3984d71c
- SHA1
  
  bb5d45182584c4b55fa68137ed5e5869f563352e
- SHA256
  
  29252c1b507bad5363c730b1a51b4032ec3bde603b3aae8d9425fe3785f44685
- SHA512
  
  a44a9130f9de9850c9f192317da291fbcd5902f47cdb62915a557050e2924b1c6a5540b5ae0b27e12e69a5b06f4dc88d5110cdc23ec92426a92fe3b575738aaf
Score

1^/10
behavioral23 behavioral24
- Target
  
  Windows-11-v22H2-Security-Baseline/GPOs/{03A608E1-608B-4ECE-A44E-ACE3AF1ECD8B}/DomainSysvol/GPO/Machine/microsoft/windows nt/SecEdit/GptTmpl.inf
- Size
  
  7KB
- MD5
  
  0e04e7c1e88c1bb7ea8baeb6877fe835
- SHA1
  
  58cf59d0225f08f23e42394e4601df3b6103e40d
- SHA256
  
  7965a2d21d80ec55d1555b8b64258c45e4b51290ceaa98bc3d8fdab51adc2554
- SHA512
  
  c45617e680ee1ee8a085839875c328b4a9f09a427325d479fd90b9d4961bed83ddd104391a515b851b50d8dc666e56d92601cce396d071b191a3ce90caf59986
- SSDEEP
  
  96:rubC7eww0rmU+lecsUcHcqczlcqcschcoYcofBA6UY6Pci7YDKcLBF:SbnV0rJiXx
Score

1^/10
behavioral25 behavioral26
- Target
  
  Windows-11-v22H2-Security-Baseline/GPOs/{03A608E1-608B-4ECE-A44E-ACE3AF1ECD8B}/DomainSysvol/GPO/Machine/registry.pol
- Size
  
  19KB
- MD5
  
  69749516dfed89c0fa32ef83688e18b0
- SHA1
  
  3a4012a267a11cbacd6c4a682ec003486041532d
- SHA256
  
  d7495dd777d243151a20d40ad48c972012fcd30ceb2e14356d027748dca6402f
- SHA512
  
  fd25eb5205e032f5f0fc31cd53cc3d58a1383e9e4332b8382add9856b4b14b5916b879b20107b47aa1b2d2a7607ea9eb769292f2f01bdc5ba7406d4778b8e5b0
- SSDEEP
  
  384:v8zfRhZ8+nrYOBsIQwcrrX6sHsGDKKA4l7F5FUmptNTvtWcoobOcDvOHuGucizqG:v8zfRhZ8+nrYOBsIQwcrrX6GHDKKA4lj
Score

3^/10
behavioral27 behavioral28
- Target
  
  Windows-11-v22H2-Security-Baseline/GPOs/{03A608E1-608B-4ECE-A44E-ACE3AF1ECD8B}/bkupInfo.xml
- Size
  
  595B
- MD5
  
  9e453a7a432a80198c49c842bf017851
- SHA1
  
  8730c190ec791b2a3ed4cba7ef3a0e9e8c4f2e93
- SHA256
  
  072b8c58904271d3b151ad44c8dac2f728acabb62e217b2f98236a3b9113de97
- SHA512
  
  53c94c58fd03c02bdae0a7f96054936a0d3cdd8d458ba03e0b83385dfeeedefa5296c0f996dccc037eb4f00f41584b5b6fbb3083fdddab52187c83e537063451
Score

1^/10
behavioral29 behavioral30
- Target
  
  Windows-11-v22H2-Security-Baseline/GPOs/{03A608E1-608B-4ECE-A44E-ACE3AF1ECD8B}/gpreport.xml
- Size
  
  283KB
- MD5
  
  aa6e3c50d6b75428f17b4a5a62a269c7
- SHA1
  
  ccf49a4ed74f26c9cdee60d69902383c178d89cd
- SHA256
  
  5d4466908917345bcd761001ce6a343a26e73ab2c03f5face7fe89790c0e44ff
- SHA512
  
  c6b6dc29682cec87a48340ae712e899b013a3500bd1f231f8cf6b7f3c64ec925e02e5cc1c536e083f9b65366b3948c572a21b201784b736af1d429800d1d0d7b
- SSDEEP
  
  1536:LF/vprvloZBZ/ZxZ4ZPZwZaZ8ZnZmZmZVZnZ3Z8ZqZ+ZwZ2ZWZ6ZEUBUsweUaCO9:BvprvrKlW24unbDYgfiXYyzX0wQk
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32