6650dcf52e02ab0459c72bf9bdbdeaa1c3748be49c4a45d04ebb18fae16baa01

Sharing

Copy URL Twitter E-mail

General

Target

6650dcf52e02ab0459c72bf9bdbdeaa1c3748be49c4a45d04ebb18fae16baa01
Size

2.6MB
Sample

231125-hryyzahh3s
MD5

2d168f274247d3cdcad1d37c60adb148
SHA1

c2737be728a97534766f90c9112e75f3215f9f5d
SHA256

6650dcf52e02ab0459c72bf9bdbdeaa1c3748be49c4a45d04ebb18fae16baa01
SHA512

9a19d052b80faa7b2cc667bb4febcabfaf432a184b661b1c6808b4f5b01679a2c41b84698ac70e65962332ba9dc5e8c56b96826eeb0d7fafa3be94bdf1e45735
SSDEEP

49152:8ZFUUsq9nAIBril6td4heqmPu1XPGEHDnLnfpvljXnv6bhYa+f6JxmLPcq5A8:8Wq9AIBriIehZmPyPGyDnFvljnv6bQfd

Score

3^/10

Malware Config

Targets

- Target
  
  All-In-One-Version/MAS_1.5_AIO_CRC32_21D20776.cmd
- Size
  
  1.7MB
- MD5
  
  a0f1c3aa3cd2380b669f77f3b8bac024
- SHA1
  
  4d11828cac7728e25f6e2d1e76553d779d4a33ff
- SHA256
  
  0271e8f4113a31d688668d0e3bc7d06c525cf082930a8930273d5d9a69ce981d
- SHA512
  
  5a61b2aa6ffcb551760dec584bbe5261449200c2d0f34389af7879fe8f9dd6ab7bbfac3a7ea902e5231c9747ceb29118e02cd49ed535e634b7d79d3368fbc556
- SSDEEP
  
  24576:xI3OiPLyZpRvavXZGkRaOGTOzdutMO+pixuOSOihJv0bXuFH9:SNj6qbGTOXqSfLvH9
Score

1^/10
behavioral1 behavioral2
- Target
  
  ReadMe.html
- Size
  
  114B
- MD5
  
  6fa803d9cc35078c7b4785283a99afc4
- SHA1
  
  236916e59019d183a55ace4f892016d5cd2194bd
- SHA256
  
  ec9707d487f8a8c7ebbd5d237c492176462d6a11df1fc8fd9e56824fd3183761
- SHA512
  
  956a83e147195d46ed79ecf5d945ecddbe106e59fc5bb75a25104adbadadc62011c0c07632586b6530be708ae6906b56a2f6ff59cfd41256bb550803f63c5406
Score

1^/10
behavioral3 behavioral4
- Target
  
  Separate-Files-Version/Activators/Activations_Summary.html
- Size
  
  118B
- MD5
  
  92da1e209c08c8d4855fed3b8b95d793
- SHA1
  
  f19d8a19f6a684e87e2421d185d83af3f5c24a70
- SHA256
  
  5aec5d03b4529afda7b0ff4e8f58ae4942a8cf86fc0965bd97e2448636bef4a7
- SHA512
  
  7d549dd7aa89ece8de8b81eae7fdc73205b4fdbd213da0ca04462e967f1e223351d15ea8fb77d7295adce5c8ba7c09d30b24f318604538cb52105deeb503666a
Score

1^/10
behavioral5 behavioral6
- Target
  
  Separate-Files-Version/Activators/Check-Activation-Status-vbs.cmd
- Size
  
  6KB
- MD5
  
  b568aff717984da1f7c8b9cf522fb1e8
- SHA1
  
  c00cd43aa95e8221b8ee6a9e758eb7b128139997
- SHA256
  
  77ba40dcde775f0a7fb46182296a5b8f5f1150ed81d0759561f2100727344bc8
- SHA512
  
  a5648a0af05acc36601208c97f572e09a74065a7b4f2e1d4c333da842c3aa46917e03e464422fa7f4134b90937048380c2699eaddf39f71fe2c9092c2d08c248
- SSDEEP
  
  192:BDO0diZIZazZ9VZ5jZfuZcQZ0pZfSy9C/sC/QiO4TEoz6t9+r4:BO0d+IZad3Z5tficE0rfSyo/h/QiO4Ti
Score

1^/10
behavioral7 behavioral8
- Target
  
  Separate-Files-Version/Activators/HWID-KMS38_Activation/BIN/ClipUp.exe
- Size
  
  1.3MB
- MD5
  
  bd1908ab0887873fce6b059822599e4e
- SHA1
  
  48d928b1bec25a56fe896c430c2c034b7866aa7a
- SHA256
  
  0d6e9f6bbd0321eda149658d96040cb4f79e0bd93ba60061f25b28fecbf4d4ef
- SHA512
  
  e602efef6d697cdb0c958df3210331170c354edf1c372975d5edd71c884f2de26c6bad07e4caea4f7832ad42a9fe9c8c1b72ca24734a6d464f108864d0a8cf4c
- SSDEEP
  
  24576:5tdpL1yOXsztE1tq5Q91xzRF2yXWSLfGdT+/jWecMI0a7RISQMdLLUXEK060H+92:5p4OXsztE1tq5Q91xzRF2yXWSLfGdT+i
Score

1^/10
behavioral9
- Target
  
  Separate-Files-Version/Activators/HWID-KMS38_Activation/BIN/_Info.html
- Size
  
  115B
- MD5
  
  ed197ed9d9da84e2dfe3543f075ebebc
- SHA1
  
  286f3bb552b6368a347ca74cb7407026624c4eb3
- SHA256
  
  f139173b8c5e59967b74782c84cd6f2712d69da506e83c96785cc9f791492b84
- SHA512
  
  e7e58a3d9a169a9d98f8b81598ceb0209da1ff00def355b47be3368c5ebf85a5ec1ace811c92b5abc2750ef69fc7eaad148775ed3dbacc0aa2c7a0e3ca17323a
Score

1^/10
behavioral10 behavioral11
- Target
  
  Separate-Files-Version/Activators/HWID-KMS38_Activation/BIN/arm64_gatherosstate.exe
- Size
  
  371KB
- MD5
  
  e30b56d4f3751bf2e6470e05ba45eb3b
- SHA1
  
  7e449ae5549a0d93cf65f4a1bb2aa7d1dc090d2d
- SHA256
  
  a0e14a1105aa949bf84d28e22364bae52a4366dafa30ce6784baa6d4a7989cb3
- SHA512
  
  6c1c77b3f43ec054750270881205f5550eb84119e1ea2ec53ea9a8ffe289f9c835fc9026b265f6db59a6791bfa774e6f6de933b0997f8c33cf9656edfe04bd50
- SSDEEP
  
  6144:BsCgUYpxdTheO5fqmhWrQQcGuQYH22i01498WFom6Ggfwm+xbVIOcS2N:UpvcX0iOj498Qjgfw9VgV
Score

1^/10
behavioral12 behavioral13
- Target
  
  Separate-Files-Version/Activators/HWID-KMS38_Activation/BIN/arm64_slc.dll
- Size
  
  10KB
- MD5
  
  6c0bf030d92dbf1be5c0d31ac9f6cc11
- SHA1
  
  023d88e8e0a125f5d85ee2d999b512c4886aab29
- SHA256
  
  52184207bdf1181e146fd323dcffe15fbda924b8cedcca921bac269c174aa933
- SHA512
  
  09502e58b61938ef5fc09eb3ae8670948c9124c60ef43376ce631d8d2c82850cc0e485802c64e629d5561319dd1f06b173d42cf734fcc6a65205954a95ef4da9
- SSDEEP
  
  192:pPtSiNKLNFrsfjxqBFcKpIEjPRAAIC0HdHw:plSieBFcOr09H
Score

1^/10
behavioral14 behavioral15
- Target
  
  Separate-Files-Version/Activators/HWID-KMS38_Activation/BIN/gatherosstate.exe
- Size
  
  330KB
- MD5
  
  15ce0753a16dd4f9b9f0f9926dd37c4e
- SHA1
  
  fabb5a0fc1e6a372219711152291339af36ed0b5
- SHA256
  
  028c8fbe58f14753b946475de9f09a9c7a05fd62e81a1339614c9e138fc2a21d
- SHA512
  
  4e5a6751f5f1f8499890e07a3b58c4040e43cf1329ab8f4a09201e1f247825e334e416717895f6e570842f3d2d6a137c77539c70545329c1ab3118bd83a38226
- SSDEEP
  
  6144:RaCfeQ7PFTr4q0JNwBI5LLXkx2h24e0VdvE6D2qaoulEzXzO0+XfD4olEEg7JVxu:Ra+57Zr47JxXkgQqW6DsoulEzXzO0+X1
Score

1^/10
behavioral16
- Target
  
  Separate-Files-Version/Activators/HWID-KMS38_Activation/BIN/slc.dll
- Size
  
  7KB
- MD5
  
  f18dd5b638590be87ccd56fe338bed10
- SHA1
  
  da1afd97d92dd6026e7095ee7442a2144f78ed0b
- SHA256
  
  e7eca8c7476df70ef525ae55a0d8ccc715f22a727165a05fd4c380032cf763a9
- SHA512
  
  a3b3bbcdc3a3f83776793fd5b02578d59d38998f19a653467422e61127f063ad317d19857cd21e2723870cd1fdb6b0fe8dd436e07f2b93a7c9b4497f7e986662
- SSDEEP
  
  96:S8Jv8CeNzT55WbaCdYx23yPGHNcrwvUshE7y770WeZb:XE6ndYCAEyoRed
Score

1^/10
behavioral17 behavioral18
- Target
  
  Separate-Files-Version/Activators/HWID-KMS38_Activation/HWID_Activation.cmd
- Size
  
  40KB
- MD5
  
  2cc8b0a8ae4f88c9db9beb9b61723bf9
- SHA1
  
  6cd44e7186b396016bd97802a7e28d659ac94e78
- SHA256
  
  88ac4ddc041474ad01160064206552c5bc7542878e1e8e3a1180d8950281ccbc
- SHA512
  
  11729b6947cf6f8f9d566887ddb072841f3671119f73dd3143d1009920e79dbffea7bf49d08ced28122acf9caeaa289e456664d390da12ae6c1d338b20f8ea5f
- SSDEEP
  
  384:/sBwLv5hn34PTIUu1xvh9zliYPgfRtYGZEdf/64a9vCpH7Dq2hcaRRTjghMv8D9P:0Bwr5hn06vfE1KBFDq0tghkFY
Score

1^/10
behavioral19 behavioral20
- Target
  
  Separate-Files-Version/Activators/HWID-KMS38_Activation/KMS38_Activation.cmd
- Size
  
  40KB
- MD5
  
  74d68a7a1d6889bc6b2b8e301a56e312
- SHA1
  
  f4d1fa0d085bc17561416946ccbdaf419570b8f9
- SHA256
  
  7f1d39fb7c52d805d20aa3abd3b6a558a125c196db7b1a46c4ff4e561408b2c4
- SHA512
  
  96846710d92ebd2d2e9f913948adbac4fb63933ca2e1d1394f1c71ee446494f30bc62ee13d029a4600a388093b39b42c169b7a33d80941017d1bd6b918cef2fb
- SSDEEP
  
  768:fFYuS55nPL8mMEJyuXschD6Wghku0966HPMkk:m3ImMEzbSypHk
Score

1^/10
behavioral21 behavioral22
- Target
  
  Separate-Files-Version/Activators/HWID-KMS38_Activation/ReadMe_HWID.html
- Size
  
  103B
- MD5
  
  78060a4631fd93dc9aca4be0d043a7e1
- SHA1
  
  06ae500b740d90148a951bd7b40ddc8f9ec0a109
- SHA256
  
  44466808c9ab0a3da02f8cc30f2475f73e7416e05560120547527d538b99ca46
- SHA512
  
  293bda069ddcd9aaebc65a7eb16203666da25a70e1fdc07a373bdf635a8cc6271ce1f27d6285fc3496d6be2f91f7d7c2c0b01723a32f7699e0c34f76f657513d
Score

1^/10
behavioral23 behavioral24
- Target
  
  Separate-Files-Version/Activators/HWID-KMS38_Activation/ReadMe_KMS38.html
- Size
  
  104B
- MD5
  
  ea4583b6c928ce5a827ba2375e58e201
- SHA1
  
  1f90667b15471d9a74ee3a2839a8b795b623fc86
- SHA256
  
  bfdff1c60d51f143d81cb33b70159e574ccefc48fc7383756208ac66faf763b6
- SHA512
  
  f7675ed98da59f74d30d6842fa2cb002ce7ce48a3ea535308578bc1afa1f19a2d4464309c8d0aeadcdc6f8c20e79f6a1d30d653207a0a7a89f45197e580459e4
Score

1^/10
behavioral25 behavioral26
- Target
  
  Separate-Files-Version/Activators/Online_KMS_Activation/Activate.cmd
- Size
  
  187KB
- MD5
  
  8691fb84c60c93017707b3e9684d34e9
- SHA1
  
  9cc32357cb46a078779e51c14402ec594acf611b
- SHA256
  
  1ee85a543f063dffba26c475b4bc8ff3454aef4f385001deb6ce724198fc8b1b
- SHA512
  
  5d98b66e04b91943a51604058566a8db53daf3cc9227a3f4fa16792605f07f71f986e104cb418bf695d6944390804838c582a903148ef71e7f5b5ccbf8603724
- SSDEEP
  
  3072:PbauMaTVFpUh8GnFSuF28eKiae7EYGKG9i:PbaudpUh8GnFSdfKxri
Score

1^/10
behavioral27 behavioral28
- Target
  
  Separate-Files-Version/Activators/Online_KMS_Activation/BIN/_Info.html
- Size
  
  115B
- MD5
  
  1468bb0d907b5789fa6446600a7dd1dc
- SHA1
  
  836ae2f742e8dbf54762f4ecc2468c68eecff6d9
- SHA256
  
  be9cc7a35e3aed5c96538bcca2fbd866e2969817beb62ab15116e97ab04b2079
- SHA512
  
  46a4636c8568940037b38cf945a1d9e91cfcd9585b4892e0be2506a3e975a0e4c4359b121c096c5f579e00773d8151fdbe5eb8280ff1b7c0a51634aafea7c2b1
Score

1^/10
behavioral29 behavioral30
- Target
  
  Separate-Files-Version/Activators/Online_KMS_Activation/BIN/cleanosppx64.exe
- Size
  
  19KB
- MD5
  
  162ab955cb2f002a73c1530aa796477f
- SHA1
  
  d30a0e4e5911d3ca705617d17225372731c770e2
- SHA256
  
  5ce462e5f34065fc878362ba58617fab28c22d631b9d836dddcf43fb1ad4de6e
- SHA512
  
  e0288dcf78092449d9cbaef4488041131925387c1aedc9e9512da0f66efe2fb68350ca3937f6715834e62e7c931c5dad0fc8bc3c6c0c3daedeff356d6feaac2e
- SSDEEP
  
  384:gQAInWKpEFFzpjq37oIOU6GHq33QPiu431VP:gxWTpOFagUb2qiu43P
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32