06be8cdaa16797ee5e8e3e1fbc1cd7b0f61ad5e9d0c8b3db76d5d66511a49c91

Sharing

Copy URL

Twitter E-mail

General

Target

06be8cdaa16797ee5e8e3e1fbc1cd7b0f61ad5e9d0c8b3db76d5d66511a49c91
Size

9.9MB
Sample

231213-m12tfabefm
MD5

2360615dc29da0f7b2e430109258c472
SHA1

d547b17b17c8f29beedd470c0089c0b7eff29016
SHA256

06be8cdaa16797ee5e8e3e1fbc1cd7b0f61ad5e9d0c8b3db76d5d66511a49c91
SHA512

575530cb5954d3f0f2a4d62957a34ccb36490e274ee5c7338492b5e30eed2ab9037a67ee63a2c7f1e0a6a022f908b0d7eca36a684165e8ef7bff992e8d1caa5d
SSDEEP

196608:6PjR5HbQqdHn7VFm8uoOvt76u6cFv5yxdxJ0xO/0Un1fz58H9zQnUwUQ3i:yEq17G1Pv5yToQ0UXswUQy

Score

10^/10

Malware Config

Extracted

Language

ps1

Source

URLs

exe.dropper

https://github.com/Marcus-L/FreeVD/releases/download/v1.2.0/FreeVD.Setup.msi

Targets

- Target
  
  freevd-win-11-master/FreeVD-exe/FreeVD.dll
- Size
  
  447KB
- MD5
  
  860a19c1bbba9e644e9fee6bd366d010
- SHA1
  
  c9714bfe0e403015d7a87c64f36a44b8abd2fa8b
- SHA256
  
  259de668de61209603cdfe101690254566f99c966ac2aae2d641acaa318431a9
- SHA512
  
  d72922853991b050382031cdb5e62c61ba071639a79e1b2a12f0ce407ba1d66aa7cbee52694cd0bc60bcef9bf04c5c16e496366409e5d8cbf035cefdadd5801c
- SSDEEP
  
  1536:ZdOfl6qtBOYfHflVsbyDxJpR2IO8qNFoF/0:CQqtBf9DxJpR2IOfgF/
Score

1^/10
behavioral1 behavioral2
- Target
  
  freevd-win-11-master/FreeVD-exe/FreeVD.exe
- Size
  
  146KB
- MD5
  
  d3c41f51e35f257f13514d9a378079f7
- SHA1
  
  4e7d6b7102947510eae205950c0520910686151f
- SHA256
  
  b5ad3b0b4ea8f2fd098c4b1acbf4da6ba997c5bceb93272efc9c11ba6d140021
- SHA512
  
  75815bb72814005e1b1d7cb588d7dff74d204d4f42bd95b4bffe79c7ac028bbab87903c43b9f4cfd6bb79dcd80dfebb73d059d6fab34257f7b45824dc9772e57
- SSDEEP
  
  3072:48vbzyQ6Y1YXrbNK+3FNxacPEMk6rRQAqTWbc:4szAXNK+3FVHRQhTWQ
Score

1^/10
behavioral3 behavioral4
- Target
  
  freevd-win-11-master/FreeVD-exe/Humanizer.dll
- Size
  
  347KB
- MD5
  
  292e27aa06f891645c2c04eebaf386e8
- SHA1
  
  dad0bf4a89580ec150411010a5e171872b9f35ba
- SHA256
  
  d6853075547d7e303efd60354d911a2ff18edba582cda2fa59d91a2e5dcf9e98
- SHA512
  
  f2888080e4520f8f0e16d5fec0d9e90de6ffc9738983404b9a48c806b74bb7263445da0de0306b9ed6f40315c0a63853b2f9080bb287c1175b8bd89f6cd0ac93
- SSDEEP
  
  6144:wZJ3sc6NPjjQ2AQ69sCw/I7qZE1K7y1VBz6IrS4ZXa9hpyQzyTIsiA/I0jHybeNT:kBsc6NPjjQ2AQ69sCw/I7qZE1K7y1/zx
Score

1^/10
behavioral5 behavioral6
- Target
  
  freevd-win-11-master/FreeVD-exe/Microsoft.CodeAnalysis.CSharp.dll
- Size
  
  5.8MB
- MD5
  
  9e1bc9f8782bdaa205fc148233827e75
- SHA1
  
  1ff1dcb6c6b713fdd2d884f18ed5b9e9f17bcf43
- SHA256
  
  d18f3e598c43abcefc6b5ca0ff01c17c1624409ce2eecf3fa2086585563a675f
- SHA512
  
  36781a0f3e45e38bb09e9ddb56a432fd5bbdd35284d64983af7a93675d647562e76029376482b5870c749485674a2b389b7b117ca3145bceee77ed4835c85855
- SSDEEP
  
  98304:DaJWUlhH8kBF6nh4Vkc0HlnEGqi9yVkj3CBu+4R7F:DEWUlhHFB1kkkLCBuTF
Score

1^/10
behavioral7 behavioral8
- Target
  
  freevd-win-11-master/FreeVD-exe/Microsoft.CodeAnalysis.dll
- Size
  
  2.7MB
- MD5
  
  e5d41f409bd59a5de3429b66b9bcc903
- SHA1
  
  1055a1cdc88f7c7a070ce3e49ec1ae586c4cb9c0
- SHA256
  
  7fc0c7b2c174ebf5465ab8c3f683dab5a2705fa908ae7c9260aa22e304ade27b
- SHA512
  
  411fc82aadfd03bc82df02a3ee67538f65aba98b72ec868c5b1a71d2814b9fe050f43caf89d21ce4892ebdb2f28e265c2ef04d5aa5312041e2b8c13ef6f55185
- SSDEEP
  
  49152:h4qebUfFVjCAIXP20prE8CySYPoapzJv8:h4qebUfFVjCAIXO0prlSYc
Score

1^/10
behavioral10 behavioral9
- Target
  
  freevd-win-11-master/FreeVD-exe/Microsoft.Windows.SDK.NET.dll
- Size
  
  20.7MB
- MD5
  
  e1c8bfcf1436dcfcf1f28cf2d5ad7cbf
- SHA1
  
  faacfac0942773e9c27bc0abcef0207f5c2b3d31
- SHA256
  
  5696463c3dec9e70dd747fae4c68e53eac68c8dfde4c4b489032de5842ed86bf
- SHA512
  
  302fec68ac62a808923efc62fc79ca10beb3a2ff63aba7a33400a90371341b50720f1122ce8acb94b454e2b644ebd6c304e40263a0cae8fe0ab2e9c2369b76e5
- SSDEEP
  
  98304:VWKWI9GRBBhN/0egl6OffVAjYRHHX5Nf1tl1Z+gw6de6G35Pny8eZsWa:tWIoBJ/V83yjYPz1FwCeLPPeSWa
Score

1^/10
behavioral11 behavioral12
- Target
  
  freevd-win-11-master/FreeVD-exe/Newtonsoft.Json.dll
- Size
  
  679KB
- MD5
  
  916d32b899f1bc23b209648d007b99fd
- SHA1
  
  e3673d05d46f29e68241d4536bddf18cdd0a913d
- SHA256
  
  72cf291d4bab0edd08a9b07c6173e1e7ad1abb7ab727fd7044bf6305d7515661
- SHA512
  
  60bd2693daa42637f8ae6d6460c3013c87f46f28e9b0dbf9d7f6764703b904a7c8c22e30b4ba13f1f23f6cbee7d9640ee3821c48110e67440f237c2bb2ee5eb6
- SSDEEP
  
  12288:1eos/POdGV5jfWrV/9Yeh9eRcyLfLYtT5mWxTZ/B7jW5JMtRRpKzQk:10/POdGV5jfW5VnhFyvOB7jW5JMty
Score

1^/10
behavioral13 behavioral14
- Target
  
  freevd-win-11-master/FreeVD-exe/System.Management.dll
- Size
  
  70KB
- MD5
  
  88b0572d04511832862a672aa59f6e57
- SHA1
  
  0c0c00a22ee85f5c053b90929941a1d4e892f87c
- SHA256
  
  a7387f80ef7e40f2f056d862a66afea0b16b46d101e69093dc7ba84f3d1d0881
- SHA512
  
  c3f313de263c996277a97121f804f8a21f7ac8bab36bf485605ffa281e30083f9a7ff783dc58e66a32e5a09669ff3798233b963764281b7ea8eb9afa43ea997a
- SSDEEP
  
  768:l3FJV6QNGiHKxqv/7F/dttlswUGcVzKkb46jf9LJKdbY2SdMEQj:l31/MiHKsFBqtRUkb46j99yc2SdMEo
Score

1^/10
behavioral15 behavioral16
- Target
  
  freevd-win-11-master/FreeVD-exe/System.Reactive.dll
- Size
  
  1.4MB
- MD5
  
  e0897bd124acf85c2ed969185b598510
- SHA1
  
  6f563367cd580050d873463c3b3b9b7d5f2773ed
- SHA256
  
  1932e5f9161ee479b644a2e725a72ab26aaec2c6e188ebf17733298b417d59ad
- SHA512
  
  05e0cb180b0e9d1f5061a80af4e953a10a9a183a79b5169c1b53397bc7b0152c7fe0dac139a7fcd919be5b7dc0fbdc9a0ca27279d6dcd8c5f229afb2a126b288
- SSDEEP
  
  12288:Sm72A2llRo8pg/AUMYHwCTD0/4j54jYtUJM/t/352X2apK/Ebyz6VX:ylRf+AUMJCTowj54jYCQh354gWpN
Score

1^/10
behavioral17 behavioral18
- Target
  
  freevd-win-11-master/FreeVD-exe/VirtualDesktop.WinForms.dll
- Size
  
  6KB
- MD5
  
  6a71fb18db119f5b2b781b70378b4f7a
- SHA1
  
  ef8ff1f62d9f67ca42a14bf83ca5fca87e7958c5
- SHA256
  
  e9bf0fbc8331a8ac5aeab9e98bb618f04864200f070eb3a3c11866ede58f206a
- SHA512
  
  1c9789b39a385c9744ce98c8c760ca2d08901ca262f63fe15c80d4da73f2888f155e9c842d0fec262b836935a581c6c1298adac94f1acf4419f77e2467244c54
- SSDEEP
  
  96:ymwif8GB4ODZFaSl6Y4OyX6P1yuwuGun21OYDwkjJ1Gl:/THFD6O5Fbn2ul
Score

1^/10
behavioral19 behavioral20
- Target
  
  freevd-win-11-master/FreeVD-exe/VirtualDesktop.dll
- Size
  
  84KB
- MD5
  
  84e02fb253af7d22d87484882c82c74a
- SHA1
  
  c32e17008a6ee4461e66a75c0c1cafd5c10174b8
- SHA256
  
  db992b55f9853256627b96ab0e3f9f0f0d0a6ecee3094b6be7e9496e1eafd129
- SHA512
  
  209bec2bf6d24970efce5b5d69465c1dd2e1f2574040fb8448505d8d4e242f63b3fbf604473c8a12dc07ae039d8d6606d0527bc51e730685866bca805302fdcf
- SSDEEP
  
  768:NS8Dnr90XprEmj0GQW/3yW/cNHPv7PLSB4QM4eiDvMSJF/d1SYS11BaHMa2pLjXe:NSYr9WPfyW/cd7POqGxFST8HMtHnwJa
Score

1^/10
behavioral21 behavioral22
- Target
  
  freevd-win-11-master/FreeVD-exe/WinRT.Runtime.dll
- Size
  
  386KB
- MD5
  
  9fc65437138382084bf8d8256a471b45
- SHA1
  
  4ac5a9c018cb1cc6a29a807c76355936049c9e88
- SHA256
  
  20779e3f0ba415d3af89ac620526c94c1d6c0e333ff134414d96053cee53dadb
- SHA512
  
  bc625c03d320c3532bc4b82f91c09a8d076b81d048f866c342926b3247ca681f653e53e4137f7dbc533dafeb6d150f634c786138dffb69252b3c5ee922ece5dd
- SSDEEP
  
  6144:3RmhD8rHUeirbb22ibDJAsHX0o7IGSKjl5edoFCiOJPvcFVboywWp20BorZjYPq1:hmhD8zUD2vbDJAKXA1oveNHav96iTtqH
Score

1^/10
behavioral23 behavioral24
- Target
  
  freevd-win-11-master/FreeVD-exe/runtimes/win/lib/net6.0/System.Management.dll
- Size
  
  284KB
- MD5
  
  83cda4cc597e6a0b2ebbd1b8f41e94d3
- SHA1
  
  10415fa323a21d412eb36e583a98385088065d61
- SHA256
  
  aa474c96b9fd17cb3580d89bb8eb716cb1407c89026b5e8180402666eeeb766a
- SHA512
  
  ff7d869d416e3c47c082b8bd2d6907bbbe457d17d093cd84f66d42b978d143c088e008388041b440b01f7d82e373dde9b1b5c1acfd9553f98a63fa579d7ec8d2
- SSDEEP
  
  6144:HG17jgxtTSfK7JK7XUUmhOzZiRZHhGASipzvZhHcx:HG17jgfefK747ZmhOzZiRZH2wgx
Score

1^/10
behavioral25 behavioral26
- Target
  
  freevd-win-11-master/FreeVD-source/FreeVD/App/PinWatcher.cs
- Size
  
  1KB
- MD5
  
  dda5355a61e6b725e59cc7b57d4a436c
- SHA1
  
  01d658b3078aa436ecd5ec9135eaaf5dd27290a8
- SHA256
  
  4fdd08d58a1a78d39e5a91f41c47aad58a94feeddd9f8492cb0495ef377a09ca
- SHA512
  
  b46e74e34baee97e9993cd987290968b19001f3624692e925b03f26d445c56b42eafd66632b33434e307180f10cff6fe5f7bda4a84e4a79dc15d9332e3c1705f
Score

1^/10
behavioral27 behavioral28
- Target
  
  freevd-win-11-master/FreeVD-source/FreeVD/App/TrayContext.cs
- Size
  
  4KB
- MD5
  
  68ca539e68c403514fa7ebb96598aec6
- SHA1
  
  01637d0fedb5481480b05070e137b4bea7e28b9c
- SHA256
  
  e4cdba3baeed613381f0cb37869153ffcdd5a6a3df7ddd925606515ff823a68c
- SHA512
  
  d7ae05eeab3ac56a17a4aec98d3c8c1c73e6636677e30b0be47d5babaa2a732cc2be5e9930ebb374d53f4a1068474d955b5a0f1a93cef4955366dece543c8021
- SSDEEP
  
  96:jjzvP26KV7u/w8lPdb7/MzOZCNrcB01Qq7UK+62JyL:rGPC/PrZztK+62JyL
Score

1^/10
behavioral29 behavioral30
- Target
  
  freevd-win-11-master/FreeVD-source/FreeVD/App/Utils.cs
- Size
  
  2KB
- MD5
  
  d5af1c8c5478b8b1c7d9e7580f0063d1
- SHA1
  
  290ee673b494b058102b0da468d5379a38acf797
- SHA256
  
  afec49cc1b64d2fe00693b091cf37b5585c13026548e9006f962d13138c89652
- SHA512
  
  5ac7b94fa9ec30d933c4551cb6eb1c8c68be9129ef313ffb4e6142f72b562cab3a0ea7c1c183870f7c04d2ff800613eb89537105d797a9271cdd4ebd847b473f
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32