f1a398113ad169cb462ffeb52eaf0e95085bf27e5e7eed458e57dd81953bcd0b

Sharing

Copy URL

Twitter E-mail

General

Target

f1a398113ad169cb462ffeb52eaf0e95085bf27e5e7eed458e57dd81953bcd0b
Size

845KB
Sample

231225-vl64lsdbh9
MD5

b4d8acf5630d1048b27e2a753147aadf
SHA1

644e2a2ee2e0f53cbf9d0caabdb8c7e302e1af45
SHA256

f1a398113ad169cb462ffeb52eaf0e95085bf27e5e7eed458e57dd81953bcd0b
SHA512

e4a906be510c18182284770c9e726ffa3c57bdef3739e516433489a8d32e39becd3cf907f44e6345fe2aec12d9af9521910e496e6f23fa349af649986bc3a4a7
SSDEEP

24576:ExNoxl7ipUyhLRpCoN7WSGwgZdg7xCpLtkdsCjW7phCA+:EHoxlKfh6W7Jzg/5pLtncafCf

Score

7^/10

Malware Config

Targets

- Target
  
  3 - Оптимизация Windows/1 - Отключить Xbox Game Bar.url
- Size
  
  115B
- MD5
  
  ad8be6d1c424a9642fbe6706dd745fe5
- SHA1
  
  757ed117f415d12c064a51b270e3ee657e9c22ca
- SHA256
  
  f99d983bf42960de3a5f7ddfbfc9727b37ac780d5a8b3d950f0e97dd58bec0c3
- SHA512
  
  3c47ffa66e25f1f73a10d2cd13aac3e170fe0f8f706fc19d7f9884fc1f0cafa0b8b22ffd4e3db83cbb7114565ddf1dc7e3dcffa63f88fe8d9c93bdcff9726323
Score

1^/10
behavioral1 behavioral2
- Target
  
  3 - Оптимизация Windows/10 - Отключить Hibernate (Запустить от имени Администратора).cmd
- Size
  
  71B
- MD5
  
  1a7f7b44889916819240336b980699b7
- SHA1
  
  bacc4b70f00a29013c0fce4e605cd167257d2d3e
- SHA256
  
  aa0df9919ab7364446d5c1e5266e4569b5a84ba9ddc31b0859872b7a7cdba54b
- SHA512
  
  ee1d05105a8c330a585e2d93fb28c09db7cc8e7a851cd2e93b9171b1eeaed9de596419bec79cef0d94f6a18c90e2ccb56c0ecb6c4a9cfc0d52705cdd97ecb4cd
Score

1^/10
behavioral3 behavioral4
- Target
  
  3 - Оптимизация Windows/11 - Rebuild Performance Counters (Запустить от имени Администратора).cmd
- Size
  
  128B
- MD5
  
  ce34b00fb9217b954d5423aeddd113a0
- SHA1
  
  0567474124488fdf55c2054c5b6d5571cc90f1a8
- SHA256
  
  79115bf604bd018c3599082f1820d2ce973b7938c5a7112bde18117f3c408bf4
- SHA512
  
  607700a02ac82b07b584ebd3c1e0c919b85ac49e4741b6609fb514dcfc3686760a376b660ccdf67072304d9a5f964a8eb6463bd0cfa19370eb06dedd029f049a
Score

5^/10
- Drops file in System32 directory
behavioral5 behavioral6
- Target
  
  3 - Оптимизация Windows/14 - Настройки Звука.lnk
- Size
  
  146B
- MD5
  
  f301da5440e7b8295b64753acd552ac1
- SHA1
  
  577b0ebbbeb752cf9eb03e7823e1ba90168ec2f6
- SHA256
  
  e73011f85e2e519dfc9a0b683dd44f4a00e3298cab50261ad4992972a95a24a7
- SHA512
  
  e2359ac00279e29dd132834905749a4459dd0a0287abf7a85059d327baf282f9d76078dcea906daef22f9ce9c87e1cafd1e3cff42bfd4f94720d91d7fc4d566d
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral7 behavioral8
- Target
  
  3 - Оптимизация Windows/15 - Отключаем VBS _ HVCI.lnk
- Size
  
  1KB
- MD5
  
  752cb25376a2138cd6bec11940ce1a6c
- SHA1
  
  d686d8d16fdea7b79d0028971a41ca4443ab26f3
- SHA256
  
  01c803514e28832d255d501e14d9c565208a90a08d5503297dae33fa81aa9bfa
- SHA512
  
  e62692792fcedba86591083c28c3f22018823bd2064c81e723c75a0be261820a5afe8ae05155b3fed573f98223076b8f93dfffee885406536a122d929d892450
Score

3^/10
behavioral10 behavioral9
- Target
  
  3 - Оптимизация Windows/16 - Отключаем VBS _ HVCI.lnk
- Size
  
  1KB
- MD5
  
  cf1faccf6bb38b9adc7004c7f71797ea
- SHA1
  
  3d894b53c2b04049fc6aef4868697952fb13cc29
- SHA256
  
  87884a3192ff44956bde5c9271d667c4420c9936dad1c09eb69d872c08258298
- SHA512
  
  1bc7a62fc27eeaf63362a770c5e12b7b44aa0413e977a797f1bec405ec75c2b8aab9e8078941db82093799f9e1813d861a0998082e2b74a082dff41383835c60
Score

3^/10
behavioral11 behavioral12
- Target
  
  3 - Оптимизация Windows/17 - Всегда показывать значки, только для W11.lnk
- Size
  
  1KB
- MD5
  
  56844a6a04434b67bb0333cf7679641f
- SHA1
  
  00bf71ef0c66bb0de757598014110f1afab99639
- SHA256
  
  15dcab3d8f359afd4c72a5569b1ad1f7f2834c21d446d4c904b66ea93693c8fd
- SHA512
  
  4dc1c2dfabe140d3137ebddd29ca6e7ea64b244aed7d40cd9e62b1e38a9e3249c049b27fe94fcac688ce03c4a00e38d16d99223841999ee35b6273704f2ee33f
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral13 behavioral14
- Target
  
  3 - Оптимизация Windows/18 - Отключить последние три пункта.url
- Size
  
  114B
- MD5
  
  bf00a7b582581aca5d8705f8cbb71421
- SHA1
  
  9be686e41fee4edecb0e5bab3138157ce4b29110
- SHA256
  
  745e36b9a67480492ebbc332efcece3c4665ce7fa9d368271242209c89d7a689
- SHA512
  
  5c350842bf21291ab37bdbb9029593c90409e79f47eb1fd0832f31918980ed61112df2b48adb4686d37ae53348e2d97260eddec88eade3ce240aaf3e0a0a5f68
Score

1^/10
behavioral15 behavioral16
- Target
  
  3 - Оптимизация Windows/2 - Включить Игровой Режим.url
- Size
  
  116B
- MD5
  
  e8a8388b2ea4f0c642b49100c4b88d98
- SHA1
  
  bb2c12c2455093c238812551f51c7329dd7f9ee1
- SHA256
  
  6a1e1f2387bc4d65328d91b6e51338b20fbae710554ba7a507d025f0d52e37c7
- SHA512
  
  be90384e80e2d5a49c6c01ec8607ffbed3eff1f235dccc2f17557b3004c4dc06170fe03f0b58cb53b72bf331ddfaf2977edbbd5eb46ccbd038da8d03a10171a0
Score

1^/10
behavioral17 behavioral18
- Target
  
  3 - Оптимизация Windows/3 - Отключить Эффект Прозрачности.url
- Size
  
  107B
- MD5
  
  6ff3360c82f49520f3751f0622e9c845
- SHA1
  
  24faf55d3502ba031effcb50223c8ae040905c0a
- SHA256
  
  85243e6a9da8db9041e15b88ee6077c8f5fa61cbba3339a3bffd8fedfb319756
- SHA512
  
  9137f4f6c574c34e868be7b0cf7de365ec7da570dc7ee48a44b1e328bea784ce1622a957bfc597d10b10bec58df40ee3301f22862c1246c6bbb3aa6ec06448ee
Score

1^/10
behavioral19 behavioral20
- Target
  
  3 - Оптимизация Windows/4 - 100_ Масштаб.url
- Size
  
  108B
- MD5
  
  f6ea125a039b8607a6a31e70cbd6437f
- SHA1
  
  a5925366f5ea83c0d73864683a2a82e9618913cd
- SHA256
  
  56094556c2ba4f46221eec9befb2a0c76db7feeb06910baa81fae14d8b8e0ea6
- SHA512
  
  9619f0c2f5acd882936db549800362aa0dc1908658cf111bd15b3e47a1b55614de401c7470287b615a7f5d518521c32e3f6bf1c0dd40b18b181d29cbb0409874
Score

1^/10
behavioral21 behavioral22
- Target
  
  3 - Оптимизация Windows/5 - Отключить Размытость в Приложениях.url
- Size
  
  117B
- MD5
  
  c5805f3a23a161643d88b72b994de75c
- SHA1
  
  b2d714fccbfe8e62198439e006d96115967ca3fb
- SHA256
  
  d6fe6a6823d59e8be8eafd1643729fbaf2fa430bb0029a5c5c0fdd513a413706
- SHA512
  
  8e6c9e2f8f1cea6c224dec5335a46cf47c7c15df18f8d8699cd3e96505832fe3547d10b44333ddeb942590979c99961a341883f35ec15deb075817ff6fc4395c
Score

1^/10
behavioral23 behavioral24
- Target
  
  3 - Оптимизация Windows/7 - Отключить Повышенную Точность.lnk
- Size
  
  943B
- MD5
  
  e8da1a1fccf4bb75e8f9db8914b7be33
- SHA1
  
  b86b64240d4225ef376bf0016b65bace41b0cd34
- SHA256
  
  92320662bd197480752d1afc758552e90d4efbf683c56e38952130b93cbac2b2
- SHA512
  
  2df00a8bf41042bc7a564e21961d0e263052921004907a7ecbc79b3a97dbca0a33863252e36cf7935a82075169087af3600cc4d5f4e4bd0b9492ab1bf18e85ee
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral25 behavioral26
- Target
  
  3 - Оптимизация Windows/8 - Отключить Визуальные Эффекты.lnk
- Size
  
  2KB
- MD5
  
  be25dc20a2de9eb4e49c12c850be8026
- SHA1
  
  63df6c25444f9ca1e0f26770cb35aba7509319dd
- SHA256
  
  7455daa02d82c6804df1580004cb7eba04f8b9eb39b6d740c2190e3da09aa20d
- SHA512
  
  7bceaca2ac003b0f5df0ed719ac90decbae576545bfc4b52bfa374bb7d410d146d20dee15a3c332bca93b38b3208f54b48d20d19f3e433e8bf86b5eb590d5c1b
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral27 behavioral28
- Target
  
  3 - Оптимизация Windows/9 - Схема Питания.lnk
- Size
  
  1KB
- MD5
  
  77a7961fc8ad9e8a4386f7137e74f5b3
- SHA1
  
  f4fdd9751ab0bb9cee172c872dea21ef94769574
- SHA256
  
  b4d5ab63e1da92746100e1a7addcf62d9ac0966d65e4ae71d95e56c65a3739a5
- SHA512
  
  252c013319db528dee981df0640c677499bfa900c072ae5524a7d24a46f2ab8205a6edc885cd982078d735496badf96f8349639eedadf692402b9ec885f438a2
Score

3^/10
behavioral29 behavioral30
- Target
  
  3 - Оптимизация Windows/ISLC/Intelligent standby list cleaner ISLC.exe
- Size
  
  425KB
- MD5
  
  9df5b80da90316bc175fa63604fc4b9d
- SHA1
  
  2f72b7cc000d8910236ce2032c4b680b8b23788d
- SHA256
  
  6cfcaeec995db1cb66a5970f859c35fd684b0973d5efebfc9eb675a62377032b
- SHA512
  
  6dc7b774b216a4b02c35de60287da00059140a1a502b22c87190e438091184849afa312026eed95447e5af2d50e7a9c501b38144e127995f440baf217113bf1c
- SSDEEP
  
  6144:Wk0xVdRQ/vqkg1gEagdQHiVdRQ/vqkg1gEagdQHFVdRQ/vqkg1gEagd0iGqe5:wxV7uikFgNV7uikFgQV7uikFgte5
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Drops file in System32 directory

Checks computer location settings

Checks computer location settings

Checks computer location settings

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32