8ac04875976ff5f2b443dde670ba53f812e7ffff42e72336482081bacb337f38

Resubmissions

29/12/2023, 08:01

231229-jw3ndsgah2 7

29/12/2023, 07:56

231229-jsp8wscgfm 7

Sharing

Copy URL

Twitter E-mail

General

Target

SOP23_4482515.zip
Size

193.1MB
Sample

231229-jw3ndsgah2
MD5

aa8d8be57d54aed60b9f6890d2857277
SHA1

7f9a646a529658eeae2e662d66fcd6bdb70a0238
SHA256

8ac04875976ff5f2b443dde670ba53f812e7ffff42e72336482081bacb337f38
SHA512

7abeb6f2ae4be3f424bf3a0bbbe26934c4cb03d9f153cdb7e8012d26391b229c19f04294ed3efa453d57455b39a7c42483b739f80a432e1d5986bdd691e21bb3
SSDEEP

3145728:Q1aaYxUWSOYIZGRrrsI55A6pwFxaQs0mdXXYfzfBCVgo8ydh2A0ng9ZgzLkeWJ:FaYxxSOYpRrrl8EFQs0mpgfsvJ9OYeU

Score

7^/10

Malware Config

Targets

- Target
  
  _850A9CE912B13565AF29B34E031CC792
- Size
  
  53KB
- MD5
  
  10e34eed06966fadf96376d52c11bf6c
- SHA1
  
  5ede530395b2ffb83d6709d319e4e1cec192f5e5
- SHA256
  
  a89466639988843e9d9495a4acd78366099d6916e9b334cf57a1511419b40aa7
- SHA512
  
  478255c1402281c49822d071687a45cea8002c5c86c59ad7157fc58107f5740738433e61cae4bca357eda2e5e6a302e10090e1268c2a3ca845cffed673f9b976
- SSDEEP
  
  768:XaxRAvFbEJrnMn1a8XDRhfrq3OhlUzHXA9mzyF9KQRTMbuhIADCLl:PbEJrnE17fKRz33kKQRxhIADCh
Score

1^/10
behavioral1
- Target
  
  _85775FE8A80EE9570FE7A08C75F4D5C0
- Size
  
  2.1MB
- MD5
  
  b7766f7cd4b70f28519f0d16e1e7687f
- SHA1
  
  a4b5641d278009c24dbfc11182b41f502504cbeb
- SHA256
  
  9d2a61e421f472e1613b24ec279f7e673e23db4d12d7784db8a1919fbe01f6d2
- SHA512
  
  195f0fdbe9bb0cba144ca731396a0af0a77ed91f46ecce80f3ca736680c67c26a6e3ffed37e4f9ab2c9cba96b109870f16bd95875ab8186afe28eb4eec89b945
- SSDEEP
  
  24576:UkA26oePASBpLlChlVUFAQsghGRFybiGPtFn9FwkS7UHLH22GDITmdLttmqrhqVp:hA1doqMRfDfQiKV8gWZtt3hqVp
Score

1^/10
behavioral2
- Target
  
  _857C1A06388DBA2B12F1ABD19D5F03EC
- Size
  
  12KB
- MD5
  
  e435d92c38743762e1d4869bae6480c3
- SHA1
  
  c1797313d80e3baa75443163e5a376df6d81c0f9
- SHA256
  
  708d7bef6835c005b02aa54e22bd52d69d66298f856e9e1474eac2b18c5736f1
- SHA512
  
  a7c60fb316feb12f9f5232848c0cf560342b262ef689b7f366bcac69419192e11c0e535d2402c6cff1b1c842fc15911dfd71f6b71ce9821fd6c2f2e8743d3edc
- SSDEEP
  
  192:ZsHZRA5gMRHJgGjGnockSBWgt9dt6Y6MfXvjuhjA85/tSH78ifX0LzIYM:mnAzRpgPdvtcY6Eahjd51SAifXr
Score

1^/10
behavioral3
- Target
  
  _861C5A066E0E465A9C73D7A8BC735568
- Size
  
  4KB
- MD5
  
  44a8cccda98a43267b1a60bbef9600a8
- SHA1
  
  e8e06dd88a49dfc46d987482e3fb37ce06a68f8b
- SHA256
  
  84a1641f1182bfd675565d447f3958f77f8a349a9274a7816e81695491f98313
- SHA512
  
  2ea0454ef3930438ff634b86b69ac24668d55c5d55095708cfe79feba7a6cf0eb6c05a71f610b1abba7ed7b59cd974fb06e9f971989ac35a2ec86d7ae6b9b181
- SSDEEP
  
  96:k+yn8RC51HDabUuABqrYDxX6Jm8Jng9kzg8ldD+UkirIfQleW30SI:4bzZqrYVXOmR6zgqDE9W3M
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral4
- Target
  
  _874D1567799B7B9AFBEE570F7726949B
- Size
  
  542KB
- MD5
  
  bd130f4d29db271be2f06865e06fbf05
- SHA1
  
  9b2d7530512307c33437745b3fed9862ef887ddf
- SHA256
  
  6708cbd5003ebabc78c07db370a31e48a37dd84c854df70c97d658c41c20c50a
- SHA512
  
  7b145b7a0320b8e09108301b3e5ec99035ef309222da30574025de455ddbd9be2311a193bf889b72d167ffe4ff17ecb316df962574dd1bd6399d67fceecf22d8
- SSDEEP
  
  12288:6WYfvZKpvMHb9+ALF3TEYcqAprfFPzZY4jgiovcfUR:6J0h+F3gY1srfjXovcQ
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral5
- Target
  
  _8799F7153471BC8E3B333E972437C11D
- Size
  
  239KB
- MD5
  
  2d2f84761a9fde81898ed505b227e7e3
- SHA1
  
  d213a0de3f4c012c56b58e93a09d15192f513135
- SHA256
  
  c99038075ff963da73cebbd80d1462513c72af117f08b379d8d9d2a90a1e5ebf
- SHA512
  
  debfd82cd41079cb569de8ab8847847164b3304fbea504287d89bc41ad2070b822bbeb946dce8862b892f82dd2d021942a3e386c2dcf2eada51acfa47a1631f7
- SSDEEP
  
  6144:uh77lpNtb01c4i6F/r1SfLuPAS5x/okDR5:q77aLF/rEtGP
Score

1^/10
behavioral6
- Target
  
  _88ECC22CD04E30B687F996108FEE9A6A
- Size
  
  59B
- MD5
  
  1005241397146b544ca586cda3f69c4e
- SHA1
  
  b63db3c8404c544ca3def7cd94b35e16a62ea5c5
- SHA256
  
  87a8d0420653b1b395a233b35560cc57c66f93228c42eb933bb467df1fed8d49
- SHA512
  
  404cc4a618245c8d1f98575a88c1cf935f250508728172beb192fb9c90acf507da22500e203603f1a4a7ef0d4576d93ec2b4803a90d1612fb7dfc4e91ab804eb
Score

1^/10
behavioral7
- Target
  
  _89C4639AC9A69DE25B22FD180B6C971C
- Size
  
  275KB
- MD5
  
  1a253e3b15d2a1e7a15983eee3f536b9
- SHA1
  
  b1777bbd62395967f8d2189437d6d639be1308c7
- SHA256
  
  c52057964a81d4bdb33ce2fa80d656de63a97404513218271373227d15c1b251
- SHA512
  
  a1f936a33c15224fc59741827f795a9c3ca8a4f1533f8505955ac9ec30f1ddc126c6dd115411f49316b2f3b49d584fea8a7a690f62fdced32f9af2ecc1cd3cfd
- SSDEEP
  
  6144:6s0dZW6/PDo8TM9P/qlT27J781nRGJFzHkVJf0GfK:6LZWQs8TMZYT278MzHkVmGC
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral8
- Target
  
  _8A4455BF480BBD2E5E1D2EE0DD0807A8
- Size
  
  340KB
- MD5
  
  86f1895ae8c5e8b17d99ece768a70732
- SHA1
  
  d5502a1d00787d68f548ddeebbde1eca5e2b38ca
- SHA256
  
  8094af5ee310714caebccaeee7769ffb08048503ba478b879edfef5f1a24fefe
- SHA512
  
  3b7ce2b67056b6e005472b73447d2226677a8cadae70428873f7efa5ed11a3b3dbf6b1a42c5b05b1f2b1d8e06ff50dfc6532f043af8452ed87687eefbf1791da
- SSDEEP
  
  6144:OcV9z83OtqxnEYmt3NEnvfF+Tbmbw6An8FMciFMNrb3YgxxpbCAOxO2ElvlE:Ooz83OtIEzW+/m/AyF7bCrO/E
Score

3^/10
behavioral9
- Target
  
  _8A902ECF1774235EEA788809EA57F5DD
- Size
  
  137KB
- MD5
  
  d4431049c38f75110f930fa7fce5d4bd
- SHA1
  
  205791effcacbbfff8b00c00e1f01c3d697b1886
- SHA256
  
  df792b49c88b189c90d28bdb7529b9ee305e84e8f9d429e2f7f67fd3ff97a50f
- SHA512
  
  851633b44301a20b7782dfe7b12625fab840a2c60356d91e6118230b79997871131ccce5a618c958b701aedbd7c5474a82d4c7bd5b7bf9dee624f4a11bcce617
- SSDEEP
  
  1536:bTHxgSI+B+5Kg+F78GQ32C2CGsntZ/B219p5EgN2CTW+xivAJ7OPrJNxgvQp+QjY:bbxNB7cG3stZzgsCTW8L2lOQp8ay
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral10
- Target
  
  _8AE3EAF9387809565C1C3DD8855EEF8D
- Size
  
  170KB
- MD5
  
  05b5e14975f5fdde6e463838775e442c
- SHA1
  
  5cdefcd1e027b12bd90efe79cc970cf99e5e6b39
- SHA256
  
  97c9540050df2a0617ddcb10d0ba778667343cbd7f181337e5c0e82276a22aee
- SHA512
  
  34dcad66b8267c9a58a6ef68ddb500defd09f2ba337feb807070f408d99b5f88d880c057b81dead8123fe0e57973acd416b93abcfe1f6d4f5ef628ffe88db64b
- SSDEEP
  
  3072:vvk+T6ksYVKNt1MN2nKx8BRNss+9ZJC6xchE:96kpVDINsLZJC60E
Score

1^/10
behavioral11
- Target
  
  _8AF2F97B51B0701F1C5EE9E312FBBDAF
- Size
  
  60KB
- MD5
  
  c88512aa3c2a17249ac28f8470243579
- SHA1
  
  37a9dd65065aeff6ba0819dda6f51f688d7f2db2
- SHA256
  
  b83cf02fba72a8e96d4614a37a2b2010b8741db0af1d570510ef53661d0887fc
- SHA512
  
  687423107cbc41304f2e3a9d52fba474f323913e7f7f00ae654c7a2842f97c40cb5a852065f96ad0d68c1a873f38d489dfa09ca6f918fcefbf686efb2c08a322
- SSDEEP
  
  768:/1kfrWJiEmxLO6QIUC4KjaLLkilCHjZZUC7S+oYckrw2JbMmo7eA0KxCyjc/1JAY:/NiEmZO6MK+LLkumZk9gJbqQCCyjPi
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral12
- Target
  
  _8CAD92531FCEE9FA6989F889207CDA44
- Size
  
  1010KB
- MD5
  
  5f8dd7e69174b9873ce4cc6c9ed78efb
- SHA1
  
  b9646bd6f50005bdebef16fd47ecf01dd8c7c27e
- SHA256
  
  0934aa6204e3b16effddd19d1f355f6f9f2142ea7d64fb7c4e1adeed921bec9d
- SHA512
  
  e0497eca5456268256727454272b6c774112cac2ddd655a0fa37f9b4e5ff7a75610c6ae1da773fd73b7447f05a30a50bc6644d286d6328e8ca48274a0d86c1a5
- SSDEEP
  
  24576:yC9Qm7yhQAqmsUmn8gNh77uMZ67ULkIOtDxZwdJH:PLyh3chOM8w9CwdJ
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral13
- Target
  
  _8EFD210D2566AB9E39E038BBD504596A
- Size
  
  137KB
- MD5
  
  5f8c1f8f1fb6cecfa2619b66da94bda2
- SHA1
  
  7bc3641700b2695be7526f8f79c1480751e1637c
- SHA256
  
  99a47e2b618bb05389cb4daf275c28e287a5dcdeead9409550735bd53d1020d7
- SHA512
  
  7ca3fa2cafe5fb6e85cf6e757169e1c5fca31f01f81a88f590a38fdb51a4c67b82680ffe0061c07e06931e034aaa2ff4bfa44c97bf47c110cf187af91d349d40
- SSDEEP
  
  3072:L3h7mc5AOlALChHozXq212Zagi6Qf0NDsQkI4BMoizl+jk:Lx7mc5dAOhHozOZTHQf0N4zBMzF
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral14
- Target
  
  _8FCD084FEA1DEADAC814BE0A01BAFCB4
- Size
  
  81KB
- MD5
  
  1ee61ab8c24686d0ff45bbb73fd61419
- SHA1
  
  07a7f26eed69e5f9c29996397972dfbe050f4517
- SHA256
  
  2b21fe9f6482fe192756e960a4aeb134ce1a44369ca36b792c6d18da489921cb
- SHA512
  
  f04f57a1a6bd14538365a77631ba7e7bd1b0854f79ef05b7ca6019b59816df70a525933df281cbf1683ee8806f52e3e6fe0182fef1cc28fe452b3da41b69f27c
- SSDEEP
  
  1536:OZC254HSv+PzoClQ/KyCyiu8nBByLVe+RvuTPucHD7PCVTdLgUkCK6:uCeZv+roCliCETLTuu8D72TdLVK6
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral15
- Target
  
  _903967F51CF6ABB3C214038FB99275E1
- Size
  
  141KB
- MD5
  
  4e8cc8bdebed5ad93539612d4d316fdf
- SHA1
  
  e7512a139bc73ca82941df7f99dcc22d6151bccc
- SHA256
  
  bebae3ec309386fd3e601c3ad5f9116a97c3791cfb7b8b7558b946e45e7249f7
- SHA512
  
  ed8782bc34b40ef06601b818005c7fabf8fdd7f71da308f739ec990fc6fa9d5af30ae9f88e48cd021f659cd6f11dae202f292e5cc5be9477e55cb8582db9fc2b
- SSDEEP
  
  1536:61EQWowhnIR0is1geOjihV6uhkYUSzcAx1Itw0lM8eUnqWygKkPlBTNS7qjh3rmu:61Gny0is1iygSw01IZ1yePlBpFjZqMN5
Score

1^/10
behavioral16
- Target
  
  _90FA1CB6450C62F6483E2BB820CB8C82
- Size
  
  752KB
- MD5
  
  1ef3b7f0d258d93b1aaf2a069dc88984
- SHA1
  
  2abfcf4a0b41a4ed375c733a54ff7281d98ac27a
- SHA256
  
  bebb08d34fffc76cf6cdfaf03864a5286f35cbd4c6a91b7e16ee1994c0801a3c
- SHA512
  
  47a8a4e5b0f62efa1cb655131158a257336f9bb546acdca0951739d9122a14e9181b259e0e86d83547f1948b1dfede73c44f24d8587617725ac687a93153b591
- SSDEEP
  
  12288:iO1EwujxjFdftmI2gbFwVheg3C9dlQassCyB66riBX1di9jNvFmQoPI0W7Js32/Z:ikryr5RCPalQZsCWu+9ZvFjvqy
Score

1^/10
behavioral17
- Target
  
  _91984487357AC165A53A9419BD22C1E8
- Size
  
  13KB
- MD5
  
  41ad604c3be23c088a2db8436a1b8601
- SHA1
  
  ce022cf2dd4c4362ea4b31ec8c3458502c307b3f
- SHA256
  
  0214e1dfd27a961df9085199c8a4550c4b2540b9863e1e4cc010e89cf818c757
- SHA512
  
  7eb78f1fe40c0fff1fc3ef3918c8bb10883807676edd1274002c40cdce547dc322189a0e2412b61b51fdffb323021e1b5db8979b8e6c98bb0e8e4a4669eb7dd7
- SSDEEP
  
  192:ZsHZRA5gMRHJgGjGnockSBWgt9dt6Y6MfXvjuhjA2glvGRMlmwYz:mnAzRpgPdvtcY6EahjiNG4M
Score

1^/10
behavioral18
- Target
  
  _93B373EF77137C2F96A8769427AC4304
- Size
  
  360KB
- MD5
  
  ce23e1f84311088650d76c2c610a610d
- SHA1
  
  2a940cc297ff593ff3d0047f5324c655ed76b7c1
- SHA256
  
  860dc8b2601ebd9d1c7ef0b85f867624593e493d686cf115801fb78c476c96ba
- SHA512
  
  91d18d804f2f10717ec38033e937367da9e2516558424623ebc787d4e4773345a3c97389127d3fc52b291eca0a5e9b075157a1f135915d2cb38a93fe0986a3f9
- SSDEEP
  
  6144:NiYMlrp0tuA/c5z4JK/PnvjQ1Fa47WRFLepp0xeUZ5gwE8C7H/C+KSiiKhWEewYJ:UlF4/FJK36FjaR5e30x5ZqwGDC+/IRef
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral19
- Target
  
  _93E97C33EA3FADA1FF34686C2BDD6300
- Size
  
  7.0MB
- MD5
  
  ef2890a248073a5e87bbda89f38aad4f
- SHA1
  
  0f2244efb6af834fe45956bcd02ede13ae5d3cdf
- SHA256
  
  7e2ce5d9fb8aa72bfdc1ce1d736696ae13a4a07c2239666c586359a093434625
- SHA512
  
  6c417f29455cf84611ec633d99ab3c2969a28b8cad146471b87cc450e46eac2351db4a9ad495ce289078c8f8e1f2400c27939ad942056e073817cbbb9835be67
- SSDEEP
  
  196608:5+DYVVRD3wg3QiEheEYn+SpUXeGrskCoOKiMp:2YxD3uVsn+SuuG5CoOO
Score

1^/10
behavioral20
- Target
  
  _9420AD2F98EF4A71E4810AE1456EE580
- Size
  
  41KB
- MD5
  
  f57b10e02773df406fe9bc403b2542a5
- SHA1
  
  3b8a2113a4dadb164d998c771516fe98c08dab73
- SHA256
  
  5b4f0bf1a252d510f242e09b7d83cc797d18823b36b9981dcb3b8335d0246ba9
- SHA512
  
  d58e51a48e165cea62d74a357be911df49860722d30aa93153e8ce1f46ff79f95935e36d20ee2019ba7cb87e3cf530553e1a9156f8fe63e15f3505328c7850f0
- SSDEEP
  
  768:2mcVBgQl4JMn628Ae+sGGO7fHcRsn7NpRWhBUPdb1pBYGOY/9XBLcRRhsiMVm:2mcAQl4JnhAe5kaofRWvUFbJJP6RhdM0
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral21
- Target
  
  _94221BE3900094783D8A807534FD05EA
- Size
  
  13KB
- MD5
  
  9e11906206a8bcec03970a81fa20e605
- SHA1
  
  cfdc87aa011165edf66a1105f3cf2bb0b031ad6a
- SHA256
  
  c20b17015908d0dac783fa1f0f509550735e2f5eb03054e1904baedb230d4adf
- SHA512
  
  1fe49d22945b73b2087c07703987bb852e2b56c467aada6ca089e6d469971e68de290f3d8827d180dba93fdb3c3f9b249df3e1e2529679d823edaddff5a92b26
- SSDEEP
  
  192:ZsHZRA5gMRHJgGjGnockSBWgt9dt6Y6MfXvjuhjAaRfFW9Yl:mnAzRpgPdvtcY6EahjTfo9O
Score

1^/10
behavioral22
- Target
  
  _9452A580896DE44A8695C6D27604EDB0
- Size
  
  16KB
- MD5
  
  7aa4215a330a0a4f6a1cbf8da1a0879f
- SHA1
  
  a533b2c9b72911ef98f25912554b5aacc95e5ea1
- SHA256
  
  4fd64aeed340d62a64a8da4b371efe0f6d0d745f4d2dbefacba86c646d36bc72
- SHA512
  
  24e9f97196aa63bad54245a69d5d9a24f154638af81c99ad60a0b08d15b8a18ce35c9592a1efb214f80cda8d9637bb1e167798233aac2bc75ca57935a65bf8bf
- SSDEEP
  
  384:26ipihOh2GN/qyuotZ1JlqoGRWLcTzX8M:TipihOtYDotVyWITr
Score

1^/10
behavioral23
- Target
  
  _94C8A56AFEEC9D34E03A0A2DA14CF8BE
- Size
  
  304KB
- MD5
  
  d69a5604a8e4403c8e44f4f796b7bc40
- SHA1
  
  712069d70624116e97ab83449aa60e7999bdf9cf
- SHA256
  
  13e875c1af89c70b9d6dbe56bebb2319e9ec58c3d5ff4c1441bf9c983605edab
- SHA512
  
  3f67b807622bb30fd903cd8b6211b02fba0c74f6305edacf122050b5f82e1901e800f13ee6d245081ced66f411c1d23fe90e77a6070ca32deab83984b6db986e
- SSDEEP
  
  6144:ry6Z8DewD7A3x6DOrbwBAWsAHQVOMi1WNeTLIJgvSg5nUxnK/aw:ry6Z4eqA3xFwBAWsAHQ8Mi1yeTLlSg5t
Score

1^/10
behavioral24
- Target
  
  _94DF584B0D852F45ED59495B3083B186
- Size
  
  260KB
- MD5
  
  af7d4c2ee2a19ba101875a1ef745b758
- SHA1
  
  1f4a386afb385e3ef263026619d65d879d280773
- SHA256
  
  e815832e0fe253f2a622ab0b7d2def8aa8a97671b723d3885c5baa7f00542937
- SHA512
  
  2fc849f79561135c58abe46e3dfecc0fc744b137fd060bc7411a8c60d2dde625d9325c75c9ad1557aee7b8fbdb765013549d3de9617d1535aca3c8cb72486294
- SSDEEP
  
  6144:eouw73Cj/FdgOR3DNyAskKRCBgsxdSajIhkFczY:eq7yj/fgi5yzj4Bg8dSacz
Score

1^/10
behavioral25
- Target
  
  _9582D6BA500CA815CE2C40FEB88634BD
- Size
  
  10KB
- MD5
  
  1853b8593a3a98d87611de51f86021a8
- SHA1
  
  caab74022793881c108b2605474d58ae6069d25c
- SHA256
  
  b16a286b1e423fe9120da8f56c61089bd611cbf795b1276b70a234920b968c39
- SHA512
  
  a5965bc1d467f1bf7761cfc8a67676d606fe9cae422b034dff67bd88fb6f8215db201bd75dd16d1cfd93446fd8836f0c0cf15de549e29133a6225b75a99f1c7b
- SSDEEP
  
  192:IVaijcLtPViTfS35eX9s49dtvxhMfXvjfbYAsMS+9KvhVYqZdyF95ExKP7:IMijcLBoTfSo9DlxhELbYYSkKh+FcQT
Score

1^/10
behavioral26
- Target
  
  _96AA03667D6CB6E55CBC8FBA4385D622
- Size
  
  244KB
- MD5
  
  55e4386403442f4530a32d41458c9ccd
- SHA1
  
  a561db6725302a1c2d278d47f7dc55dae488f1ec
- SHA256
  
  833f49b5c5eec47038fe9d0d10edb2078bddf3119911e49ba59fda2171889fb6
- SHA512
  
  c5a16b34f991be791de5749861654cd8b96371c461e1225cf7a33dcc0b619f8230309915134a6d4eb7c9a25fdd1d83ef15a80a68599bdfe23f22b4c2a8890d46
- SSDEEP
  
  3072:p3uxTGu3ao4EIRZf1HOaKQdJKLwK2/zCKVs7CntuLEYjL0/Wh2VyAQ7jI4Caftj:ho4VZZKLF2/dVs7CA8WZ7j3C
Score

1^/10
behavioral27
- Target
  
  _9752D56150AC6C43A8ED642651B834DA
- Size
  
  988KB
- MD5
  
  4ad422801fe394bb3948a36366a51940
- SHA1
  
  284b414b7a5bd89ec61a391c9a350e7feab3be8c
- SHA256
  
  ec6b4be43716b255cc9ce1aa5cebfe4aba6cc64739833945182d5500e4b4046f
- SHA512
  
  86905f936557f195a99e5a53831c39fc70ad8dff17d3b9096302b4d5dbd84351d3cb436c1ddf96cfab268d3d7a63ba5872f560da2301bfe4ff98f98c4ba3cfbb
- SSDEEP
  
  24576:9xPwE1f99UGBKp6dR+rrdGbUkabUsLbqJHm8ER0b:9tX9lkpzdkabUuqr3
Score

1^/10
behavioral28
- Target
  
  ISSetup.dll
- Size
  
  1.8MB
- MD5
  
  7ae6fd1721e2fe40fc36a9bccb125e6d
- SHA1
  
  80857f32d442b583d717ca53cdf55896b7842aba
- SHA256
  
  86f37ef6b5c9c9eda6577983cd72cef6c6132ef8efb599a50793dd1cd095a882
- SHA512
  
  51eb759ba656d68f0fc02d2dc994e6f9afef618c10910f7f213899a267c52a64dd8431c3bf8f2a0109bcb89399f361f4a3e94497f0a94e2051ee65a0966628aa
- SSDEEP
  
  24576:ah5iXPME+5wNhcUIBZDd5rI9NCMJB7vVbKdOXBLk1OhE38Ov7KWDCFXufP1V5nKJ:ah5xKcBXE9NLTVb6PP8GNWF+f1nKei
Score

1^/10
behavioral29
- Target
  
  StepOne Software v2.3.msi
- Size
  
  2.5MB
- MD5
  
  8b69bc3e8e6788173b742c3ab5ca29c1
- SHA1
  
  0a9f9f09de585bd55cde38168c82a6084b3bad26
- SHA256
  
  ad3a0fd0a3badbb44e7b69af17077e574ab5573c72fc072e767951828f002b5e
- SHA512
  
  5602bfc7bdfea326de2c1508e8a5aae262ecdc7e13275d094dfe3974caaf35cfee06c02694f9118fb94964b385c79c3f9d94c0d18adbd0410b27c5e0091b8e0d
- SSDEEP
  
  24576:TSTsdoO403Y+ATRYha8haBvm/F4VqKfHr6kEk8HnNvCfyHVW:TSAdoO1Y+ATRHbwZKfL6kxuCs4
Score

6^/10
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral30
- Target
  
  instmsiw.exe
- Size
  
  1.7MB
- MD5
  
  61a5fb191ae2ae876db31dcce75e4183
- SHA1
  
  751669c38b666c7435b2a65a5c6fe40435d59aaa
- SHA256
  
  b93fdcd1136faa9a8cb73a329b2f1f5f430a150ddcec35de916e3a1539f09351
- SHA512
  
  76ed473ff370255e7b09a931c10e1aea7d9d84b4655d85e9ad28faa5f143bb9063c363829a28614fb89cd00c4755e825268123e5f6f4849a0db9328297811ffc
- SSDEEP
  
  49152:OFxErb1F2gqQF6d8RrycC51DtuoIwgpXIfWzbnoP2qDAV:2Gb1FLqQF6dWry//DthQiooP2qDAV
Score

7^/10

persistence
- Executes dropped EXE
- Adds Run key to start application
  persistence
behavioral31
- Target
  
  setup.exe
- Size
  
  964KB
- MD5
  
  d6b7eb2d91821193541e290ec91d7b34
- SHA1
  
  0b59231cadf2f168b6f13e37de8b616de5be0527
- SHA256
  
  73b291823bcc151e63191b8f7e9ae0990764b8567ae2a98e6cbb2f46c6a46780
- SHA512
  
  90c3bb968cbbcd082d4d4abb8dceed41eb8f64d29bc829e0f6c9b3b67ad856c24620cb30acc9c791c84376eed8d6f257c45859099d4226081df931538a58c29e
- SSDEEP
  
  24576:1gPE9E45lYqV6d+4oscKQg2tTLe4aQWJE:SL4cqodaKBYT6ZZC
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

File and Directory Permissions Modification

T1222

Modify Registry

T1112

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Modifies file permissions

Modifies file permissions

Modifies file permissions

Modifies file permissions

Modifies file permissions

Modifies file permissions

Modifies file permissions

Modifies file permissions

Modifies file permissions

Modifies file permissions

Enumerates connected drives

Executes dropped EXE

Adds Run key to start application

Executes dropped EXE

Loads dropped DLL

Checks installed software on the system

Enumerates connected drives

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32