9977291ab2a17549ea194ee338da6dab687d3ad945b7f249b5595d770c675194

Sharing

Copy URL

Twitter E-mail

General

Target

9977291ab2a17549ea194ee338da6dab687d3ad945b7f249b5595d770c675194
Size

4.3MB
Sample

231229-p2xl8ahbb9
MD5

513dc1be0d59a9e7f625c0d6fe250adb
SHA1

6ba5934936193f1bb995bc8ab2429038189a1ebc
SHA256

9977291ab2a17549ea194ee338da6dab687d3ad945b7f249b5595d770c675194
SHA512

f6456bfaeef376a1f24581e763a07f83a6534b116ab4f4e460f34f98af076585296dff84832aec3471be78307918cbd2e74cb866228d647ad55ced29308e90f2
SSDEEP

98304:iB4c5BKQGKxHrmx7vKddk/WHjBRjDB445BFHrmxXvyNqY2yyZmdBv:iB4cXLGOLmFSHkeH1tDB44XFLmp6mcdR

Score

6^/10

Malware Config

Targets

- Target
  
  Fastcopy 5.4.3/FastCopy/FastCopy.exe
- Size
  
  1016KB
- MD5
  
  7266f64607b5591918e55aefae76f64f
- SHA1
  
  3e0eb02379f46123e50a8c39093925b992a84791
- SHA256
  
  2a2b7f3abaf7b8fd1b5f44ee71043aaedef2c3a313aa5f1b762818641ddc1ef8
- SHA512
  
  ff2f051056998ff1d279b010aff8279ec78910dbe50166eff18610dde61b3d93c402ca8c7f0227ce245947ab8267f199c608f3411ad24fa209809a0ca84f9771
- SSDEEP
  
  12288:JZDBrUaqPMMtUG7Q95Dr+WoMqms1OUUtuet7QanGa8M/513bPi+m2aouCyy6vsZz:JZDBPrDdJtukMVO51LcQuCJ60Z4SxCQ
Score

6^/10

evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2
- Target
  
  Fastcopy 5.4.3/FastCopy/FastEx11.dll
- Size
  
  311KB
- MD5
  
  4e8541368912fbf84fd49519a66a8bab
- SHA1
  
  082e23c0a2420cfe0a9ee9b31daa9c6c4be34740
- SHA256
  
  0c0059a64ddb51209bd798644072cfc34b8b89ed37cd4fdeb051f7bb35818519
- SHA512
  
  392470cc72bd782b442555569a304c16a442d332ee2f3706957738eef0256a174afa0bae9aeecf129a42e3773c7a249cfeb384a9811b8a5ab792c95132c5b15a
- SSDEEP
  
  6144:OIn7m7fGtlqM3NIkV+vmq1pUNlF6CjyoTH6rcA0TnjuqOG:eGtlqz6q1pUNl/y66oRCxG
Score

4^/10

persistence
behavioral3 behavioral4
- Target
  
  Fastcopy 5.4.3/FastCopy/FastEx64.dll
- Size
  
  270KB
- MD5
  
  b5598e5ddf2f4ab3aec6fb6c84d3e280
- SHA1
  
  29fdce6fccbbdad5e1ea76deb7a0c33bf339e461
- SHA256
  
  f366436e1257def38eaecb08e607aadb630c8759cc43ccd1c262068ce6df1c08
- SHA512
  
  bfed9b788a4dc6aafb555e41f08e02ca6e02e71afbf6ae11aebaa643e535ce018959b2593931b93d3e4d565df66fdc23820a588c65df05792f638c60cc1595d3
- SSDEEP
  
  6144:s2n7m7fGtlqd5GNSwTa9gN9M2OazzxQ3O2:OGtlqYTa9sXOazN32
Score

4^/10

persistence
behavioral5 behavioral6
- Target
  
  Fastcopy 5.4.3/FastCopy/FastExt1.dll
- Size
  
  199KB
- MD5
  
  3bf400aa22fe23ff7700965ee7857d6d
- SHA1
  
  2960e909fa241493af8f986171576c64c581b978
- SHA256
  
  7019fd4488be4ed907a0387cd48682d3a87d993025a1087b39a91f3177778105
- SHA512
  
  a70b2f7a4f1e5edb185c204e07ccfab5e8d0b4c4ed6e7f18e343ba908d545224638bc3b70bf8ab535810f829445a5faaa51ba37f2dfcfd6f4f67808f3a654d28
- SSDEEP
  
  3072:TIIIIQ9r1YEkZ6BQkiHbqRIV2I/s6aoJ6WSxpNOkzvNzFQmkKOtk:TIIIIQ9r1GZ6BQ/Vts6GpNjRnkKOtk
Score

4^/10

persistence
behavioral7 behavioral8
- Target
  
  Fastcopy 5.4.3/FastCopy/FcHash.exe
- Size
  
  319KB
- MD5
  
  c9c120acc5f7151b20fefa01602ff4d2
- SHA1
  
  155f4c7f8d7758d77af8cceaad8000b950708015
- SHA256
  
  3c5e4a6f49430d3676c08dc9ba27ec67d883b675a5fb6e068800b6538606c601
- SHA512
  
  17a96801ae514eadd83e5dc65d23e03b524964e3bd3d5044a371631d98ce6c4b8ccc49336189a6b35dff9ede8b204b454f02e93cebc633dd0250b12770aac778
- SSDEEP
  
  6144:nIIIIS9x/3TIHxAIfccZPzgLOyoQRNwlQhFE5Oc:aDiAIfLZPsSTQRNpFEoc
Score

1^/10
behavioral10 behavioral9
- Target
  
  Fastcopy 5.4.3/FastCopy/doc/FastCopy.chm
- Size
  
  141KB
- MD5
  
  d1d611f04348282904f683185b881020
- SHA1
  
  1f2fa3b577becd4525fb4062e021df18c3c0e086
- SHA256
  
  aeeb3ea74c340ae320ae81ca090af6bd21ae8ac65d053296827d5e812f644930
- SHA512
  
  0c40a75775cd30ea1a734c0d2de1924094ca415bfb86040741b9f612b1c46d2074fbbf0c44b6d04794c4f1fb76154a8bb38cfa13652dcb7369916d14a2c3f1b6
- SSDEEP
  
  3072:ms3+NvEwkVeu7fjcDHiXoOsTQ9olVsgwwyuAmtkp+Vm:mREwueukDHi4ODolnRG8kpom
Score

1^/10
behavioral11 behavioral12
- Target
  
  Fastcopy 5.4.3/FastCopy/doc/FastCopy_cn.chm
- Size
  
  188KB
- MD5
  
  7e16c5f1e47b218b4a9fffcfdf79d329
- SHA1
  
  236e983d919cbecd5f250a681a1d4f6d74cad724
- SHA256
  
  646d0aecb78cdce3ab3dd86707740fe0cd540729d7e73054f02377dfacb2b5e2
- SHA512
  
  edc8b2fd8b5d9d85b6a1bf332eca6ef03e91836a8b8d79b472d9a58f3050d5e5eaf326ae59347f32854c0931af1c298202d01b9a9b196d1bdc74d0717cdd626b
- SSDEEP
  
  3072:iGw1zdOO/9xYR0CGyYuWP+tEJxDEJ3uc9SXQlzzNaIhXFUarqKoIrhTKYH1xsdf9:izL9bn1PakDEJ379SXQfvhVDqKoIrdKn
Score

1^/10
behavioral13 behavioral14
- Target
  
  Fastcopy 5.4.3/FastCopy/fcp.exe
- Size
  
  1.0MB
- MD5
  
  bc066197fb338339054929c02eaaf99b
- SHA1
  
  186b8788b28ff123b217be0b083c901fce46a084
- SHA256
  
  7c75f4d11e5a8c7d56f5014b8063b68e92a839fb6359bff14c34553171500633
- SHA512
  
  ad7b618d2f203b1cac529e7ba2907f6823646d83fdadd1d8498e257aa20d192e0ec95f0f33dd9e84283fca0e79b94d209df32b84f3248f1fcc3b3dd3ffb8fe7b
- SSDEEP
  
  24576:H5EUOW5vS1Jajmemof9MqRw6BCwk0xl704Zh/5yUq:Zq+EJhnUSqNCAxl7lZXyU
Score

6^/10

evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral15 behavioral16
- Target
  
  Fastcopy 5.4.3/FastCopy/msix/fastcopy0.msix
- Size
  
  10KB
- MD5
  
  89826107e8d2115ce2810cfdf5d20cf8
- SHA1
  
  bfa15c7b3ff9f7543180e7057a627b182f951dcb
- SHA256
  
  5f9ea1f5ba6487b8e5b5994e672224f55d3e3cf11aeb03f8fe6245b55eaa6d32
- SHA512
  
  1803b43dbb6d0ef82373d48dd40924fe2c4a255c8f884f2f9cd712ddd194a05b2376920412cf5fe2057450e3d8269663da2610c981ce3028d6d2f427e56c85a9
- SSDEEP
  
  192:QEQVthv8khSr3q16Q2y/Aadhs64qu8fc0exuSNPOpNXkrwgIUnbVEDluVp/oQm6:QHLZ8khSwSVanstqrc4S0pNXKwgIUbVL
Score

1^/10
behavioral17 behavioral18
- Target
  
  Fastcopy 5.4.3/FastCopy/msix/fastcopy1.msix
- Size
  
  10KB
- MD5
  
  19bcd93a3e659ef18eab97068ae2cddc
- SHA1
  
  e42a59ec59f781359804204b283b6a4bfbe78397
- SHA256
  
  97a85196324405a1c537e6848486b33b273e53156d2a15f4defecddaa89e134a
- SHA512
  
  3c173bcd8cdeef374873b14c9b26f2984e7add4a6677488fce190eb4f1caeed9e6b213a35d55dd4f54da57bb1572072d895e0525ce60a8f5ac3a545f7af3fe68
- SSDEEP
  
  192:gp9QuL671/pkG6MkSIAdgXU4risXy2KURQMRCe8EH2vaweiY4MuBveZABo:eQukdpkGrXIA2XflXy2KqLclEURQyBo
Score

1^/10
behavioral19 behavioral20
- Target
  
  Fastcopy 5.4.3/FastCopy/msix/fastcopy2.msix
- Size
  
  10KB
- MD5
  
  1e4dfe46dc5263d8333d986a0185cd96
- SHA1
  
  2ed9d1516b72320593a11eba80dab8a5ff5bd7b5
- SHA256
  
  a85c307d5ee9c2015589742a89ad5213a1c471f9ee8d0088d553b6a6a4b66ec8
- SHA512
  
  bd60723e409a81461b8a4705a35a40bb8f7ff886baf278240e1b45171bab9a09fa2816a34fc82d027696b59bc6222fa3638c6cb9613151ab601195aedb402b30
- SSDEEP
  
  192:QcNOVIesT6028daOvPMZLwVJd5S6A8c37g8z+TQCBlD3AFv1nPcTta0EI2w:Q+OVIesTd5oOvPocjd5S6xi7g8yTHBlp
Score

1^/10
behavioral21 behavioral22
- Target
  
  Fastcopy 5.4.3/FastCopy/msix/fastcopy3.msix
- Size
  
  10KB
- MD5
  
  0ecaaa99e7d0928f84d5cfd8fdba67e2
- SHA1
  
  da4182904bd8c704534a4914248093a74675b2f0
- SHA256
  
  f065c7f7fbcf13b192a11dc699a073d4cd52ff0a168709fcd4a1e5468b4cabad
- SHA512
  
  2dc2d9d13506b5f2225478d4d7fd6e8798f8c99e44ae685f8ac38589961054efed1329d638e355c8aa7bece85e06910a3dac918356a29a638bbef4a1e2e05511
- SSDEEP
  
  192:Q0NOVIQsn6bp23uJ6NORKDcsCzksWa52m2LvrZj6cNeIdnzQSOth1CyI2d6:Q2OVIQsn4+YRgA4sBMrHQIdIn17II6
Score

1^/10
behavioral23 behavioral24
- Target
  
  Fastcopy 5.4.3/FastCopy/setup.exe
- Size
  
  461KB
- MD5
  
  94f1046d0c880c48119100572b1bdf3d
- SHA1
  
  5c9a565ea40cea6f0acbc172d13c80a9e85c2a8e
- SHA256
  
  aa8c3d09bff38870ac48d2eae6c3c0abdce67cf02ad6102d57a177b65778c381
- SHA512
  
  b8e7e9bf1c6a6124f7750d2be70de9f972c8b21e8634425db09708316e1c45e7638bf2a9acb3aa171936900094e1fbdb1c8760f11345e384d76f7604a46caf7f
- SSDEEP
  
  12288:bUlnTEWG2x8HwAZLGf4t/+snzrTZOzZT47UrcMg:bUlnXQ5nzrVOzy7UYMg
Score

1^/10
behavioral25 behavioral26
- Target
  
  Fastcopy 5.4.3/FastCopy64/FastCopy.exe
- Size
  
  1.1MB
- MD5
  
  4817896a7d7486dd8283d5224886596d
- SHA1
  
  18bbb74628e8138467be9239de01f3872749d6ec
- SHA256
  
  0af0869004ab7de4c3b965d73bd9801b4d3379d4adc1157984d61167c6ceecce
- SHA512
  
  f504999455f17af91604aa99b00df81f92f82b5b5192767059aaff8c1fac39ef45471466b1e18b743e16e34afc3a5e290abd2849fa499aa3d27d2b31573c6511
- SSDEEP
  
  24576:OGtlqe7zwYT8k5EsI7woz2ECwI1jCYjcBZz8Z:OGtlqc4HfwozgwI1+QcBZY
Score

6^/10

evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral27 behavioral28
- Target
  
  Fastcopy 5.4.3/FastCopy64/FastEx11.dll
- Size
  
  311KB
- MD5
  
  4e8541368912fbf84fd49519a66a8bab
- SHA1
  
  082e23c0a2420cfe0a9ee9b31daa9c6c4be34740
- SHA256
  
  0c0059a64ddb51209bd798644072cfc34b8b89ed37cd4fdeb051f7bb35818519
- SHA512
  
  392470cc72bd782b442555569a304c16a442d332ee2f3706957738eef0256a174afa0bae9aeecf129a42e3773c7a249cfeb384a9811b8a5ab792c95132c5b15a
- SSDEEP
  
  6144:OIn7m7fGtlqM3NIkV+vmq1pUNlF6CjyoTH6rcA0TnjuqOG:eGtlqz6q1pUNl/y66oRCxG
Score

4^/10

persistence
behavioral29 behavioral30
- Target
  
  Fastcopy 5.4.3/FastCopy64/FastEx64.dll
- Size
  
  270KB
- MD5
  
  b5598e5ddf2f4ab3aec6fb6c84d3e280
- SHA1
  
  29fdce6fccbbdad5e1ea76deb7a0c33bf339e461
- SHA256
  
  f366436e1257def38eaecb08e607aadb630c8759cc43ccd1c262068ce6df1c08
- SHA512
  
  bfed9b788a4dc6aafb555e41f08e02ca6e02e71afbf6ae11aebaa643e535ce018959b2593931b93d3e4d565df66fdc23820a588c65df05792f638c60cc1595d3
- SSDEEP
  
  6144:s2n7m7fGtlqd5GNSwTa9gN9M2OazzxQ3O2:OGtlqYTa9sXOazN32
Score

4^/10

persistence
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Event Triggered Execution

T1546

Change Default File Association

T1546.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Event Triggered Execution

T1546

Change Default File Association

T1546.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks whether UAC is enabled

Checks whether UAC is enabled

Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32