8e96fb10eaea6aac4d09d1b45d13cd259b55d180f0a3e80ed2466c4a9bba0b64 | Triage

Sharing

General

Target

1c053ab4efe9d7a5a0fbcd2d84773257
Size

880KB
Sample

231230-zgdcyseehr
MD5

1c053ab4efe9d7a5a0fbcd2d84773257
SHA1

1edcedf76447e2e0572c27d6714d8cc3c954c152
SHA256

8e96fb10eaea6aac4d09d1b45d13cd259b55d180f0a3e80ed2466c4a9bba0b64
SHA512

f643fd4b85aff69dbe0238505dc8687b241896d7c633d50936945b5e64ab6d3f4e9b95438dc12d43a568d4083fa98e0a6762db7de3cac16159f2fe62962cbe69
SSDEEP

24576:2D27akDIEosDCC3crIxLSlL20aYy2pthAWF8:2GrkhsmCN0ow8

Score

7^/10

evasion trojan upx

Malware Config

Targets

- Target
  
  Data/Astatix.url
- Size
  
  69B
- MD5
  
  89de41d608be4128cdc66c5d51a48837
- SHA1
  
  01968b678b1213d0a2d80b69adfee5ce06d9fd3b
- SHA256
  
  7c865a555cb858d718e8fb67ba0fe430cd54ccbf6d402aa8bf89c4683799d3f2
- SHA512
  
  467a167c8041a5819725a4995c07ecc0bfedacdcfb1ec91de9533113bfe827e44f39d63b7f88eafc04b87900d7f78f384f34bfc325b379b1fdecc83dfa7f479b
Score

6^/10

evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2
- Target
  
  Data/CrazyTet.exe
- Size
  
  469KB
- MD5
  
  e090d1e67ce34dcc02c5d42322faa294
- SHA1
  
  31d0991d9d9a8b7f750bf9b086df07466bcaa505
- SHA256
  
  c287eed5f404b9614e9a09603aef6ddf8c52c8242a17336422356628591498b7
- SHA512
  
  d2fbf981f278d30bfbe893eea0bd0be857db45f243b267272720a2d8292961d79b7c47dccca6d357484093f051fa0642015bb6e798978ee07d296d042fc9ddd6
- SSDEEP
  
  12288:pjdrQx/j7W2isEZsWKOUyCDbMaKnIWt0v6nHMMIxsbs:AZbEZwOUyCDbM1IriHJIq
Score

1^/10
behavioral3 behavioral4
- Target
  
  Data/DGO.url
- Size
  
  75B
- MD5
  
  0bf3ff329951ee48ada78fe6ab0a8991
- SHA1
  
  258d0891477f3261c677da2bf323b3782ee9690e
- SHA256
  
  cf3812476056cea11f47a9edd174e3fe9ba8a7cd49c6359e7b2efd5ca013f73b
- SHA512
  
  73f066fc6443f735272db5d4bda6339fd2d1d05a9353ca6823d59c036cffc69023224fed978fa34801dccbad3ee9e7d6b83bcd59bae36ca7d099cbb41cc0064a
Score

6^/10

evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral5 behavioral6
- Target
  
  Data/Games.url
- Size
  
  158B
- MD5
  
  7da6b1d97bd5b9c5529fd06935927385
- SHA1
  
  fb04806711e529a2b578f142017cfafa1256f6da
- SHA256
  
  46a087efefc2f721491bf5d875b2c9f75015cdba0966f820633560a212e6b5e5
- SHA512
  
  17ad185bfb4dd2b9f8203563099695caf7ac67862d4ca3fc14b940258e24fab95774c7c7a887e5f2d7dd81017e85851f356edb9cd9cc786ebb2d790add0ce871
Score

6^/10

evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral7 behavioral8
- Target
  
  Data/Help/Help_eng.chm
- Size
  
  225KB
- MD5
  
  973836b48ba701eacebfc9950ec5121c
- SHA1
  
  c1fead05fad2ef359da1d243dd22199218e16ff9
- SHA256
  
  162c0e050b8ff4db3aa2b4e3ae202d1b731c4df602adc7332fa5926b57c741ae
- SHA512
  
  7092e57093be8a8b3cb8acca22700297285c835b4c37fe766c8714022b8385a8f6ddd0b814eb05da138de622eda350c4a8b3aa73f03ea379243e0d04ce108bd9
- SSDEEP
  
  6144:AzNzxD/Gc9126hDz22UJhEPmqbp0g1UEr4Kz:sN/XtrU0PWg1UY4K
Score

1^/10
behavioral10 behavioral9
- Target
  
  Data/Homepage.url
- Size
  
  63B
- MD5
  
  8c6913a67601d934a37197d0b3c9c5bd
- SHA1
  
  97da3572660e947e1a86acc2b5ca6b7127e16983
- SHA256
  
  6d1c970f9a01acc43828441da6efa08ef39ebf7230426e0322298fffd9b2e6ea
- SHA512
  
  fd04de8213b4a8101ba01b1c4073ec157e2f84d6ad2750e4d26553c76e3a12258eaeb589d37bd6415af44af064582a9cc0a2076577f28aaa7eab3ecacac39b8c
Score

6^/10

evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral11 behavioral12
- Target
  
  Data/Registration/reg_eng.html
- Size
  
  667B
- MD5
  
  9bc65eb37f2d4166c91912d86c11ad14
- SHA1
  
  f7dfe6225ba48ff1f93b29a0039f806928fcc38e
- SHA256
  
  623551f0073ff7893d41ef7791f5da8b270d8dfcf9eeea0eca6256829cc54b10
- SHA512
  
  bf1b0e7dbc6fda0eb2867241a3c48f25e6e291c45b8e96abb115969eb771acb001b3de5eeb12ebc0845662021c991fe4bc0583fc538560b5c731eae7898b2a58
Score

1^/10
behavioral13 behavioral14
- Target
  
  Data/Registration/reg_rus.html
- Size
  
  2KB
- MD5
  
  70daf5fed66dda8114d3ce1cf175cecb
- SHA1
  
  208167002c5d8276a7ec3f6206f038428208e752
- SHA256
  
  5de7a44329b12e7fb4f931b969580876685a784328c6574fea630f3c88b1f38f
- SHA512
  
  67931a7740365ef0abb37d47d12947c7c1341f7ffc003fc72133e9bc2b88b533bd68b291cd4def41ea79da93d099db936d2ac685b4d2f3478b0e88d106dbba82
Score

1^/10
behavioral15 behavioral16
- Target
  
  Data/Top100.url
- Size
  
  89B
- MD5
  
  69c38f286df818b3143262368d2defac
- SHA1
  
  217fdf3e16aedc6bd7c34fc65f841c032763a3e3
- SHA256
  
  25e1f4f403c488473499ddd83212d5944fb959accb2593ad2f614ff0d4421eba
- SHA512
  
  5349c894ad2125c4e8dc6b61697261974e46e9de7b8d8c4bfa29bf7c4ab00351f18260395901117e5aa3281794461aa2efd0c74ef187bc42e59350e42f0eb1f2
Score

6^/10

evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral17 behavioral18
- Target
  
  Presetup/Ungins.exe
- Size
  
  41KB
- MD5
  
  3e1f38cdecb4d972656dc6a7a2e2de78
- SHA1
  
  21ee311a567c42d9f52f89ab01c284376a08e1e2
- SHA256
  
  91e725948981292477ce6aa1b6fb6698823949a3ab5b148ee4c08a5fb7e6f47e
- SHA512
  
  7d39cdb684c3cfe6b32fc49d320a542c018a6c77a9ea3c51450b0caa7785f4fc2773fbbb2da9cfd808c59c4ddc266469e735c149496c65a697902332b375a3e8
- SSDEEP
  
  768:QLVjmUBMudpTVf8noBbP82H+EHwwopkX1q35ysJ32nn3GJIiAI:QLVjdMXne39vopJ35yG3rA
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral19 behavioral20

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20