6750a931364fec99e772877a5736b6686cf2500258e94498a1ff7a909534387f

Resubmissions

11-01-2024 01:52

240111-cahyjaccem 6

11-01-2024 01:27

240111-bvjvwsbhfr 4

Sharing

Copy URL

Twitter E-mail

General

Target

AMDx64.7z
Size

1.7MB
Sample

240111-cahyjaccem
MD5

6fefffe6f11d5fc903adad7d15e9857d
SHA1

3bc9f7bfbf9f1c3ea52fbdab5568457081d8576c
SHA256

6750a931364fec99e772877a5736b6686cf2500258e94498a1ff7a909534387f
SHA512

50577b473fe675114fe99319f4e56681c9e7e7e9dc82b8fa09d7777963947da082130a34cab3baf0a929bf4fe64528cd63f043cd9574bcbe90572b6e7690cc95
SSDEEP

49152:WJYUa4AWfxNyILnx3haRLre3kPIjN4HfkDA62Hn:ca4DxIsnx3haRLi3Uk4Q72Hn

Score

6^/10

Malware Config

Targets

- Target
  
  GPIO Promontory Driver/W11x64/Readme.rtf
- Size
  
  66KB
- MD5
  
  ef03748f759bc90367c766a550f6990c
- SHA1
  
  4c635d9067140e25f9d284caf78d8aada5518031
- SHA256
  
  d94c6d032d264e85350b3f8390dafeb4b052c5c6ed95acf0d59a5583d63eeb28
- SHA512
  
  a9f7055e59767e826c7f70a67ab5c4f995b0126f5fa8b08789ce3d1926e33a5e5d4fe547fc25f120644fa3bf9a06a0bfae6e8ccd61ad0aa8fa3c169858104bd0
- SSDEEP
  
  768:l/eIhIK9jdGvwawIyX+3iOHpncF1LpC4OaNa0bZGtVMrQr823zQWmLGPIExyt6TN:l/54ioLsdbq3L+xSA0v
Score

4^/10
behavioral1 behavioral2
- Target
  
  GPIO Promontory Driver/W11x64/amdgpio3.cat
- Size
  
  10KB
- MD5
  
  9a0312928ed458ccfdb98c31ba9a8e50
- SHA1
  
  b78014d00c2570d6297431057d5ecb426a603ebd
- SHA256
  
  ccf8fdb406d7efeb46320f714b73162e52f1232f33f4fc6fc872a3af1a11378b
- SHA512
  
  a5b78fffdab946c03a3a1d6e5449ae9a055d9e76e76dec77606222adf303cf721f15fbb82631ecae5d1c610d6a3370dfc8ea4b119bb9bae9d9182a28a659a6fe
- SSDEEP
  
  192:35Y3aSyHJCzXooyKfPFWQFVqasOCqqnajlVc:3dSrPFRbs+l7c
Score

1^/10
behavioral3 behavioral4
- Target
  
  GPIO Promontory Driver/W11x64/amdgpio3.inf
- Size
  
  3KB
- MD5
  
  976e8c1a0ca4d9e5b25026332d65cc88
- SHA1
  
  83f91b9ce213a663391e56dfdbbecd49bd346524
- SHA256
  
  224863eccd9a4f33407556afa07b7f9dd39fde6be736049a4b7dfd7781c23eb1
- SHA512
  
  7e0e6ec1e452da28c2c755632d93240fd9a756f04ac79aa723930d7556725271b24076af12a979bc053f14aa3258c1b7f654623c7479d34aac44bb1c5c658983
Score

1^/10
behavioral5 behavioral6
- Target
  
  GPIO Promontory Driver/W11x64/amdgpio3.sys
- Size
  
  32KB
- MD5
  
  a9687c18660f118b1bc8416a0c0d02b0
- SHA1
  
  6c33d9e8ed5c745c079cc9cce37ef9449e428a91
- SHA256
  
  a71862b70f6350faeeacc1f3dc4d7d474329b70d51decbe1d5983e62eda6808f
- SHA512
  
  b1f014aeae825beb2ea3c5b8fca540ccf3de0464bf813851a34378919aec7940b57ed96e1525138442518a56ba45fc40cd2cbecfba33bcd7eb257d77437ec43a
- SSDEEP
  
  384:BZ/CvvVw0qFWx0L2KZ+onoISBbPL3nV+JnXrPFRlV3LliBrsziWPFRDViIGw6lxw:BxCHVrqWwZxpnbbkSHJUq
Score

1^/10
behavioral7 behavioral8
- Target
  
  GPIO Promontory Driver/W11x64/dpinst_X64.exe
- Size
  
  663KB
- MD5
  
  0b0d566f17228eff5cc6c4111151c090
- SHA1
  
  438dacae916c0f5d309ecc2f690a082e2867d897
- SHA256
  
  dd717714cb824e848645587c1c7168ee1d8e6df5fe99d7cc540e308db9d42e6e
- SHA512
  
  3163a5d0c5f30edde7546fc9bca4adb42213ab546ee9338f1460002b133b250b597d419823e3074e7381585d359ebf873c8e0e934e30c99427708bba638f7ad9
- SSDEEP
  
  6144:msW7OzpPId26dQcEaUrPvwgwkRVagRoOQTiHaQsVIhVLpHf2TPSO+:eIId79EaUTvwieMowXzZ2TP9+
Score

4^/10
behavioral10 behavioral9
- Target
  
  GPIO Promontory Driver/WTx64/Readme.rtf
- Size
  
  66KB
- MD5
  
  05065b1f27e7919a74f79c48df0107e4
- SHA1
  
  4ee7411ace443d9d6db96df4b7b03c96486bfb3e
- SHA256
  
  bff44e9aef168ab335c54578df3e4b90496c213b219f041275915396e16bf00c
- SHA512
  
  96c2f4cd5aba4c58d1bf52abc1bc5b5808d589850f0700c3b927a4d650fc8dea0839f1ed2e6ff080d5b129e3a4f4c04c4282887de4e3db0b73b7c56e8ece85e7
- SSDEEP
  
  768:l/xk17es9jdGvwawIyX+31RyU+Hc1/RC4OaNa0b0Wq3Hfp1VMrQr823zQWmLGLs2:l/21S1sLsdb0Wq3h13mIHAC
Score

4^/10
behavioral11 behavioral12
- Target
  
  GPIO Promontory Driver/WTx64/amdgpio3.cat
- Size
  
  10KB
- MD5
  
  9a0312928ed458ccfdb98c31ba9a8e50
- SHA1
  
  b78014d00c2570d6297431057d5ecb426a603ebd
- SHA256
  
  ccf8fdb406d7efeb46320f714b73162e52f1232f33f4fc6fc872a3af1a11378b
- SHA512
  
  a5b78fffdab946c03a3a1d6e5449ae9a055d9e76e76dec77606222adf303cf721f15fbb82631ecae5d1c610d6a3370dfc8ea4b119bb9bae9d9182a28a659a6fe
- SSDEEP
  
  192:35Y3aSyHJCzXooyKfPFWQFVqasOCqqnajlVc:3dSrPFRbs+l7c
Score

1^/10
behavioral13 behavioral14
- Target
  
  GPIO Promontory Driver/WTx64/amdgpio3.inf
- Size
  
  3KB
- MD5
  
  976e8c1a0ca4d9e5b25026332d65cc88
- SHA1
  
  83f91b9ce213a663391e56dfdbbecd49bd346524
- SHA256
  
  224863eccd9a4f33407556afa07b7f9dd39fde6be736049a4b7dfd7781c23eb1
- SHA512
  
  7e0e6ec1e452da28c2c755632d93240fd9a756f04ac79aa723930d7556725271b24076af12a979bc053f14aa3258c1b7f654623c7479d34aac44bb1c5c658983
Score

1^/10
behavioral15 behavioral16
- Target
  
  GPIO Promontory Driver/WTx64/amdgpio3.sys
- Size
  
  32KB
- MD5
  
  a9687c18660f118b1bc8416a0c0d02b0
- SHA1
  
  6c33d9e8ed5c745c079cc9cce37ef9449e428a91
- SHA256
  
  a71862b70f6350faeeacc1f3dc4d7d474329b70d51decbe1d5983e62eda6808f
- SHA512
  
  b1f014aeae825beb2ea3c5b8fca540ccf3de0464bf813851a34378919aec7940b57ed96e1525138442518a56ba45fc40cd2cbecfba33bcd7eb257d77437ec43a
- SSDEEP
  
  384:BZ/CvvVw0qFWx0L2KZ+onoISBbPL3nV+JnXrPFRlV3LliBrsziWPFRDViIGw6lxw:BxCHVrqWwZxpnbbkSHJUq
Score

1^/10
behavioral17 behavioral18
- Target
  
  GPIO Promontory Driver/WTx64/dpinst_X64.exe
- Size
  
  663KB
- MD5
  
  0b0d566f17228eff5cc6c4111151c090
- SHA1
  
  438dacae916c0f5d309ecc2f690a082e2867d897
- SHA256
  
  dd717714cb824e848645587c1c7168ee1d8e6df5fe99d7cc540e308db9d42e6e
- SHA512
  
  3163a5d0c5f30edde7546fc9bca4adb42213ab546ee9338f1460002b133b250b597d419823e3074e7381585d359ebf873c8e0e934e30c99427708bba638f7ad9
- SSDEEP
  
  6144:msW7OzpPId26dQcEaUrPvwgwkRVagRoOQTiHaQsVIhVLpHf2TPSO+:eIId79EaUTvwieMowXzZ2TP9+
Score

4^/10
behavioral19 behavioral20
- Target
  
  GPIO2 Driver/W11x64/README.rtf
- Size
  
  69KB
- MD5
  
  22aef13371f6d97856d2105e0cce6e9a
- SHA1
  
  4540abeb89c1799ef03e512c37e98c5faf26e75c
- SHA256
  
  9e4359e6d0886e3578484f38b966b974e8a6d676c50b7585e733ec599e94529f
- SHA512
  
  c3483ad153f9cc047a1c80b3198b2aac84e6fd2dbb4efca623abc69ea899f279d2cc3d175ec837b083ef26ce30c08fe132ad63e8aa66990ba14e7bf915dca662
- SSDEEP
  
  768:qDmCfrfP7E94DJ0A5nj/FQc8CeKDKLjn8lwNLBJ:qpfPpQ6DKLbLtJ
Score

6^/10
- Process spawned suspicious child process
  This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.
behavioral21 behavioral22
- Target
  
  GPIO2 Driver/W11x64/amdgpio2.cat
- Size
  
  10KB
- MD5
  
  6f6837b8bb7ed3f66c1b1aaa059e434a
- SHA1
  
  5e04853483659ef096556154751361de05e59de3
- SHA256
  
  a027b08cc62ebbc075f972202fdeb787f45467310811907bf7b1e8b8d7716008
- SHA512
  
  784b0b4c6c7421cd8e1c943fcb56f959b3967e66b16645b3c209acb72b7aebeb64d1c8ad88e6b12b23ad010c82bbb9500607a9bd2b8acfdddd40f3a3e70ff6f9
- SSDEEP
  
  192:y2r0JxyOJCGYXooyKfPFWQFoaZid4smsqnajmja8:7GYrPFRjZzs9lSj/
Score

1^/10
behavioral23 behavioral24
- Target
  
  GPIO2 Driver/W11x64/amdgpio2.inf
- Size
  
  1KB
- MD5
  
  2580dd71546c1b4f5f45821b0abfe541
- SHA1
  
  96d4a8d2392f5b9999a1fd5aea97b6a57b5b3dcf
- SHA256
  
  e15ee0789d5124c6eaf23fee41ff63b1c5e839f366ee42a4edcd8ce1f96edd94
- SHA512
  
  8b78885c356301529093c7be4ec714494c783bcb99858a291c616b28eba0666a93f10fb88013a0c7eab85a2fca40ea254884395a9cd467eb902c586c651eaf0f
Score

1^/10
behavioral25 behavioral26
- Target
  
  GPIO2 Driver/W11x64/amdgpio2.sys
- Size
  
  53KB
- MD5
  
  bd10f7224ad6bd84dd5b5b0e4ca378e1
- SHA1
  
  2793d2b910546d9c406f3b5a863ee79fac30ae0d
- SHA256
  
  aa64e940cf4a7fa016b8544ad1308818b08bf9e53c3818b2d5e0be993b78025f
- SHA512
  
  75c8fef256267f0719e9b6f92ab04c57d266bad635aabc3459d4b15a9afb7acf6bb77605f35249da6ef2c8e803391c7b9bf33b9edf3ce94430eff7eb29480ae3
- SSDEEP
  
  768:ZVXXuv6b740fac9zYPery5mcM/YsgY+SbIvrLy6qNL0gFvyvLJxsnNnZ9VlvoRao:Lnia3a3rjcNnVlQRwax3
Score

1^/10
behavioral27 behavioral28
- Target
  
  GPIO2 Driver/W11x64/dpinst_X64.exe
- Size
  
  663KB
- MD5
  
  0b0d566f17228eff5cc6c4111151c090
- SHA1
  
  438dacae916c0f5d309ecc2f690a082e2867d897
- SHA256
  
  dd717714cb824e848645587c1c7168ee1d8e6df5fe99d7cc540e308db9d42e6e
- SHA512
  
  3163a5d0c5f30edde7546fc9bca4adb42213ab546ee9338f1460002b133b250b597d419823e3074e7381585d359ebf873c8e0e934e30c99427708bba638f7ad9
- SSDEEP
  
  6144:msW7OzpPId26dQcEaUrPvwgwkRVagRoOQTiHaQsVIhVLpHf2TPSO+:eIId79EaUTvwieMowXzZ2TP9+
Score

4^/10
behavioral29 behavioral30
- Target
  
  GPIO2 Driver/WTx64/README.rtf
- Size
  
  69KB
- MD5
  
  f4edbceab4a58fcb818f4ff9c8857647
- SHA1
  
  e6dfd5714a790606473eddffbaa2a6ac436a7e58
- SHA256
  
  0345d079768919b04b1b3ed47c5cfddf7525ebfa20590d5ca60092f114d2adba
- SHA512
  
  8d72acc66f2f5b8c705f2dcae1155b5f633cb91aef12bb8526d845a315a4b7a8851d35a2561c3013b3a4c10a09d9e35f2406660f8bae81ac9f3988433ae93e07
- SSDEEP
  
  768:qDmCfrfP7E94DqSO0pa8smXfrdN6kKH9Xjn8lwNLB0I:qpfP7frdKH9XbLt0I
Score

4^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Process spawned suspicious child process

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32