Overview

overview

8

Static

static

3

Virus/Virus/Form1.vbs

windows10-2004-x64

8

Virus/Viru...er.vbs

windows10-2004-x64

1

Virus/Viru...es.vbs

windows10-2004-x64

1

Virus/Viru...er.vbs

windows10-2004-x64

1

Virus/Viru...ts.dll

windows10-2004-x64

1

Virus/Viru...ts.dll

windows10-2004-x64

1

Virus/Viru...us.exe

windows10-2004-x64

8

Virus/Viru...st.exe

windows10-2004-x64

1

Virus/Viru...ts.dll

windows10-2004-x64

1

Virus/Viru...ts.dll

windows10-2004-x64

1

Virus/Viru...us.exe

windows10-2004-x64

8

Virus/Viru...ts.dll

windows10-2004-x64

1

Virus/Viru...ts.dll

windows10-2004-x64

1

Virus/Viru...vb.dll

windows10-2004-x64

1

Virus/Viru...us.exe

windows10-2004-x64

8

Virus/Viru...ts.dll

windows10-2004-x64

1

Virus/Viru...ts.dll

windows10-2004-x64

1

Virus/Viru...vb.dll

windows10-2004-x64

1

Virus/Viru...us.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Virus.rar

  • Size

    9.1MB

  • Sample

    240219-2mpz2seh2v

  • MD5

    569e8773d25e1f60d469e9b480ee6b62

  • SHA1

    5ca2d69092f3f5f42174d2e1d512460868f3b07e

  • SHA256

    edd82e40e911be51bcc228cdea34b3454c229b345e3c4d214058d2d5144b5f6c

  • SHA512

    957fe39725a16d824bde61c648ec33468fbe73b50b424480cf188cf8bb60c7c0fbd5129865f52a3c6a432e1239d4cbb32412fe9f6fa7d441228e01864f37f012

  • SSDEEP

    196608:DfkjsaaciKfkzsaaciJfkzsaaciiBXy63ufkjsaaciRBXy63Z8MvGu8F:DC1W+WlBXReCqBXRikGuk

Score
8/10
evasion

Malware Config

Targets

    • Target

      Virus/Virus/Form1.vb

    • Size

      2KB

    • MD5

      ca6f3f7213631f8d63f8049ab7f816b8

    • SHA1

      f92deceab79ae2f84e1fe31c2cd51599f32c6827

    • SHA256

      bee0ace0cac8035b1d053a021c8e6e3c830b985e0b98e7fbb08ced14c815b456

    • SHA512

      7a8bf5ce2b965a75bdf4a4aacd4766f6d4ccf749d25a9c5795fc87ab4761c2e902e3bbe658460c9a344e8702a114ca3763282067dacd777d71695966de00f0e6

    Score
    8/10
    evasion

    • Disables Task Manager via registry modification

      evasion

    • Executes dropped EXE

    behavioral1

    • Target

      Virus/Virus/My Project/Resources.Designer.vb

    • Size

      2KB

    • MD5

      d60ac4233333239fb934cd6dc7777ab2

    • SHA1

      c9622fc998c50f90d4dfba691e60fe1a7368f779

    • SHA256

      45b4d615fb6effd2ee0dea4fabcbed1a107d6a9c84ba351ad13eec6214c37c61

    • SHA512

      d8e6c244e1313491762beaeca15682027f4f5ff6322b1dfe0fc24afd861f6df73b6f4740ce15fb333d7f70b707d42a29b537c8fc3ffeaef766e472da865249eb

    Score
    1/10
    behavioral2

    • Target

      Virus/Virus/My Project/Resources.resx

    • Size

      6KB

    • MD5

      eb1398b6a4c3a3fded108e02f0477f3e

    • SHA1

      28a21946aa21596b0693519c85937726f242755e

    • SHA256

      1407102f305feb6c8229822adf1ef44ff3c016e2a2d4fd1a13bf2a6a4903fa82

    • SHA512

      e0948334a59692b06fad057f7970f264812e26d0e68ce5b7d9ddd77f9330f4bc90d886ce76c83664dc79e39364a007058136e9eecc55128f24a622d5bb72dacf

    • SSDEEP

      96:fijrkiK5k5LPXbac9m5Lv6FzSvd4gIRjETUT2+0qSdvabvDBwbjBu3Fqv2Uil:KjrbLPD9sLvIzSvKgIqUyaBl

    Score
    1/10
    behavioral3

    • Target

      Virus/Virus/My Project/Settings.Designer.vb

    • Size

      2KB

    • MD5

      b7001ec0d24380d20f6a2e0a97e3d27a

    • SHA1

      1d59db2e25bace3de22167c68d98d1c34daa7d96

    • SHA256

      b35a89ac60a900125344b6f381a1f2fdc7705a5f58636fe8e370ee8937573b04

    • SHA512

      24554c9cb35c9aca613228e73c4fde7361ec848606b238364b905ac37c60732580266af012221aea6ba07763670dbc114c520b3b0aa7d398679f4d9e4904509c

    Score
    1/10
    behavioral4

    • Target

      Virus/Virus/bin/Debug/AxInterop.ShockwaveFlashObjects.dll

    • Size

      28KB

    • MD5

      20289ae020861f3286e00e351f41519d

    • SHA1

      233121d1f23ed538ab68074aba3a277ca8f2067a

    • SHA256

      f6e850012bef0c79d1f2ea69b4be8b71616473da91f100461d47a9829fe5b78d

    • SHA512

      43272feecb5d8eae76659bddc1a3dddb96c32dd5cbe15997db6ca8450453f1df3faeeb5cd1d7c3eb7bb681de511d83cfdd30beeeb9aa88b4f904d5ab2ed77046

    • SSDEEP

      192:w0wBqUkWkzIeKiSOmIeuY0w9Dss+gcbs9WN4gWro797s/+/EF6ae5QcBEDxdQyl:NDsoYEg6UQ+ipcaogdh

    Score
    1/10
    behavioral5

    • Target

      Virus/Virus/bin/Debug/Interop.ShockwaveFlashObjects.dll

    • Size

      32KB

    • MD5

      97bd0edbaf8acfbb060bcd078b6c462a

    • SHA1

      63ce39f46bed612e9935fe269928db3449420920

    • SHA256

      092d58753c8e2308bd8bec48243fd1715f9f4ad3048ce2b635f6d05db534d325

    • SHA512

      f7ebe4d8af83fb86e09f311ea65bcd5acbb95bf999d232889d714cece1cb5293b5d78fbda5b8cdab636c0cd8e73a91d999e934a26d02d2aa67f189dffd6fd7a0

    • SSDEEP

      384:9wXxCB5Qr+uyIY7ut2i5nKoR9ouIfcvdDW/Ie7xI5k/5kgVq/Lq+ifl:7BCr9Y7ut2i5nKgfvM/Ie1ikdl

    Score
    1/10
    behavioral6

    • Target

      Virus/Virus/bin/Debug/Virus.exe

    • Size

      3.0MB

    • MD5

      ceb728f44e9db8c057e307b39c67e8fe

    • SHA1

      dfab0b4f0c716f5af0bcaf579a250ccdfc09ec66

    • SHA256

      ed03452448f19339e1488748ad15caa629c1005cd45f2d42df3cb68b61ca70f6

    • SHA512

      df4b23aaa71402e8a5d11ad0ee793b47c5562741c0c2aaa6e65c9b691d4ef30fbac7aa51b7dc1a2233430d59bf415b03293f24f75395c67834585adc2ee00245

    • SSDEEP

      49152:bj3iZ1MHTIo3dLoYNiDSeP7jxPXyouZ3xtNg5EzN3CD70c5iMOIEQLx3+bt+g:bma9NLYGG7FduZhtau3Cv0cIIEQVubt9

    Score
    8/10
    evasion

    • Disables Task Manager via registry modification

      evasion
    behavioral7

    • Target

      Virus/Virus/bin/Debug/Virus.vshost.exe

    • Size

      13KB

    • MD5

      f2f77b99cad96e1b6ca06169f3553f40

    • SHA1

      d8dc079a82b4942f36e8d11a0ff88b97c098a64a

    • SHA256

      9149c19a31ff9ca73bf60893e2dfaa8fbefec42de2a288b1b32c15ff730955ca

    • SHA512

      b12b8461d9ebc96e9e2cca5da66cf342e7eacfcbe00ab50180433ded7ca2426837ec2d280171eb8e95f092097ab5dc64b895973be2e31103b8f27e9062bdd915

    • SSDEEP

      192:JgmxBqWeVmWeo6oEQKPnEt2yt8mJz+jaIhj74r:OM0WqmWjnELKt8Cy/jcr

    Score
    1/10
    behavioral8

    • Target

      Virus/Virus/bin/Release/AxInterop.ShockwaveFlashObjects.dll

    • Size

      28KB

    • MD5

      b576d3408b2666af11bf60a16160c5ef

    • SHA1

      51e026f42a14d5eaff5460a7af5e307eff5672b9

    • SHA256

      daf9589dba16ff3e7f4262d97880f0d95bc3b552844c3d9b515fbbc23fc925d9

    • SHA512

      737522cddf41a35ed8d1e258f09509a0af7e02ce0e6ccc453f6d6d92e2d0c49abaac25d1942a191804ea16828ff50b9ee9e8066c692b171b1328ad0d625f223f

    • SSDEEP

      192:l0wBqUkWkzIeKiSOmIeuY0w9Dss+gcbs9WN4gWro797s/+/EF6ae5QcBEDxdQylx:MDsoYEg6UQ+ipcaFgdh

    Score
    1/10
    behavioral9

    • Target

      Virus/Virus/bin/Release/Interop.ShockwaveFlashObjects.dll

    • Size

      32KB

    • MD5

      1e84722434689fa1585d6db78f994798

    • SHA1

      63c7161d56abc17d05b3570b1c59fa383e55a278

    • SHA256

      4acc762719a60c58dde3471d68105707c898711c74d2fd91ee5d7a82e98a5f13

    • SHA512

      11efca5df84b0deb9f6cbefb7081b3357825dccae9bc2f3d9f678cd6f5325f8e6a78b6228216e873fe6431510ad7d9da83192823ad196c5c663fcd0dcbac9a9b

    • SSDEEP

      384:3wXxCB5Qr+uyIY7ut2i5nKoR9ouIfcvdDW/Ie7xI5k/5kgVq/Lq+1fl:tBCr9Y7ut2i5nKgfvM/Ie1ikAl

    Score
    1/10
    behavioral10

    • Target

      Virus/Virus/bin/Release/Virus.exe

    • Size

      3.0MB

    • MD5

      b6d61b516d41e209b207b41d91e3b90d

    • SHA1

      e50d4b7bf005075cb63d6bd9ad48c92a00ee9444

    • SHA256

      3d0efd55bde5fb7a73817940bac2a901d934b496738b7c5cab7ea0f6228e28fe

    • SHA512

      3217fc904e4c71b399dd273786634a6a6c19064a9bf96960df9b3357001c12b9547813412173149f6185eb5d300492d290342ec955a8347c6f9dcac338c136da

    • SSDEEP

      49152:lj3iZ1MHTIo3dLoYNiDSeP7jxPXyouZ3xtNg5EzN3CD70c5iMOIEQLx3+bt+g:lma9NLYGG7FduZhtau3Cv0cIIEQVubt9

    Score
    8/10
    evasion

    • Disables Task Manager via registry modification

      evasion
    behavioral11

    • Target

      Virus/Virus/obj/Debug/AxInterop.ShockwaveFlashObjects.dll

    • Size

      28KB

    • MD5

      20289ae020861f3286e00e351f41519d

    • SHA1

      233121d1f23ed538ab68074aba3a277ca8f2067a

    • SHA256

      f6e850012bef0c79d1f2ea69b4be8b71616473da91f100461d47a9829fe5b78d

    • SHA512

      43272feecb5d8eae76659bddc1a3dddb96c32dd5cbe15997db6ca8450453f1df3faeeb5cd1d7c3eb7bb681de511d83cfdd30beeeb9aa88b4f904d5ab2ed77046

    • SSDEEP

      192:w0wBqUkWkzIeKiSOmIeuY0w9Dss+gcbs9WN4gWro797s/+/EF6ae5QcBEDxdQyl:NDsoYEg6UQ+ipcaogdh

    Score
    1/10
    behavioral12

    • Target

      Virus/Virus/obj/Debug/Interop.ShockwaveFlashObjects.dll

    • Size

      32KB

    • MD5

      97bd0edbaf8acfbb060bcd078b6c462a

    • SHA1

      63ce39f46bed612e9935fe269928db3449420920

    • SHA256

      092d58753c8e2308bd8bec48243fd1715f9f4ad3048ce2b635f6d05db534d325

    • SHA512

      f7ebe4d8af83fb86e09f311ea65bcd5acbb95bf999d232889d714cece1cb5293b5d78fbda5b8cdab636c0cd8e73a91d999e934a26d02d2aa67f189dffd6fd7a0

    • SSDEEP

      384:9wXxCB5Qr+uyIY7ut2i5nKoR9ouIfcvdDW/Ie7xI5k/5kgVq/Lq+ifl:7BCr9Y7ut2i5nKgfvM/Ie1ikdl

    Score
    1/10
    behavioral13

    • Target

      Virus/Virus/obj/Debug/TempPE/My Project.Resources.Designer.vb.dll

    • Size

      7KB

    • MD5

      b7125dd608cdd64f49b6898ac2cb8867

    • SHA1

      c1156b8f7ccc7e886dc604149c0002d0c44d4ba2

    • SHA256

      df15eadd0049c9f4fa3ae151e46bece1befb93401677364013b2bdb574fd5cdc

    • SHA512

      925b644a637db50734d4eff60e387e9dda10ee976463b33c7c62564712aa2cd758024d1e5cdbb713680066bba1ae80f25e8a17913aa551e238d2a959eff38f80

    • SSDEEP

      96:CEWDROJyiQf7FXYXN5gUrZE2iYlnlYJnLEM/mNdaIDL0KfMN7e+1d9XmrftHC:79JyiQfhIXj9ZVrnlYJL/eraIDLTiv

    Score
    1/10
    behavioral14

    • Target

      Virus/Virus/obj/Debug/Virus.exe

    • Size

      3.0MB

    • MD5

      ceb728f44e9db8c057e307b39c67e8fe

    • SHA1

      dfab0b4f0c716f5af0bcaf579a250ccdfc09ec66

    • SHA256

      ed03452448f19339e1488748ad15caa629c1005cd45f2d42df3cb68b61ca70f6

    • SHA512

      df4b23aaa71402e8a5d11ad0ee793b47c5562741c0c2aaa6e65c9b691d4ef30fbac7aa51b7dc1a2233430d59bf415b03293f24f75395c67834585adc2ee00245

    • SSDEEP

      49152:bj3iZ1MHTIo3dLoYNiDSeP7jxPXyouZ3xtNg5EzN3CD70c5iMOIEQLx3+bt+g:bma9NLYGG7FduZhtau3Cv0cIIEQVubt9

    Score
    8/10
    evasion

    • Disables Task Manager via registry modification

      evasion
    behavioral15

    • Target

      Virus/Virus/obj/Release/AxInterop.ShockwaveFlashObjects.dll

    • Size

      28KB

    • MD5

      b576d3408b2666af11bf60a16160c5ef

    • SHA1

      51e026f42a14d5eaff5460a7af5e307eff5672b9

    • SHA256

      daf9589dba16ff3e7f4262d97880f0d95bc3b552844c3d9b515fbbc23fc925d9

    • SHA512

      737522cddf41a35ed8d1e258f09509a0af7e02ce0e6ccc453f6d6d92e2d0c49abaac25d1942a191804ea16828ff50b9ee9e8066c692b171b1328ad0d625f223f

    • SSDEEP

      192:l0wBqUkWkzIeKiSOmIeuY0w9Dss+gcbs9WN4gWro797s/+/EF6ae5QcBEDxdQylx:MDsoYEg6UQ+ipcaFgdh

    Score
    1/10
    behavioral16

    • Target

      Virus/Virus/obj/Release/Interop.ShockwaveFlashObjects.dll

    • Size

      32KB

    • MD5

      1e84722434689fa1585d6db78f994798

    • SHA1

      63c7161d56abc17d05b3570b1c59fa383e55a278

    • SHA256

      4acc762719a60c58dde3471d68105707c898711c74d2fd91ee5d7a82e98a5f13

    • SHA512

      11efca5df84b0deb9f6cbefb7081b3357825dccae9bc2f3d9f678cd6f5325f8e6a78b6228216e873fe6431510ad7d9da83192823ad196c5c663fcd0dcbac9a9b

    • SSDEEP

      384:3wXxCB5Qr+uyIY7ut2i5nKoR9ouIfcvdDW/Ie7xI5k/5kgVq/Lq+1fl:tBCr9Y7ut2i5nKgfvM/Ie1ikAl

    Score
    1/10
    behavioral17

    • Target

      Virus/Virus/obj/Release/TempPE/My Project.Resources.Designer.vb.dll

    • Size

      7KB

    • MD5

      00db75c1713419df637d1e4e4445aac1

    • SHA1

      3d1ce799fa754c859acd77ebd96cc7b01fe3002c

    • SHA256

      5e597e75552ef28138c0b7b39156543e29811820f5ed34ebb1410355b6a139da

    • SHA512

      8121d70452dd837e9ef1bd5e256e7f183e4593fe80d55f179932410baf570df079a4e6939b5fcd62dc2a48fa18f6c568d91225a0ca889bd8f37a0c371fba668e

    • SSDEEP

      96:VEWDROJyiQf7FXYXN5gUrZE2iYlnlYJnLEM/mNdaIDL0KfMNy0e+1d9XmrftHC:S9JyiQfhIXj9ZVrnlYJL/eraIDLTiyi

    Score
    1/10
    behavioral18

    • Target

      Virus/Virus/obj/Release/Virus.exe

    • Size

      3.0MB

    • MD5

      b6d61b516d41e209b207b41d91e3b90d

    • SHA1

      e50d4b7bf005075cb63d6bd9ad48c92a00ee9444

    • SHA256

      3d0efd55bde5fb7a73817940bac2a901d934b496738b7c5cab7ea0f6228e28fe

    • SHA512

      3217fc904e4c71b399dd273786634a6a6c19064a9bf96960df9b3357001c12b9547813412173149f6185eb5d300492d290342ec955a8347c6f9dcac338c136da

    • SSDEEP

      49152:lj3iZ1MHTIo3dLoYNiDSeP7jxPXyouZ3xtNg5EzN3CD70c5iMOIEQLx3+bt+g:lma9NLYGG7FduZhtau3Cv0cIIEQVubt9

    Score
    8/10
    evasion

    • Disables Task Manager via registry modification

      evasion
    behavioral19

MITRE ATT&CK Enterprise v15

Tasks