Overview
overview
10Static
static
3kacperuxz#...eM.exe
windows7-x64
1kacperuxz#...eM.exe
windows10-2004-x64
6kacperuxz#...lo.ps1
windows7-x64
8kacperuxz#...lo.ps1
windows10-2004-x64
8kacperuxz#...lo.ps1
windows7-x64
1kacperuxz#...lo.ps1
windows10-2004-x64
1kacperuxz#...lo.ps1
windows7-x64
10kacperuxz#...lo.ps1
windows10-2004-x64
1kacperuxz#...lo.ps1
windows7-x64
4kacperuxz#...lo.ps1
windows10-2004-x64
7kacperuxz#...lo.ps1
windows7-x64
1kacperuxz#...lo.ps1
windows10-2004-x64
1kacperuxz#...lo.ps1
windows7-x64
10kacperuxz#...lo.ps1
windows10-2004-x64
10kacperuxz#...lo.ps1
windows7-x64
8kacperuxz#...lo.ps1
windows10-2004-x64
8kacperuxz#...lo.ps1
windows7-x64
1kacperuxz#...lo.ps1
windows10-2004-x64
7kacperuxz#...lo.ps1
windows7-x64
8kacperuxz#...lo.ps1
windows10-2004-x64
8kacperuxz#...lo.bat
windows7-x64
1kacperuxz#...lo.bat
windows10-2004-x64
1kacperuxz#...lo.bat
windows7-x64
1kacperuxz#...lo.bat
windows10-2004-x64
1kacperuxz#...lo.ps1
windows7-x64
1kacperuxz#...lo.ps1
windows10-2004-x64
1kacperuxz#...lo.ps1
windows7-x64
1kacperuxz#...lo.ps1
windows10-2004-x64
1kacperuxz#...lo.ps1
windows7-x64
1kacperuxz#...lo.ps1
windows10-2004-x64
1kacperuxz#...lo.bat
windows7-x64
1kacperuxz#...lo.bat
windows10-2004-x64
1General
-
Target
kacperuxz7373_opti_pack.rar
-
Size
2.0MB
-
Sample
240222-lkbfwafg86
-
MD5
4748e1406863125cf8bafd54612f5051
-
SHA1
b93ac30996f6bf83c8f2ecbad1ef468a920485fa
-
SHA256
56b445c890323ee627b79ae87201ce1b49bc044626b4e6775a9f6a6ce1607bad
-
SHA512
e78fad0bf7e8b811e8f138334970d34cfca198e369498699471c9068108bffde047a313721227878f766601895942ef567d5c5695cdcdb1d4b54faf9c139efb9
-
SSDEEP
49152:goxukgZFBTsy6m70bxL3sJLlRV7K83RWJe4:rxKzgm7Gx3sJLrV7KwMH
Static task
static1
Behavioral task
behavioral1
Sample
kacperuxz#7373 opti pack/FiveM.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
kacperuxz#7373 opti pack/FiveM.exe
Resource
win10v2004-20240221-en
Behavioral task
behavioral3
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.ps1
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.ps1
Resource
win10v2004-20240221-en
Behavioral task
behavioral5
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.ps1
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.ps1
Resource
win10v2004-20240221-en
Behavioral task
behavioral7
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.ps1
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.ps1
Resource
win10v2004-20240221-en
Behavioral task
behavioral9
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.ps1
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.ps1
Resource
win10v2004-20240221-en
Behavioral task
behavioral11
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.ps1
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.ps1
Resource
win10v2004-20240221-en
Behavioral task
behavioral13
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.ps1
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.ps1
Resource
win10v2004-20240221-en
Behavioral task
behavioral15
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.ps1
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.ps1
Resource
win10v2004-20240221-en
Behavioral task
behavioral17
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.ps1
Resource
win7-20240220-en
Behavioral task
behavioral18
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.ps1
Resource
win10v2004-20240221-en
Behavioral task
behavioral19
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.ps1
Resource
win7-20240215-en
Behavioral task
behavioral20
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.ps1
Resource
win10v2004-20240221-en
Behavioral task
behavioral21
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.bat
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.bat
Resource
win10v2004-20240221-en
Behavioral task
behavioral23
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.bat
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.bat
Resource
win10v2004-20240221-en
Behavioral task
behavioral25
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.ps1
Resource
win7-20240215-en
Behavioral task
behavioral26
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.ps1
Resource
win10v2004-20240221-en
Behavioral task
behavioral27
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.ps1
Resource
win7-20240221-en
Behavioral task
behavioral28
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.ps1
Resource
win10v2004-20240221-en
Behavioral task
behavioral29
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.ps1
Resource
win7-20240220-en
Behavioral task
behavioral30
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.ps1
Resource
win10v2004-20240221-en
Behavioral task
behavioral31
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.bat
Resource
win7-20240221-en
Behavioral task
behavioral32
Sample
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Deblo.bat
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
kacperuxz#7373 opti pack/FiveM.exe
-
Size
5.0MB
-
MD5
d1bd6492da0586bd4af8b08bde263db2
-
SHA1
4f314e4c2c336a08d4c9a5eb59399f411b0c6d26
-
SHA256
4612075ef8906f61761f04f41fa3f2a3c0fc92c67339572f399a3a15ac1d600f
-
SHA512
dc2c97b888c7513372d65eb9baa5f5e8ea4cf8330ec8ea546dafb7769ce372d932078f701573d78e7509c3e12de54877d8ce37d98444faed7e23f5a8c0e43285
-
SSDEEP
49152:BOjPWx2ntp34WU90BXKnnRBoUlHtpMu9hrLqJ/lrpBFaU80jq43gvW5VF8Ydo/qq:srhPmHtM106ugu/YdnDCNQitSEGAVub
Score6/10-
Drops desktop.ini file(s)
-
-
-
Target
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Debloat/1. Uruchom/block-telemetry.ps1
-
Size
8KB
-
MD5
f5d7bff130264cc2adf16cb9c4da094c
-
SHA1
1efc2e96e15629f6be1bf1b16a9547b6facd5984
-
SHA256
3bb5edb9d78c078beb3bbb4595b25ab31d7429d2a1fc3a326e4dad46766d6646
-
SHA512
a1626b248eccea1240323c95f75fe5de04a7ad8a29332961a7665e5982a6c9f57ad880a5e56ea12bf45a9e5b7a0170ce8279f576e13148021dfbd69c6dfff339
-
SSDEEP
96:uQVJ738aZ0n4cg/hdAwMtQgrBrTHakx0x2+V76O4BIvXXKCB8lZZFMntqvBqLmmF:us8Vn4cehexLYQcyaNICiD71iyBHEf
Score8/10-
Drops file in Drivers directory
-
-
-
Target
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Debloat/1. Uruchom/disable-services.ps1
-
Size
1KB
-
MD5
acca107c6d0ef0b0bfd31aca5927390d
-
SHA1
f71d27546e925fa0ee736b9806b82b3c0d83fd13
-
SHA256
b8bd3cb0707b254046435e3351ae9331b6a3b28de1e90ce14a9dd1a3d57b8bdf
-
SHA512
5b9c0469babe3ff011a30b3d64035c1e0329e2dbcd8f320ab367df0666948f21a29938da35f6c2f9297967742c60c06a673d43d96188fa6dc37ee98bc3ff5979
Score1/10 -
-
-
Target
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Debloat/1. Uruchom/disable-windows-defender.ps1
-
Size
2KB
-
MD5
b745b1a0b4b70e44fac3b25abdb3f63e
-
SHA1
ce16a432c63df3be945af976b43a06d5454c3f12
-
SHA256
27365de295c362797d14cc90311549f5d67f8a76dc981e374648ac51752017b0
-
SHA512
19454c7dfdf1c2fd8aa8a7d1fec9f35e26288e6e36f90d78b4a94759db4fb56f64bc91cc63f1e696bd3c6eb949ffc2733410143184896b46af37da7b7fdbf933
Score10/10-
Modifies security service
-
-
-
Target
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Debloat/1. Uruchom/experimental_unfuckery.ps1
-
Size
1KB
-
MD5
f7d2cfa20e6f94bde9140ac74783a00a
-
SHA1
95470cec1299f3409c328c4f3e0e2ade681131a3
-
SHA256
deec5afd8d537d8744fe8c0c919e53aa32bcf2ba28e60cba03fad2b83a60c506
-
SHA512
df0946065b9a21270ee3bff911fe5e0727fd11116c55936f8ccd5bf68d34f9db05c96ff8ca9190b5f67add42f9584c97bb904231ba66427f188bcc426b8f4024
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Debloat/1. Uruchom/fix-privacy-settings.ps1
-
Size
7KB
-
MD5
837f426d2c69aa46f1f5e5781676a382
-
SHA1
4b95b9033f5d42050b6033a1bb72869258b4410e
-
SHA256
a8e2f1195867da78f0e99d3faf067e773c297ef8e3053344cdf4fcce8b8ca202
-
SHA512
ba760579096849b230cfef799034d965795febc1ccb6ed6c972c10e230b64e06c328ce0b2e7bae2c1b7449782b606a0124778bd66772b403ee4cfb4b6e5c0bb1
-
SSDEEP
96:2CrITjTn/7T8dPaFkUuiU0wN3yibEUyibyXYXTJe7TrzMZm0MZm44MZm2MZm95oE:2CcjT3qhbEWbiAYAlJGoqn/inkJAh2
Score1/10 -
-
-
Target
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Debloat/1. Uruchom/optimize-user-interface.ps1
-
Size
7KB
-
MD5
287234fd02bb87f81bb8125164cec4c9
-
SHA1
4b01cf7151f372dc36b3c0ebf0b2556bebef9e17
-
SHA256
f1e31fed70ab2e1104d3f96dd5932dea8f8f380333287b5a6e71bca2654520bc
-
SHA512
eb947fe2ee871f0525f276a7f050e7ca6fd49135bc24d7a9ee02f94ddb8e96aa5c1fc80039db9e39982af71c9ac04ec936f337718ab46a214cc5f36c86bbf8cf
-
SSDEEP
192:xgDCcRewpotyPVPVmH7L//IDcRFBR59S/m+qpVqtl1A:xgDC0edVR5
Score10/10-
Modifies visibility of file extensions in Explorer
-
-
-
Target
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Debloat/1. Uruchom/optimize-windows-update.ps1
-
Size
1KB
-
MD5
a43be4706b81313de8611a71ae7d21d4
-
SHA1
ceb3abd9ec4e7291d9f1918b5e67735caf1c8089
-
SHA256
9c0471f84ca06dcd0b0822e56626f6e8bcf9b0452cc462482e9b39d30bfa873e
-
SHA512
c0b6382d56f67abd1964679f50fb91a3a05b8145fad6055c4ce09493bffc0e3b8ea9ae839e7b8c2f8cc40ded6c609dadc3e09788dcfadcfdd19fe0bd3f515a36
-
Possible privilege escalation attempt
-
Modifies file permissions
-
-
-
Target
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Debloat/1. Uruchom/remove-default-apps.ps1
-
Size
5KB
-
MD5
1df11e24ccd57037e31c192f3d743092
-
SHA1
cb6bdceeee0ae75f707daefb6c3545b8e4197706
-
SHA256
7aa196984b016d2122142bbe18341ee23c94b758ce78f32d1765011ae24517fd
-
SHA512
f5fb2dc62573e771a178c7509fd456c442f8242458031c6e92f63035be1a968f99ef49624565ceedee36ec4da5d61dbac8f376839c53b0bc960b1582238fce5e
-
SSDEEP
96:lNrUcT0hNuMIRNabGvB5M25g5F5At5kboNOW6TKQy33JF+4nJvpNLHsVmUO5SYet:lN4M0VYnWUzQ7mgh4migU2
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Debloat/1. Uruchom/remove-onedrive.ps1
-
Size
2KB
-
MD5
89bb971558db2dea9987d1fa5f5c398e
-
SHA1
1ceed67a3f777f755d942cc71e81140a9c6db7e9
-
SHA256
861391286bc21b91fe404a6d5ed3cb36838daa37d99879d38c97e2c4d7c4b9b8
-
SHA512
2d6010560dc339a569ed2f6832253d464418aef039acd9ec08b9c955da45043821c69643bc403b2201c0c049ef4379c719afa7f807f81a91070570f72026bd41
Score8/10-
Modifies Installed Components in the registry
-
Modifies system executable filetype association
-
Registers COM server for autorun
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Debloat/2. Uruchom/boot-advanced-startup.bat
-
Size
35B
-
MD5
14b4e3937bbb6560bf853ff651684b67
-
SHA1
916231f6c56a7265eabe84d9e7f527f4f564038f
-
SHA256
a6db677174d9a427e5582db26ec71be1372b3467faca91ff2e082f48ece0db30
-
SHA512
2a51497266d281d5f4b1a9c0fda50a65d83a69856bf5237ee703b63d06ec01ae842fd57d6349ddc62c729956798f84c1dddb8243522ffdf608c5ee57e8b6dacd
Score1/10 -
-
-
Target
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Debloat/2. Uruchom/disable-ShellExperienceHost.bat
-
Size
306B
-
MD5
00fe7a3d5531b3d0ae3df2a027d129c8
-
SHA1
4cee5b442bbb330f8de04d91940982a55a308b56
-
SHA256
d2997eabf5f11407c5c2312a1e7c2a4d785a9ad0db9a84cedd3fd78864f008df
-
SHA512
036d4881631803f03fb7ac78a8c5f6c0f2701dee6399bea1264dc2805f8b08fce67190c25861434e5dcfb5ca83edbdd5d5d9073f6f252ba2b8e97046221eba63
Score1/10 -
-
-
Target
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Debloat/2. Uruchom/disable-memory-compression.ps1
-
Size
273B
-
MD5
a1d28d2607d52a2efe0e8089602e03fb
-
SHA1
40c319de8ea0fa1e8a938056ce130147fff28042
-
SHA256
e6195eb532cc9b0fa458228d6c62b727f31a80426d90c8a98c06c3bbabadff75
-
SHA512
5a234a5cd65e8c8f6b482923a15b91fde3bb455ca262e9be9dec12b957219871446a28636e6cbf1ed304fc5a87d001439360977987243f2cbcae8aaec2fffa62
Score1/10 -
-
-
Target
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Debloat/2. Uruchom/disable-prefetch-prelaunch.ps1
-
Size
352B
-
MD5
db1f295f9138d6c86b9eba05e1a0dab7
-
SHA1
278a3dcc712bba6cbbc07f3cd8c49fd87ee6a779
-
SHA256
750499c4e7ef6eb69e1f6472d74dda0e63dea64cb707d1888ecf3c550950ade7
-
SHA512
1e5c94d865040b115b0f16a1e129144935bb4fee614f8923145f238eff86a48a2210be66d8b97db36714b3057ea222bff3d2cce6137f8958b6bfcabe4728a79e
Score1/10 -
-
-
Target
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Debloat/2. Uruchom/disable-scheduled-tasks.ps1
-
Size
8KB
-
MD5
acdc5903d0e20c4e60e77a9c5c8da13a
-
SHA1
017e620fedb42d4edfdc20f7288348a67b1becf7
-
SHA256
596de0bf90b9107738707e92136d7264321f0a6a106575ea2a249fcfcd35c82b
-
SHA512
978ca4913f4cbe54b96412bef54b053be7e185e712e6c7f634f054366de8f377010ecc729f276c3ad03c98701ada8873025b212f5dac5cd97d0e797b5bf747ee
-
SSDEEP
96:DFcgOIdEzoPj1IvvIwKcysSzqIdrIJtI+MW0YfSI1IV6T68+YWTxKcQ6rKYXuF8i:9UKc/k+ORGJIsIj4QnZzzECdq
Score1/10 -
-
-
Target
kacperuxz#7373 opti pack/optymalizacja windows by kacperuxz#7373/3. Windows Debloat/2. Windows Debloat/2. Uruchom/disable-searchUI.bat
-
Size
164B
-
MD5
edae8e646bd2ec03817bf7293e1cacdf
-
SHA1
8b75254e295b054401b16d097a32d4e8759a0498
-
SHA256
673542ef9c8a18f63af3ca41024bc7fba7a163f4b88b7ec4f7d1969dc2be3753
-
SHA512
d0cfe2ea439f73d25312b8e3292e89378bbc8321cc09a94a7a427d20f339685fd13a45ad17b4605e72fbd6b69ef8ed15cc85cd888621c95e2b90946b9319b271
Score1/10 -
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Change Default File Association
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Change Default File Association
1Defense Evasion
File and Directory Permissions Modification
1Hide Artifacts
1Hidden Files and Directories
1Modify Registry
5