General

  • Target

    HyperPKI_HYP2003_Setup.exe

  • Size

    1.6MB

  • Sample

    240223-kkktwadg9x

  • MD5

    95f36cd26b6024694c86728914d8ecdb

  • SHA1

    94ecf01eb01e79cf9a6dba5244d5d4fdaf6450e7

  • SHA256

    b24bba4d6df0674d8153c647bd837e6de6df2098befdfbf6c2b6529c9c34960f

  • SHA512

    f502fa537c97cd7d6ba334cadd13f8ffa41bdaae7ac1643fd8279800eafa8973b08e7224c9f1f67291952eb5506e3835f37a9c2b5b77cc70d42cd7763b431002

  • SSDEEP

    49152:3A0I0rKbljJWpaDZDXNehniqT93lWB5j5Iz:3A0cdDDdehniGZALKz

Malware Config

Targets

    • Target

      HyperPKI_HYP2003_Setup.exe

    • Size

      1.6MB

    • MD5

      95f36cd26b6024694c86728914d8ecdb

    • SHA1

      94ecf01eb01e79cf9a6dba5244d5d4fdaf6450e7

    • SHA256

      b24bba4d6df0674d8153c647bd837e6de6df2098befdfbf6c2b6529c9c34960f

    • SHA512

      f502fa537c97cd7d6ba334cadd13f8ffa41bdaae7ac1643fd8279800eafa8973b08e7224c9f1f67291952eb5506e3835f37a9c2b5b77cc70d42cd7763b431002

    • SSDEEP

      49152:3A0I0rKbljJWpaDZDXNehniqT93lWB5j5Iz:3A0cdDDdehniGZALKz

    • Adds Run key to start application

    • Drops file in System32 directory

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      15KB

    • MD5

      786110d3394edf4bb5c14e3e9a49f9e6

    • SHA1

      4adf64a5999a1a41870fedefba22f67840f36f3a

    • SHA256

      3ccb4385cd22b5c69bc2583e181da4085477906c193f04eb5a400801e00dbcd5

    • SHA512

      e85e49b492a04188c46c90fef6ba5b177f85c670848f902748ec1540839ffb2f5d88563c14026328dd2100a48979ff8e67e7af1eee70fea0eb477c78db4d9524

    • SSDEEP

      192:JsIZHdT9uwYX94kYd2iCzHR+yK7imphLAykycpKPd5mn8ozxGUWumle:JsUHd9GN2d2iwl0impATIPdAn8Ov6

    Score
    3/10
    • Target

      $PLUGINSDIR/KillProcDLL.dll

    • Size

      36KB

    • MD5

      1cc87d2b5a79b18f133b4f944e2f2f74

    • SHA1

      98e0ddb727c76e06be1668434d754e5b80a0c154

    • SHA256

      de1177a4bd1c56c3555f366d40b37d7dd9cb25e16c4973d0a4d22bf9a8af7aed

    • SHA512

      d8fee1c09fef9af4e1f38baaffa3a6d059713b14ecad900815c086cc22855644fcdeacd6bba31ea6e6925831e650f7b0d34e6dea4c57a978fb4f5bf0cd6d72a9

    • SSDEEP

      384:JLmJwO50x66T9JOpOUT38YZvml7xoKdyuwlx8xSiorppugBwUdJopS:JW50hJwwUTsXdPwxvtpDtdJo

    Score
    3/10
    • Target

      $PLUGINSDIR/System.dll

    • Size

      11KB

    • MD5

      301a9c8739ed3ed955a1bdc472d26f32

    • SHA1

      a830ab9ae6e8d046b7ab2611bea7a0a681f29a43

    • SHA256

      6ec9fde89f067b1807325b05089c3ae4822ce7640d78e6f32dbe52f582de1d92

    • SHA512

      41d88489ecb5ec64191493a1ed2ed7095678955d9fa72cccea2ae76dd794e62e7b5bd3aa2c313fb4bdf41c2f89f29e4cafe43d564ecad80fce1bf0a240b1e094

    • SSDEEP

      192:hCPej3uzvJwqJMQKN4GbeWZksMI4ETWcEbcBZ8ep2Kra7yAG:hCQ2HgN4GbeWmbI4Eybogia7yA

    Score
    3/10
    • Target

      $PLUGINSDIR/UserInfo.dll

    • Size

      4KB

    • MD5

      e47edd32aa6f55c5e0f3d7807ef7801e

    • SHA1

      a09626786256653c23d3c704417caf4a5f584759

    • SHA256

      4a775a8062dcbd2a960076af0395c8182523d65ab1bcf3da3f77f94d31051568

    • SHA512

      f7543ae3e73d29a83f80deabd5e5ace19cbf1a150bdf888ac35a5c64ba32a3261dd7644475e4a18e942808f4ee8ed73cf11c4bfae44f27473ea40989752b1167

    Score
    3/10
    • Target

      $PLUGINSDIR/nsExec.dll

    • Size

      6KB

    • MD5

      c41d49cb2d1bc52dd2acea5f0558cc15

    • SHA1

      d23ed4772fd4a3f1a5e0eb5cea3086c98f05c0ba

    • SHA256

      dd13eece085777415a31fe61afcbbe6aaef2e3c524d9e2d9da036ca298d4626f

    • SHA512

      15c8877900a9366c8c97cd2f848e32c5c2e8f4b6be881c87bb544758b78701dfb985b89d2935d9cbf775d21d38f8115b5980a2ec154fa724a8728702e98a7573

    • SSDEEP

      96:/jspqRy5AOEEQsh+WvDRH3spzQreUvhiT4uF3Telac1nIqVi:/n0AOEMh+Wv9cZQKUvkTjlaB1nIqY

    Score
    3/10
    • Target

      $_2_/SetupTool.dll

    • Size

      56KB

    • MD5

      48404891f38dd465263baa92264935e3

    • SHA1

      eee6311b1fd338fda64a312bcda4e72dc1b468b3

    • SHA256

      67eecc226c5b7993acfd71f83fa4eb161b1f963f00faa466b39605b719aae383

    • SHA512

      e5e2a12ea7fed7e48943f00c6d685189570916be4b9d4254d66bc16e443f7f1e2f527c08bafd215fe895b0e688758df8114755007ed92b1d60ab36f4fb4b77ce

    • SSDEEP

      768:n1uoiUy7TKKlQ8JXiq/Qa6BOK2UGUeM5dklfeiVtiRPh8:pe7TKeRbK2h1MMlGKixC

    Score
    1/10
    • Target

      $_2_/eps2003csp1164.dll

    • Size

      1.4MB

    • MD5

      b16b8873a95fe9e0ae160fdca94c874c

    • SHA1

      7805c3050463fc9b0546f75c255b541cfb0bc264

    • SHA256

      495309fb1afb9f04fa4e6b4953631ea1b0ae54db5e28491ba56fdc7f15f2bb5c

    • SHA512

      e207f6e54cddad6e1304ef7c9b38886216f1b8bbd8c1a68a1d78f2da1f4616972a87071a1e678a4dbdc2c9fc6631adec447fdaaa0c3c9213966c6571e945dc3e

    • SSDEEP

      12288:uh+Zr6eFWdSISEsiRUGwMmgEqeDBISvT4NUZ9/rMxBXtaMOnnKZMegUiJ97o7S:U+ZuFdp9si27diOFrMxB9aMOCiJho7S

    Score
    1/10
    • Target

      $_2_/eps2003csp11v2.dll

    • Size

      881KB

    • MD5

      241f54e1e4c5a4c56bb0da2cd94dc104

    • SHA1

      ab28390da66514214c98bb1c72016cbf0718e3ab

    • SHA256

      8d684c990683af00b3b8ef59d04b155945adc4ad3883d23b1383dd0271892844

    • SHA512

      3565d7337ec6239528bea94eaaba6e9a57fc38cd076ec46e7b28875a85c97ee716a8d693b897df2d97790c8a64dd0735411fcec63747d2dec1566519c2a5e54f

    • SSDEEP

      12288:scObvfix/n78axZkthxmja46xM6Z/wpWsI7fZrAHvhPXp5S8TiColIDwmAGYJS+Q:eWf7sthpYMsI7faBXvziCoiGbAmlBd4L

    Score
    1/10
    • Target

      CCID/SetupTool.dll

    • Size

      56KB

    • MD5

      48404891f38dd465263baa92264935e3

    • SHA1

      eee6311b1fd338fda64a312bcda4e72dc1b468b3

    • SHA256

      67eecc226c5b7993acfd71f83fa4eb161b1f963f00faa466b39605b719aae383

    • SHA512

      e5e2a12ea7fed7e48943f00c6d685189570916be4b9d4254d66bc16e443f7f1e2f527c08bafd215fe895b0e688758df8114755007ed92b1d60ab36f4fb4b77ce

    • SSDEEP

      768:n1uoiUy7TKKlQ8JXiq/Qa6BOK2UGUeM5dklfeiVtiRPh8:pe7TKeRbK2h1MMlGKixC

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks