Overview
overview
8Static
static
3EaseUS Dat...R].zip
windows7-x64
1EaseUS Dat...R].zip
windows10-2004-x64
1EaseUS Dat...ir.zip
windows7-x64
1EaseUS Dat...ir.zip
windows10-2004-x64
11- Hosts b...er.bat
windows7-x64
81- Hosts b...er.bat
windows10-2004-x64
82- Patcher....1.exe
windows7-x64
72- Patcher....1.exe
windows10-2004-x64
72- Patcher....1.exe
windows7-x64
72- Patcher....1.exe
windows10-2004-x64
73- KeyGen ...e!.exe
windows7-x64
13- KeyGen ...e!.exe
windows10-2004-x64
1ReadMe (EDRW).txt
windows7-x64
1ReadMe (EDRW).txt
windows10-2004-x64
1EaseUS Dat...up.exe
windows7-x64
4EaseUS Dat...up.exe
windows10-2004-x64
4General
-
Target
EaseUS Data Recovery Wizard Technician 17.0.0.0 Build 20231121 Multilingual [FileCR].zip
-
Size
69.0MB
-
Sample
240223-rw7aksbb35
-
MD5
9dde8f2d278f04b00237738fa6951b91
-
SHA1
76aaa3e3895a8b90c64298263ffbce0fe8568385
-
SHA256
99fcfa72a4c12834c344d89a1db6a708e356cd0bf7d80fec62e7113c84ebead7
-
SHA512
3391c9b2a0d27153e8b1fb6a518a96680227b46d2f7bd6ed92eb9afb091978dc398cde68d5422c78fde86b10c8065f755edd51663efc469dffb00f6e45d4c7d6
-
SSDEEP
1572864:W8Ck+j95qK9JkJexVPw+yNnHojV8V/RMtVOEZgpO:WYS939JWe3UNHoECOESpO
Static task
static1
Behavioral task
behavioral1
Sample
EaseUS Data Recovery Wizard Technician 17.0.0.0 Build 20231121 Multilingual [FileCR].zip
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
EaseUS Data Recovery Wizard Technician 17.0.0.0 Build 20231121 Multilingual [FileCR].zip
Resource
win10v2004-20240221-en
Behavioral task
behavioral3
Sample
EaseUS Data Recovery Wizard Technician 17.0.0.0 Build 20231121 Multilingual/EDRW Patch v1.1 & Activator 2.1 - yaschir.zip
Resource
win7-20240220-en
Behavioral task
behavioral4
Sample
EaseUS Data Recovery Wizard Technician 17.0.0.0 Build 20231121 Multilingual/EDRW Patch v1.1 & Activator 2.1 - yaschir.zip
Resource
win10v2004-20240221-en
Behavioral task
behavioral5
Sample
1- Hosts blocker/EaseUS hosts blocker.bat
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
1- Hosts blocker/EaseUS hosts blocker.bat
Resource
win10v2004-20240221-en
Behavioral task
behavioral7
Sample
2- Patcher/(32-Bit) EDRW Patcher v1.1.exe
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
2- Patcher/(32-Bit) EDRW Patcher v1.1.exe
Resource
win10v2004-20240221-en
Behavioral task
behavioral9
Sample
2- Patcher/(64-Bit) EDRW Patcher v1.1.exe
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
2- Patcher/(64-Bit) EDRW Patcher v1.1.exe
Resource
win10v2004-20240221-en
Behavioral task
behavioral11
Sample
3- KeyGen (Activator)/EDRW v13 Activator v2.1 - De!.exe
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
3- KeyGen (Activator)/EDRW v13 Activator v2.1 - De!.exe
Resource
win10v2004-20240221-en
Behavioral task
behavioral13
Sample
ReadMe (EDRW).txt
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
ReadMe (EDRW).txt
Resource
win10v2004-20240221-en
Behavioral task
behavioral15
Sample
EaseUS Data Recovery Wizard Technician 17.0.0.0 Build 20231121 Multilingual/setup.exe
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
EaseUS Data Recovery Wizard Technician 17.0.0.0 Build 20231121 Multilingual/setup.exe
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
EaseUS Data Recovery Wizard Technician 17.0.0.0 Build 20231121 Multilingual [FileCR].zip
-
Size
69.0MB
-
MD5
9dde8f2d278f04b00237738fa6951b91
-
SHA1
76aaa3e3895a8b90c64298263ffbce0fe8568385
-
SHA256
99fcfa72a4c12834c344d89a1db6a708e356cd0bf7d80fec62e7113c84ebead7
-
SHA512
3391c9b2a0d27153e8b1fb6a518a96680227b46d2f7bd6ed92eb9afb091978dc398cde68d5422c78fde86b10c8065f755edd51663efc469dffb00f6e45d4c7d6
-
SSDEEP
1572864:W8Ck+j95qK9JkJexVPw+yNnHojV8V/RMtVOEZgpO:WYS939JWe3UNHoECOESpO
Score1/10 -
-
-
Target
EaseUS Data Recovery Wizard Technician 17.0.0.0 Build 20231121 Multilingual/EDRW Patch v1.1 & Activator 2.1 - yaschir.zip
-
Size
1.1MB
-
MD5
92de5dbc76ca5302d92b725b0f7fc9c2
-
SHA1
52b42ef3c9b86334133f9b916c1bb934822bbd72
-
SHA256
4b929efe2753988a399f16c24a26a9610fb9eeffa05d641fdaae8213e907aa9d
-
SHA512
3c7c201c38ea59053182fada92b2d0f9b4ded33b0d19ee92c4e41644e647ff252a3b1d06a87efc96ea0d55400fc9ece37810806f131cffe7199bf9fad1f9dc5d
-
SSDEEP
24576:8V6ySRNVjIsNG5b2bQ6ah/X0ELUVxAoOc3VK4uW:8V6ySvNLB/cXiV+c3MW
Score1/10 -
-
-
Target
1- Hosts blocker/EaseUS hosts blocker.bat
-
Size
3KB
-
MD5
a20bef352c605997b09e2da7bca1f16e
-
SHA1
732df89434737131afb0ebaa94bbdafee76181af
-
SHA256
0124f42ac03a8f0ccacb35cf2e57d8ce96a323d66fbe4ebe06ad1def2e4d3b20
-
SHA512
4951e502b532506c7071ca014f2e08fb60731c877ce07af4903433074f710ccce8887e39efb2f5ef7456b206947f3457fc16405c9a4048d53470b7d0c4d620d5
Score8/10-
Drops file in Drivers directory
-
Modifies file permissions
-
-
-
Target
2- Patcher/(32-Bit) EDRW Patcher v1.1.exe
-
Size
147KB
-
MD5
d0d44869d0b87fd8e960951687417cc9
-
SHA1
8594dce79ce8745f09498ae5c5ca539d30fd1db6
-
SHA256
8a66e54eb6a022eeb9063bf8182d3d1dee11aa6990742e25ccd64cc5b7dbe3b0
-
SHA512
fe96f3d56345bd6dd9543ec259a6c7b646c44501029b5503453993646404c9dd805d7cae7f73d6e0cf29ae07edf950fefdfd7ec298314af962df2d4f8ec2c67a
-
SSDEEP
3072:UEz43VWFR6FJ/V1UM181JjYrAAI4b6CMi23Bq793+MWyt:UEN5Jt4b6CM13BqB36I
Score7/10-
Loads dropped DLL
-
-
-
Target
2- Patcher/(64-Bit) EDRW Patcher v1.1.exe
-
Size
147KB
-
MD5
087406e501b283f538d66c98b7ea1991
-
SHA1
9a8d7d7c82b87ee6875c8f0397f3f61d3508e908
-
SHA256
04491956a8b8993e031d632304ff57667bc4c77885da153e75454ff2e25dbc1d
-
SHA512
d938192532c84a6c037fc844f2e5bad0cadd10812028b3424ba8db730540c07a52b44646e43dc2c043821bbeaf2cc7586acf0dd22cae44ba77e63cfbd85c8174
-
SSDEEP
3072:UEz43VWFR6FJ/V1UM181JjYrAAI4b6CMi23BOMu4Xa061:UEN5Jt4b6CM13BPXaf1
Score7/10-
Loads dropped DLL
-
-
-
Target
3- KeyGen (Activator)/EDRW v13 Activator v2.1 - De!.exe
-
Size
3.5MB
-
MD5
284182f0388fe891ed6b6a1da5b4196e
-
SHA1
ee4ffea0eb3ceef561c7b02fbcc11f14a8775027
-
SHA256
10badd3b49c88ac87ce720c47ccd79f0db4f8125d63b52d328e554fb549c44a8
-
SHA512
6797010284372abade5b8ad4c7c84bfedc9d40be56f6a159f4e804933038c57954e5b99915230db41f5b4bb0a975352257629bb2963616e7e41fa0346e1befea
-
SSDEEP
24576:E3ub5cDzp/Ook9bVHIKAuTVijaUH2AcQNoMJ+CeWwIpA1JeuoSOBRcSrBIMmCpCB:q57cQKauDOTcSrqMmpnF8OMJLjelXl
Score1/10 -
-
-
Target
ReadMe (EDRW).txt
-
Size
3KB
-
MD5
5590d164c5a5933c6d76cb7c51ec3c61
-
SHA1
e2738fb23099d2556ce04a3756e6af26f2137346
-
SHA256
d95dd67969972258d255169d95f5eb948494c8e1c092e1fcfd69dda1c5ce98fe
-
SHA512
802532601bc4cc5022ec52be6f6861abff98ff85f7983c04d5cba66f28b32e55ee027e688db648391a38fa656d9479ab9b4103e5c3a1f7fb3fa20de578963d3e
Score1/10 -
-
-
Target
EaseUS Data Recovery Wizard Technician 17.0.0.0 Build 20231121 Multilingual/setup.exe
-
Size
68.0MB
-
MD5
da6cb209e8266ad3b0ada9a1b25b88e4
-
SHA1
cd66ef2552745dc5cceda2e59ba1a0c7b6111ca0
-
SHA256
c4469510af58535ff16e62d1bcdc28ffd3f6c0356868d36bb0fe64305706d8b7
-
SHA512
909ce5f0268937611034cd2afec9c52a5b89d495b9e18adf0ba7960249397062acd6a06ad35f2d9307e708ef9661aa6b5a3bf78f1455233f60705fadf9d9a54c
-
SSDEEP
1572864:yB1Vkowk8PFVlLDLV7q5KzIy/LW4hxtD2o9qhxsfCnj9o+:3zfldhIzOX2kK
Score4/10 -