General

  • Target

    EaseUS Data Recovery Wizard Technician 17.0.0.0 Build 20231121 Multilingual [FileCR].zip

  • Size

    69.0MB

  • Sample

    240223-rw7aksbb35

  • MD5

    9dde8f2d278f04b00237738fa6951b91

  • SHA1

    76aaa3e3895a8b90c64298263ffbce0fe8568385

  • SHA256

    99fcfa72a4c12834c344d89a1db6a708e356cd0bf7d80fec62e7113c84ebead7

  • SHA512

    3391c9b2a0d27153e8b1fb6a518a96680227b46d2f7bd6ed92eb9afb091978dc398cde68d5422c78fde86b10c8065f755edd51663efc469dffb00f6e45d4c7d6

  • SSDEEP

    1572864:W8Ck+j95qK9JkJexVPw+yNnHojV8V/RMtVOEZgpO:WYS939JWe3UNHoECOESpO

Score
8/10

Malware Config

Targets

    • Target

      EaseUS Data Recovery Wizard Technician 17.0.0.0 Build 20231121 Multilingual [FileCR].zip

    • Size

      69.0MB

    • MD5

      9dde8f2d278f04b00237738fa6951b91

    • SHA1

      76aaa3e3895a8b90c64298263ffbce0fe8568385

    • SHA256

      99fcfa72a4c12834c344d89a1db6a708e356cd0bf7d80fec62e7113c84ebead7

    • SHA512

      3391c9b2a0d27153e8b1fb6a518a96680227b46d2f7bd6ed92eb9afb091978dc398cde68d5422c78fde86b10c8065f755edd51663efc469dffb00f6e45d4c7d6

    • SSDEEP

      1572864:W8Ck+j95qK9JkJexVPw+yNnHojV8V/RMtVOEZgpO:WYS939JWe3UNHoECOESpO

    Score
    1/10
    • Target

      EaseUS Data Recovery Wizard Technician 17.0.0.0 Build 20231121 Multilingual/EDRW Patch v1.1 & Activator 2.1 - yaschir.zip

    • Size

      1.1MB

    • MD5

      92de5dbc76ca5302d92b725b0f7fc9c2

    • SHA1

      52b42ef3c9b86334133f9b916c1bb934822bbd72

    • SHA256

      4b929efe2753988a399f16c24a26a9610fb9eeffa05d641fdaae8213e907aa9d

    • SHA512

      3c7c201c38ea59053182fada92b2d0f9b4ded33b0d19ee92c4e41644e647ff252a3b1d06a87efc96ea0d55400fc9ece37810806f131cffe7199bf9fad1f9dc5d

    • SSDEEP

      24576:8V6ySRNVjIsNG5b2bQ6ah/X0ELUVxAoOc3VK4uW:8V6ySvNLB/cXiV+c3MW

    Score
    1/10
    • Target

      1- Hosts blocker/EaseUS hosts blocker.bat

    • Size

      3KB

    • MD5

      a20bef352c605997b09e2da7bca1f16e

    • SHA1

      732df89434737131afb0ebaa94bbdafee76181af

    • SHA256

      0124f42ac03a8f0ccacb35cf2e57d8ce96a323d66fbe4ebe06ad1def2e4d3b20

    • SHA512

      4951e502b532506c7071ca014f2e08fb60731c877ce07af4903433074f710ccce8887e39efb2f5ef7456b206947f3457fc16405c9a4048d53470b7d0c4d620d5

    Score
    8/10
    • Drops file in Drivers directory

    • Modifies file permissions

    • Target

      2- Patcher/(32-Bit) EDRW Patcher v1.1.exe

    • Size

      147KB

    • MD5

      d0d44869d0b87fd8e960951687417cc9

    • SHA1

      8594dce79ce8745f09498ae5c5ca539d30fd1db6

    • SHA256

      8a66e54eb6a022eeb9063bf8182d3d1dee11aa6990742e25ccd64cc5b7dbe3b0

    • SHA512

      fe96f3d56345bd6dd9543ec259a6c7b646c44501029b5503453993646404c9dd805d7cae7f73d6e0cf29ae07edf950fefdfd7ec298314af962df2d4f8ec2c67a

    • SSDEEP

      3072:UEz43VWFR6FJ/V1UM181JjYrAAI4b6CMi23Bq793+MWyt:UEN5Jt4b6CM13BqB36I

    Score
    7/10
    • Loads dropped DLL

    • Target

      2- Patcher/(64-Bit) EDRW Patcher v1.1.exe

    • Size

      147KB

    • MD5

      087406e501b283f538d66c98b7ea1991

    • SHA1

      9a8d7d7c82b87ee6875c8f0397f3f61d3508e908

    • SHA256

      04491956a8b8993e031d632304ff57667bc4c77885da153e75454ff2e25dbc1d

    • SHA512

      d938192532c84a6c037fc844f2e5bad0cadd10812028b3424ba8db730540c07a52b44646e43dc2c043821bbeaf2cc7586acf0dd22cae44ba77e63cfbd85c8174

    • SSDEEP

      3072:UEz43VWFR6FJ/V1UM181JjYrAAI4b6CMi23BOMu4Xa061:UEN5Jt4b6CM13BPXaf1

    Score
    7/10
    • Loads dropped DLL

    • Target

      3- KeyGen (Activator)/EDRW v13 Activator v2.1 - De!.exe

    • Size

      3.5MB

    • MD5

      284182f0388fe891ed6b6a1da5b4196e

    • SHA1

      ee4ffea0eb3ceef561c7b02fbcc11f14a8775027

    • SHA256

      10badd3b49c88ac87ce720c47ccd79f0db4f8125d63b52d328e554fb549c44a8

    • SHA512

      6797010284372abade5b8ad4c7c84bfedc9d40be56f6a159f4e804933038c57954e5b99915230db41f5b4bb0a975352257629bb2963616e7e41fa0346e1befea

    • SSDEEP

      24576:E3ub5cDzp/Ook9bVHIKAuTVijaUH2AcQNoMJ+CeWwIpA1JeuoSOBRcSrBIMmCpCB:q57cQKauDOTcSrqMmpnF8OMJLjelXl

    Score
    1/10
    • Target

      ReadMe (EDRW).txt

    • Size

      3KB

    • MD5

      5590d164c5a5933c6d76cb7c51ec3c61

    • SHA1

      e2738fb23099d2556ce04a3756e6af26f2137346

    • SHA256

      d95dd67969972258d255169d95f5eb948494c8e1c092e1fcfd69dda1c5ce98fe

    • SHA512

      802532601bc4cc5022ec52be6f6861abff98ff85f7983c04d5cba66f28b32e55ee027e688db648391a38fa656d9479ab9b4103e5c3a1f7fb3fa20de578963d3e

    Score
    1/10
    • Target

      EaseUS Data Recovery Wizard Technician 17.0.0.0 Build 20231121 Multilingual/setup.exe

    • Size

      68.0MB

    • MD5

      da6cb209e8266ad3b0ada9a1b25b88e4

    • SHA1

      cd66ef2552745dc5cceda2e59ba1a0c7b6111ca0

    • SHA256

      c4469510af58535ff16e62d1bcdc28ffd3f6c0356868d36bb0fe64305706d8b7

    • SHA512

      909ce5f0268937611034cd2afec9c52a5b89d495b9e18adf0ba7960249397062acd6a06ad35f2d9307e708ef9661aa6b5a3bf78f1455233f60705fadf9d9a54c

    • SSDEEP

      1572864:yB1Vkowk8PFVlLDLV7q5KzIy/LW4hxtD2o9qhxsfCnj9o+:3zfldhIzOX2kK

    Score
    4/10

MITRE ATT&CK Enterprise v15

Tasks