Overview

overview

3

Static

static

3

goodbyedpi...le.cmd

windows7-x64

1

goodbyedpi...le.cmd

windows10-2004-x64

1

goodbyedpi...st.cmd

windows7-x64

1

goodbyedpi...st.cmd

windows10-2004-x64

1

goodbyedpi...ir.cmd

windows7-x64

1

goodbyedpi...ir.cmd

windows10-2004-x64

1

goodbyedpi...ry.cmd

windows7-x64

1

goodbyedpi...ry.cmd

windows10-2004-x64

1

goodbyedpi...ir.cmd

windows7-x64

1

goodbyedpi...ir.cmd

windows10-2004-x64

1

goodbyedpi...st.cmd

windows7-x64

1

goodbyedpi...st.cmd

windows10-2004-x64

1

goodbyedpi...ir.cmd

windows7-x64

1

goodbyedpi...ir.cmd

windows10-2004-x64

1

goodbyedpi...ve.cmd

windows7-x64

1

goodbyedpi...ve.cmd

windows10-2004-x64

1

goodbyedpi...rt.dll

windows7-x64

1

goodbyedpi...rt.dll

windows10-2004-x64

1

goodbyedpi...32.sys

windows7-x64

1

goodbyedpi...32.sys

windows10-2004-x64

1

goodbyedpi...64.sys

windows7-x64

1

goodbyedpi...64.sys

windows10-2004-x64

1

goodbyedpi...pi.exe

windows7-x64

1

goodbyedpi...pi.exe

windows10-2004-x64

1

goodbyedpi...rt.dll

windows7-x64

1

goodbyedpi...rt.dll

windows10-2004-x64

1

goodbyedpi...64.sys

windows7-x64

1

goodbyedpi...64.sys

windows10-2004-x64

1

goodbyedpi...pi.exe

windows7-x64

1

goodbyedpi...pi.exe

windows10-2004-x64

1

Resubmissions

23-02-2024 17:18

240223-vvsmkseh31 3

23-02-2024 17:14

240223-vrz79adh39 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    goodbyedpi-0.2.2.zip

  • Size

    620KB

  • Sample

    240223-vvsmkseh31

  • MD5

    6d4ebf84f120505d335b95e7e234a43f

  • SHA1

    61b3541f3c342fd8d709e8b0a781a395a8c41b6a

  • SHA256

    00a2f8b99cd817f8c7fc4c449033015f039d18af213de78cb66bf202277c0628

  • SHA512

    42bd5fe30de433148383d7d9aaf573baaff8d9f3eb14aab3a4f2f4ad19c395d0b54ff9762f05cc5e39abf7c4f555bfe43ec91f6e1b5cf9fe49c6a481431da6df

  • SSDEEP

    12288:A+oTmZ/AUfOtC5/Ajf/2TmUGi0Tywa/cLNcWH1UE0/wnqQkA8VmdXqAz7IehA9nX:ATmZ8aw+Tm9iGclEFqQkBu6G7RA9nxGs

Score
3/10

Malware Config

Targets

    • Target

      goodbyedpi-0.2.2/0_russia_update_blacklist_file.cmd

    • Size

      139B

    • MD5

      0d689231a9c73bdd03f25e8ec57a3dab

    • SHA1

      4e0a03d846c1dca08f5f1c0ad86229eb5144b0c3

    • SHA256

      b9c8d691b2c1140455be35b15873944896b46c29f12ed0332274432a1c45a021

    • SHA512

      47b0b717c39ba219155271859ea95bba07f87de65c4c5168d8e7372d09700c842e4402030ed02307a421c2d16e6ce9c3d0c7f3f65aeab81488b3ee300e1a9e98

    Score
    1/10
    behavioral1behavioral2

    • Target

      goodbyedpi-0.2.2/1_russia_blacklist.cmd

    • Size

      240B

    • MD5

      10812f31ef70edc954eaf63650336212

    • SHA1

      1daef3d49e40067a1d77bd18c0c87e557b0aeb40

    • SHA256

      e155b6eadd37942f9bfc8d6d00aca4f518a056fc81ac8666a6532ba90f77fd93

    • SHA512

      c749e95a7fbf7ca55656da08259e26924d89c129f1ed6a2f435bc26393f3b1bcc90613abf71e1753d6e77591622a7494835889dc1cb198fb3aed19ff97bd2932

    Score
    1/10
    behavioral3behavioral4

    • Target

      goodbyedpi-0.2.2/1_russia_blacklist_dnsredir.cmd

    • Size

      327B

    • MD5

      f73c24aa2a64a897d88fee8787a48847

    • SHA1

      96b91f1ea3322111617a52dfff5bbf7e5f2ebbe2

    • SHA256

      cebffbb31125a1ac8abd68012bb413bac6da56258f0d4fa95dcb2f23e94b4779

    • SHA512

      2b2bc84c284a86769e0a703f5548b463f70aedbfce2f05421d630bfbeeb12d67991c01f91184e45ed5e5681d45aeb209798f459ed68a776c77976ffaa44724b5

    Score
    1/10
    behavioral5behavioral6

    • Target

      goodbyedpi-0.2.2/2_any_country.cmd

    • Size

      204B

    • MD5

      2e479250a2d20c6d2d5fc5171528694b

    • SHA1

      e72055aaabf6ae076d45bc6ade3a9aa8c8da33c3

    • SHA256

      8f432fb6710d0d2d36d89ab4125157766722928afe2e70077cd921f27579ad5a

    • SHA512

      7550871629ce9f72a72fb9e2b17093505c036737cfd0e21722ae9eaad4c8ed99916937c3e73637af63a1d24e392863fe79c6606dc29afc31129fcd6bfb71d67e

    Score
    1/10
    behavioral7behavioral8

    • Target

      goodbyedpi-0.2.2/2_any_country_dnsredir.cmd

    • Size

      291B

    • MD5

      48de91946fd423515b182a622842adc5

    • SHA1

      4519a0bc87a0e0838f003d3e4e4904d5721abad7

    • SHA256

      a7762f252e434134245adee7398eabc7b96e4e83ee408ce63cc3f92b942c4b6b

    • SHA512

      43ef99d5f0ed8725cfad206d6d3bd0d393258872882f3c2fd8f974703dfb418652f9f1adae5b6e9ab769cf9a46192655c795c4ebc0adf4cd6a1b4e7cd20db745

    Score
    1/10
    behavioral10behavioral9

    • Target

      goodbyedpi-0.2.2/service_install_russia_blacklist.cmd

    • Size

      620B

    • MD5

      982abd9ed7bf901b01d58d2b0feba050

    • SHA1

      dd37461aee977805cefe07da36dd9c1920f2a65d

    • SHA256

      d0ac6b990c2365f739f78ab76db855f39c29b2a3ad34fd332ef4f96a48a2ed65

    • SHA512

      68a4b48fb4ae1e5cda779d89d805f5603889809e110eafe2c00e1ea2244d6848dc03f160df5e78dd65a2d2efc601e7815ad2f8eab14618d87ad98e00ff1b6531

    Score
    1/10
    behavioral11behavioral12

    • Target

      goodbyedpi-0.2.2/service_install_russia_blacklist_dnsredir.cmd

    • Size

      707B

    • MD5

      9d572aca4605cd156a4302dbea9c5691

    • SHA1

      ffe3f3950e85624a9a0053d8ea95e4f6a863600b

    • SHA256

      73a593a11f3722b89a6bea5914d826c94cc034e4c506d1efc890c0fcfcb468e1

    • SHA512

      0bf753998a0003d6cf1a4788a8f89e82fce11ee68089f0f1641321a4fd7ef001b4b71a30fa6c0037575111f1a9d9a293a35e0174a8783ba04d93db8df66823ff

    Score
    1/10
    behavioral13behavioral14

    • Target

      goodbyedpi-0.2.2/service_remove.cmd

    • Size

      278B

    • MD5

      fe71b13c30cf0205ac5873d132e6a05f

    • SHA1

      d7303e7d62c3b64867e0dbc243682f7fcd5766da

    • SHA256

      678a065ca7ba3af4bc8cabd01aa91390a2aee839ca7094c03d6cda14475c9201

    • SHA512

      e8fb9d7e6849c9a9c571574af5cf13ce5000f9684bf1a020198805df7ef02cefbde1c8559416950af5b7fcfe7e6dfc3efe0dc44a35f32cb0e5507c0bcc798d29

    Score
    1/10
    behavioral15behavioral16

    • Target

      goodbyedpi-0.2.2/x86/WinDivert.dll

    • Size

      22KB

    • MD5

      c1946c67cf05fde59617eb65c35e0a86

    • SHA1

      1c0668c56bba3385b00ec62a3dbaab7b78f04278

    • SHA256

      ab3cdd99d4c710821070568995ca4cb58fb4273e9c0516a16e3335218438efcc

    • SHA512

      14d83e0996ba0f9e94d6b17f45d12cd026a0f86e507615918f91d442eef1ef6dd2da4e45765a7f6cff79ee41348be821ab6f5996d213bae8bfdd3d65286eb7a7

    • SSDEEP

      384:ywueRBGvxgKmhf+xwMuNq6w/AzydkxPOUyu/q8OJkL:KeRBGvPmZMayYDxPOx+FO6L

    Score
    1/10
    behavioral17behavioral18

    • Target

      goodbyedpi-0.2.2/x86/WinDivert32.sys

    • Size

      42KB

    • MD5

      067f9a24d630670f543d95a98cc199df

    • SHA1

      55695beff89f396679ac69cbf784a492d1b54e5d

    • SHA256

      b2ef49a10d07df6db483e86516d2dfaaaa2f30f4a93dd152fa85f09f891cd049

    • SHA512

      045de3d5ad262e34a42007c623f4f4b5dc0a9cf9d266a31095a274924e6b9f9165bdb5d96c95ca7107fee70b2a9f538b92e4d07faa88a94e2ef313e61eda9697

    • SSDEEP

      768:uph25O0qJS/ozwm+0l3qwO1XjtvD5dhl3yk:uph2I0eV1pl8Xx99Ck

    Score
    1/10
    behavioral19behavioral20

    • Target

      goodbyedpi-0.2.2/x86/WinDivert64.sys

    • Size

      49KB

    • MD5

      007a3ae3f03fb18c2cab1e0c97c45a20

    • SHA1

      f377d576284efb2a9997f712e5ad5ab31c50588a

    • SHA256

      53ab28ec00be6e6f8aefa9ee76fc2735e94d7f3f9dbc06eb2b7ac8cd3084a6af

    • SHA512

      df01d5bdfb412a0eab8113bfdec238633c6f44707451da2d5736f8580e68cac76de6b47cb0c2ff0b56d7ef36a32b878d0007c199f30173eefea3a7037453f482

    • SSDEEP

      768:1/KXTu8Lc73GIJw75DBY5C42qUdC1f5iChx3Z:1Z77qvLdC1RxJ

    Score
    1/10
    behavioral21behavioral22

    • Target

      goodbyedpi-0.2.2/x86/goodbyedpi.exe

    • Size

      66KB

    • MD5

      57776973f7aa9b9e251c07cc6762a926

    • SHA1

      71f2c4c8800e54d9082545dc43628898a37fb141

    • SHA256

      234e7c679c3d36885bb9214fb86e4a555754c8416e2c6773e4832834f73ae686

    • SHA512

      a8d08cde5e4596568597de2c0fe396a0d93029879648c772d246d6665ca97b61a7a3cbdee74d98b4ffa36b0a8dfc9b2d06321e81973fab4113a977ae7d1ab1a7

    • SSDEEP

      1536:lltSPXx1QXIh7s79/HJEl6EKBe0yNgnIcm/:llUPcgUX9UgID/

    Score
    1/10
    behavioral23behavioral24

    • Target

      goodbyedpi-0.2.2/x86_64/WinDivert.dll

    • Size

      23KB

    • MD5

      66028ed384c62b3b4ab851809d38881e

    • SHA1

      81924fc6409a9ee00623332cc77827633bb3cc1a

    • SHA256

      a97859785a2df1d4462e7d48d33ccbd89fedd40dac4970f4afd89e63f59ee1ec

    • SHA512

      7a86faf0057db3e9ed78cfa1569154990d0a7eec3da1ca30ff79229745355a1ada4304b8d2b5228cb98afb21786c92eee959067ae9f0bf518af9c5aead3c9159

    • SSDEEP

      384:yFeZ7IibcWUhRRD0qbk91c8bKKvBRseZPFMejOcD3PmH9vRQxVzE:ygEeSRR158b/dIYPWvRq

    Score
    1/10
    behavioral25behavioral26

    • Target

      goodbyedpi-0.2.2/x86_64/WinDivert64.sys

    • Size

      49KB

    • MD5

      007a3ae3f03fb18c2cab1e0c97c45a20

    • SHA1

      f377d576284efb2a9997f712e5ad5ab31c50588a

    • SHA256

      53ab28ec00be6e6f8aefa9ee76fc2735e94d7f3f9dbc06eb2b7ac8cd3084a6af

    • SHA512

      df01d5bdfb412a0eab8113bfdec238633c6f44707451da2d5736f8580e68cac76de6b47cb0c2ff0b56d7ef36a32b878d0007c199f30173eefea3a7037453f482

    • SSDEEP

      768:1/KXTu8Lc73GIJw75DBY5C42qUdC1f5iChx3Z:1Z77qvLdC1RxJ

    Score
    1/10
    behavioral27behavioral28

    • Target

      goodbyedpi-0.2.2/x86_64/goodbyedpi.exe

    • Size

      73KB

    • MD5

      5a2136bcbc14293b4f88dfba3243dd0a

    • SHA1

      349174de8d042d814bd28b171770391764195f1c

    • SHA256

      331ac6c1d22ba5a0a217f3f27d0d823051869cafc8b8ef7f2002fa2accebc74e

    • SHA512

      c844e5d36dfb52bff7a5c2f9d19530de094f811641d57a35bf7023b5dc9a134a83488f65389c5a9805b7afffd197175e15fae3f67ec3e0dc9d490e60daf693c5

    • SSDEEP

      1536:0DUStjrGshxSrBwzh6E6xdK6aTe0yNgnIcm:0DUCjBhxSrazwqrUgID

    Score
    1/10
    behavioral29behavioral30

MITRE ATT&CK Enterprise v15

Tasks