f1160a33fb79c764cdc4c023fa700054ae2945ed91880e37348a17c010ca716f

Sharing

Copy URL

Twitter E-mail

General

Target

nmap-7.93-setup.exe
Size

27.8MB
Sample

240228-1cb5rsed45
MD5

f9e753cccea0ffae6871dc65f67d3f89
SHA1

ab2de49f90330cc3b305457a9a0f897f296e95f4
SHA256

f1160a33fb79c764cdc4c023fa700054ae2945ed91880e37348a17c010ca716f
SHA512

0c6f6c14ecf8ef028e6a556f58e720321a7808b0a1f602e019f6b21d9cef970424185c27e7647368d2fca256d47844310d76d626209d406a961d048063410d1d
SSDEEP

786432:eCw4jIIk4AN6o6JWCRCLz4NFMqt9+26UgRY5YYnDEWW:e/T4hJZRCgMkg+5HEv

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  nmap-7.93-setup.exe
- Size
  
  27.8MB
- MD5
  
  f9e753cccea0ffae6871dc65f67d3f89
- SHA1
  
  ab2de49f90330cc3b305457a9a0f897f296e95f4
- SHA256
  
  f1160a33fb79c764cdc4c023fa700054ae2945ed91880e37348a17c010ca716f
- SHA512
  
  0c6f6c14ecf8ef028e6a556f58e720321a7808b0a1f602e019f6b21d9cef970424185c27e7647368d2fca256d47844310d76d626209d406a961d048063410d1d
- SSDEEP
  
  786432:eCw4jIIk4AN6o6JWCRCLz4NFMqt9+26UgRY5YYnDEWW:e/T4hJZRCgMkg+5HEv
Score

8^/10

discovery
- Drops file in Drivers directory
- Manipulates Digital Signatures
  Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
- Drops file in System32 directory
behavioral1
- Target
  
  Uninstall.exe
- Size
  
  91KB
- MD5
  
  90b1b099b5fd9086719789dfe32f0b6b
- SHA1
  
  070136f25ac7c2fee9c2e6e2eecd19010896ecc9
- SHA256
  
  1254968ea65be6a3e69c7918864e1562c89cecabe2c9a379b7508464e4446815
- SHA512
  
  6e382da313492bd65170ff5a9763aaf222ee6ae7e8f4f1c7bc813597241983a02d88913a0bb72d255b23ad46656d04138edd6a5660de69ad3f298d155973f807
- SSDEEP
  
  1536:ap7wb3pTIvjzcfpcp0DVJ4uAvgdLeAyNs5TBG4Tu5:ap7Y50jwhDVJ4ueceAZS5
Score

4^/10
behavioral2
- Target
  
  libcrypto-3.dll
- Size
  
  3.6MB
- MD5
  
  97413261e457137d87cb2cf795dcca0c
- SHA1
  
  58e8f2f06d9eb26f7df678dc6359678091006127
- SHA256
  
  1b926491d3172dbfc5c6a2de4e8a7b3a7c67977391227fe5c72264f0824dc8c1
- SHA512
  
  7cc4eed8fbef2ecb2fd9ab2d768e78c746b671b3bcaf1c19476c88d126d7337d8bdda50cd2a0e789c1897a09ca8551733d9e83ad8a1290698388feb896e9b68a
- SSDEEP
  
  49152:plCOVrlD3PQOGUCmyTvDuz1u+Tu31CPwDvt3uF7DCmcx/JL0s:TCOV5zGVAu+c1CPwDvt3uF7DCm0
Score

3^/10
behavioral3
- Target
  
  libssh2.dll
- Size
  
  192KB
- MD5
  
  d69d6fa9dfe91dcde26aa2aa4bf9289e
- SHA1
  
  c756d3b14be75182f3c504f1574b418cf07152e7
- SHA256
  
  0a1a25372a8025181699bf4f999a0b05c7958b7e4cc33ea37a9ed63bc2b11f5b
- SHA512
  
  aa3325a69a1d8698d5fcfadddcb3bb1b9ef73e9aca73347ef56d4a7b5811b1091e8fbbd0155f2852ae9f2a90c66034692354bf210bfbfd4a95de115208aa9bda
- SSDEEP
  
  6144:OBPzw/U4fcXoLRUsqJN4G8ISkelY3KMJWZ0S/:OBbwM4fcXoesS+G8RkXh
Score

3^/10
behavioral4
- Target
  
  libssl-3.dll
- Size
  
  619KB
- MD5
  
  a27d20ccf6ece53d57acf7a3d28e6d11
- SHA1
  
  531d5772b11465eba6fbc35e2fd4445b0f392944
- SHA256
  
  8f63ad75681d433bd5194ece9b05f61e0834bab1e905edc1ed61af0f96e7baf3
- SHA512
  
  3124e9f8a4bddc1ca76e090298be9ed84b8b0509f3c04f3b74193d5e381818bed9ca2b104e531eab6a1940fa6be7878d45636c4b5efdf8ab35bf3b784ae1dd87
- SSDEEP
  
  12288:hevei9Y3mICu2Oa7100/QoNtkRLEtPDMWe4rS0US2rpuH/ufB01sQi4:h0ei9UCR0W15UKH/q01sQi4
Score

1^/10
behavioral5
- Target
  
  ncat.exe
- Size
  
  319KB
- MD5
  
  c43dfd320fd77c77378f65c5090ec034
- SHA1
  
  0d2156b89eb122ec4a735610bc5c96e31debfe71
- SHA256
  
  269e59fc701c7e0b02e2f16f983619ce49a1f579080189da7f659fa19fc44be3
- SHA512
  
  93fafb8562212005eb779bcd6647d130c2ce9600b49a6924c733e782d37b53db23f60cde6a5739893630722abe000b381390fb570c5766702e405704d1586f2f
- SSDEEP
  
  6144:MjqUB8rL7lE4T4XSZc+HxZaUzw+kKNXBw6Zfpos9R5IYd08EujEfAjfTOVBO8ODi:MjqUB8jlE4T4XSZc+q3Td6ZpoQ5I18E9
Score

1^/10
behavioral6
- Target
  
  ndiff.exe
- Size
  
  30KB
- MD5
  
  641c20acd8719456d1480ac90122d5ee
- SHA1
  
  95ba489a1c112589ad695b8c96f6569e6665ac08
- SHA256
  
  0ba1295afc0e5205541777ff5bd565e46ab40c5b9c4f425bbfceb800d306d8cd
- SHA512
  
  7473e0ea9345dce9d93ee4074da1537c8cd39813774a3776c99e796b3c8d90ec1e9c8c26924dee588e08f7fa27e59452add51635e9e68c214df3ac8cca25c7a5
- SSDEEP
  
  384:yYn2vPeqUfmEZ+nUn0fJCfMdXWgugoL2R3dwmgo6rEqZmZsHLsL4i/8E9VF0NyX7:yxPeqYmEb0kUX1dwzrV1aeE1
Score

1^/10
behavioral7
- Target
  
  nmap.exe
- Size
  
  2.5MB
- MD5
  
  44a76099c27420bd3d4c34a1a97bf04e
- SHA1
  
  b10bc46441b9c26740cc1a3b58353fb138ffa789
- SHA256
  
  780556634c875b1ecd721d3747194de3a52a674988379e73586ce7e167349c4a
- SHA512
  
  979df2de47f1792d40b82deb16dbf42c09576840b0c6cf0def9925955317aede0e662f3f2b0e7bc941e1edacef9c7c99a13013f64f5da2e1a038f3869f270891
- SSDEEP
  
  49152:FpmDh9XtsBBU3QA8mpjyLo82vx40jTlz4TbSY:Dm6apjyLofvuH
Score

1^/10
behavioral8
- Target
  
  nping.exe
- Size
  
  341KB
- MD5
  
  65531dd63aefdd34ec234be055dd8a41
- SHA1
  
  8f47f20dd3af040cc325c89f85b2a65e21eda5df
- SHA256
  
  0c7b54a1056937bd4887dd5b7342a1b3165bbe89f6e3ac9b2746deaf704ba2fb
- SHA512
  
  f7b44d73029497be627cfab372fb825953ccdc8dc98dabdb5a5519f3188c20d395282dd8c731707d96338189c91c234847097c05a60f3ade0f3556de5a30bdf5
- SSDEEP
  
  6144:GET0vC7UU/WCu2wJpLiHLrZT8K8+t2lTlUfqjRkeKnd0:zT0vCbnaviLlT8v+uPz9
Score

1^/10
behavioral9
- Target
  
  nse_main.lua
- Size
  
  48KB
- MD5
  
  31c5db65292ff3684af1e3936ae9d80d
- SHA1
  
  7e77ce9c32c6abdaa45aa02b758e246abdb310f4
- SHA256
  
  98f3540719259de9f567d6b208632241df0e43dac79e40a789e87ab02168fdd9
- SHA512
  
  5bca0cb5f0a1d2947063b45f87b3e1bd22b0d3f7c5c251d8cab11986b29910d2f533bf8552e0dbd81571dc22f6bdbb9656dd416c826ebf4dd9e70b1f60f729ce
- SSDEEP
  
  1536:BSkuOe7cBRf85iPMVlccWfYeaEVoOCZ/73U2vzWyOPN:AkuOe7yRf85iU/cc4Yg+/73U2vzWXPN
Score

1^/10
behavioral10
- Target
  
  nselib/afp.lua
- Size
  
  73KB
- MD5
  
  dbe3b21aa1f1c7b65e9847c13185ebea
- SHA1
  
  e40bd28af7d9f6066b0a6b4ff14935ce3faeb507
- SHA256
  
  367dab2331aebcd58ce9914fe7780000939577198860ab26104ea18de8e7a530
- SHA512
  
  54a8dca8fccd4245d1f3e712782392dc7ba8fdd849835f30faedd76801a84908f775e63cb01aec07f6ccd70dad1b7aabac1d906d1af8e3eec4c67aea7dcb118c
- SSDEEP
  
  1536:0jZisW4LI2eYwgrhJRZ2L5GzMtKObq9fJWR096Zd9n99B9r49o949f9/FfUt9c9i:0joj4LI2eYwgrhJf2L5GzM4Obq9km9ml
Score

1^/10
behavioral11
- Target
  
  nselib/ajp.lua
- Size
  
  16KB
- MD5
  
  5e8792ab819d3b65c3dddf55ab691eb0
- SHA1
  
  fd15ebaa125f8ae44adf60ecb2a101c0d8f377a9
- SHA256
  
  d4c825fd6588992a501de023da1554924768390867f32dedc051fae636b05910
- SHA512
  
  b61d9b94986ef801c29c0d18a22c1eecf4b525a1f5ef7223f03d2b654f46bd14ae3f3e799b6a5ee5b79d6e4059b3a7e54c4dfe785cf027dfc565de684ad48f12
- SSDEEP
  
  384:EnHFnwKQQ5/NHMdBXZlZmwCx4DWLuNQ98v/zdE4X:EnNwG/NHMdBbZRCx4DGIQevDX
Score

1^/10
behavioral12
- Target
  
  nselib/amqp.lua
- Size
  
  10KB
- MD5
  
  49dbeacb9d5bb33fe18b52b44dcf0073
- SHA1
  
  8dc027c6c5f8b1974f0c1f4424214fee5192b142
- SHA256
  
  6955b1efbfb2cf41a7f00284a168ebace551730ed5ffa7fb12f19dcae2f35bdf
- SHA512
  
  b8cc730c7a294117219b1b06d12901b391a36e048f2bb2dff86d2f2e2d1e0ee802bb2c6580c3bbaaa7bcc790e36e5a2b8c4884fe55dfc360f7662d8499a292a9
- SSDEEP
  
  192:PsKVVQ4a0wGF6ETAmEuZtjg4jCQ6jWcyluJujoztYxqroFO6h7bQgNerCFDQNL3B:pS4aKtgfK7X8cOnX
Score

1^/10
behavioral13
- Target
  
  nselib/anyconnect.lua
- Size
  
  4KB
- MD5
  
  b21f05025e4d3bf2651d83dcd6397bc9
- SHA1
  
  6f7823cdee9e9ab1d597656310fb97b5eafc3063
- SHA256
  
  c37c53a455a018e646c9a456b416286e7c3e066adff887f8b7d4d723fde36580
- SHA512
  
  9475c6f2d7a2267ef699e6969dcf26e5cc8ae6ded206842173092b7fc4ca445df9763f66ca98bd3ca8c0e53105ee919cd4178c6c6ea89e7245883070df174e55
- SSDEEP
  
  96:rX1+gLgsudKLqsM4vcAFnz3im+zNzbFiae+:rl+gEsudQa4Fmj6r+
Score

1^/10
behavioral14
- Target
  
  nselib/asn1.lua
- Size
  
  14KB
- MD5
  
  319c26949816c6530795f6e64582385e
- SHA1
  
  b3b0587f7098d8c160d18ca8dc7c0778066e1f54
- SHA256
  
  28c31e265dcb8c13ccb8defebb864cb52d6c56e1487d638dc3f24790493926dd
- SHA512
  
  d14cc4538dc6abeb039be485803deaf6c59af68091203e5f61127b641d4d0def0aacbf137555cce574a994a64760b072e5f5651642a02bf2a279b5867fbf8abc
- SSDEEP
  
  384:8uzsV3FeDGcMipMROm9qg1t2/zw7TxvVGw7bIbX:8uzsV3FQ7ro2cvVAw78bX
Score

1^/10
behavioral15
- Target
  
  nselib/base32.lua
- Size
  
  7KB
- MD5
  
  713044b1a4969ded49fbe73ab98c1dd3
- SHA1
  
  ca0c83acea44f9a8172d63a3d93a70215aaede64
- SHA256
  
  c25da1d0dc0d25b8780efbb8d0849fa9936762e4249fdbfe37e74594bbd872c0
- SHA512
  
  2dac7099804de3505245e7159f36888647c893d8e9a6cb0c0b130a12bb92e00aa79f0c85560bbb9bb3c6ec56741991bbce6bd7b1bc2e5616bd0aa439b133dde8
- SSDEEP
  
  192:eorQH4U2vAh54Jz9fMq0etqX9CgWn9B6ZUMWfuD3v0IA8dgY/CY+u+:eornU2vAh5K9se8X9fYB/duD3v08CYX+
Score

1^/10
behavioral16
- Target
  
  nselib/base64.lua
- Size
  
  5KB
- MD5
  
  4339d65db1cfece2f70b250e22301bda
- SHA1
  
  1cba059aea5da8b16222cb2f4f7a5e59a610356c
- SHA256
  
  09a3f5e4e59ac683eae92d1ad653c58dffcd504542e7e3cfdcc5ae00d3da797d
- SHA512
  
  7e7e8f75470ae2d3f1d97699ab8decf117d49daa2fe804471a310a3b20c2dff12b03a352e16cea6bd6bce9ae69dfe5f177e68a4cdd85d80d546f9c78f002325a
- SSDEEP
  
  96:eEyXuFRQH4fMoaEDA7CnmY4JvnqvFMtupuw+io6y9s9+Yv4wPiiN7pDcqGCY+1+:eorQH4UZJm4JvnqvFMtGbly9s9+Yv4wM
Score

1^/10
behavioral17
- Target
  
  nselib/bitcoin.lua
- Size
  
  18KB
- MD5
  
  b4f75f3104879a2fabda0a1b04a2a7df
- SHA1
  
  183fedee069724f8ce81910a38663483a63e84e6
- SHA256
  
  c290b8eea498900ba49dea246c09698a4b90bae695efa574aa3345b195a72809
- SHA512
  
  18aa389c13db541e9a2d78bd195a72a76fe1abdd8acffdf945e01c1d6792245b1ceb4f9e4b07f386b679d94456e6ddc2b53759e371ffd9b6e4ddb52abfdbc9b0
- SSDEEP
  
  384:r+bEljf4X/gNSdbeS4z8VqqUgDbj3nlZ8gTTPgsvKCiX:rZljALj1DPWX
Score

1^/10
behavioral18
- Target
  
  nselib/bittorrent.lua
- Size
  
  35KB
- MD5
  
  2f72ff4e67d0a9ea64cfefae4ba87016
- SHA1
  
  8d8a76615697c93878bc7a0dfbe7962fb470bf51
- SHA256
  
  b6870ebfc8c191ac5ec1a6c63104eff6a72b576c2b0ddb56fb9d107858c275d0
- SHA512
  
  32c025ce710d948fe9179661a67016c6df6ac62f394a1128fa9f752e7b7bff95b9a91118f8265dff7bd7beadce7e57d2526d79b1efb1dc8508f773f7536e3271
- SSDEEP
  
  384:hi+xZKskV86wiryOFvR82olsbYcsGToXLkLiyKQ6s3NefQBbvtcxX:/K9V8ULvGvNcsmMLqiyx6s3AfgbexX
Score

1^/10
behavioral19
- Target
  
  nselib/bjnp.lua
- Size
  
  9KB
- MD5
  
  80227c1b25d3af81192266027b3770f5
- SHA1
  
  a60f3469a34b80e4e800a0324819dcd26c40746e
- SHA256
  
  235fe1c28b2c8f067c4a57d2b8a28e32a604884fa6f09a16dc153f6abb617a32
- SHA512
  
  db97d339aedb0d971c0b9a1c7b7d111f6f4c7caa9bba824e2d8bb580bcf379232533840d4f8f21bdcb619e2067979b3462553eb925253521128f12b31b20767b
- SSDEEP
  
  192:zYcU4u8Gj+QklzwQnGbV4B1aMQACSSq14iZj8H7Mzj9X:zYcCRKVGBHeX
Score

1^/10
behavioral20
- Target
  
  nselib/brute.lua
- Size
  
  50KB
- MD5
  
  c09fff84b5bdcb8380a4633229609ae4
- SHA1
  
  3921f2a038123db7e1756c334af45f951bb6d3f5
- SHA256
  
  651af9487d146a100b8ad62b749aaa0722d85b3bb24f77bf180fbb9a5336771f
- SHA512
  
  2ff76ce40783adab924bb956b5c2007ee5c10aaf656d64fc040d46b0e6fd69e5f52f4483ab871c083bfe14401c553c59085bd436565fd2eaff2672bf43b9c029
- SSDEEP
  
  768:DekBr6y01FMm8r2oub+FFJb3GcH6IVv6msjNUxjXHn+v47+WhVQBfsgc3SecOHXl:TBep1un7bNV6jNsjXHnn7+W7cJA1
Score

1^/10
behavioral21
- Target
  
  nselib/coap.lua
- Size
  
  75KB
- MD5
  
  c7c996fb8ac6c29535de054d3b5d5ab4
- SHA1
  
  0fca72ced8e17a900d414e963ccb1a7c12753716
- SHA256
  
  4f089957334e99a37f71612274e130644412e97eb702beb279ed7272c735552d
- SHA512
  
  a79c70d5bddd7517cdebb8425b7501617f936bf0a7ddf7dc1a2a45855b813e9ef81cdb695c7ac149c56fc7abcb52ae281542c4652456b4ff82f4d86a012edbf9
- SSDEEP
  
  1536:vODKJIL39ODAl4KHHENZ0qIjeNJ60qmxiHcGTzeWHvfN6L7m:GlL39ODAl4KHHENZ0qIjKlqmxJGTzeMz
Score

1^/10
behavioral22
- Target
  
  nselib/comm.lua
- Size
  
  11KB
- MD5
  
  1db5b74211d74152d379766b2f357998
- SHA1
  
  e0c123333df8f1329795f963731cd9abb506c631
- SHA256
  
  1652c2b78b9565262c2d0389de1a9822abf7ceefecc15d62fa09eaae4b36541d
- SHA512
  
  917e800f91233863fb2ee1827b100f102215c6f447c45960441501c43856f4615085e02dff9e500186f503eb716ae6c9d599aa7a2c760710c4ff467224ee1a5e
- SSDEEP
  
  192:tYdc1towf2gEqaOl0uOxUoVCuOxV44otApJPzINvo5X8gKCiya84GgGZXYiX:tYit+uOxU6CuOxVzp+Nv0a87bX
Score

1^/10
behavioral23
- Target
  
  nselib/creds.lua
- Size
  
  18KB
- MD5
  
  cf30791f06d59a804d416bda935e02a7
- SHA1
  
  f8cdf03e915f7380a55614137f0fba66177457cd
- SHA256
  
  be51d0586e2e549f3591f2d59678577c9cf740eba81960e260000f81e16c21a4
- SHA512
  
  5eb8c84f3d00af9bcf97cda2e1d209a3162f19cf915dd56bc244771d9d9f0eae9cd571581d7451cb91cf94c42d6d573355381942dbed7d9579048eb309c837da
- SSDEEP
  
  384:7Ncqd8+8ZXT8ZBSOFDcdGYTjGeYl4WRZ5qigrIhYs5yw/zWlX:ZbdhMiJDOGY34bRZ5oMhYskw7eX
Score

1^/10
behavioral24
- Target
  
  nselib/cvs.lua
- Size
  
  3KB
- MD5
  
  dd0bb5da85e777e91b31d260694cdc50
- SHA1
  
  9b24d8ad709ef47e06e075ddc4c319b7e4394059
- SHA256
  
  b3124eb8057bf81e553e7f8082202b5de8b507cd964476f275c2453afd180925
- SHA512
  
  a8feda77037a2eb68b4aa11f90233c6cf09f3d3a1edc3eabbd94ed4077863b3d065cace115f58bbd6e120b32aa0ae436d31d92befa88d35233c9b444d485ad58
Score

1^/10
behavioral25
- Target
  
  nselib/data/http-default-accounts-fingerprints.lua
- Size
  
  59KB
- MD5
  
  a4ee6ff42d1de5ed6cee72d681c90258
- SHA1
  
  3a66e8385a5548a14602ef02d2a533406937a2c3
- SHA256
  
  f8501e0587f0939e75de6c2309b63fb1ba3a553653d2fa1bc85d4a5f950aec4c
- SHA512
  
  8310d115e50b5719a74180c46b32e5b5c31f9805d415cb82be040bec12cf887b0c9f5cc1d22e7a96e336880d62c0ed8d1401c63f935e8246a391c5c7e26f828f
- SSDEEP
  
  768:E42Z6pjzu16iFO8WD1DvoAmmB+RBPni6xk7vnad3V8zPIyNYs70NWkFs7RWrCZgI:06Jzo4xcAmmo6Xnbt0kjIBevJb
Score

1^/10
behavioral26
- Target
  
  nselib/data/http-devframework-fingerprints.lua
- Size
  
  12KB
- MD5
  
  449ae4c82e135254a9d30b301b7b55d7
- SHA1
  
  91f9f24e6da9e6c6f677cad3e5f7109caa5d74b6
- SHA256
  
  5c341864dde4b0b44bef7a36165fd5af349f215bdbab324387d5134c969bb5a6
- SHA512
  
  18dc9116d0d1572468cb336c597e49712d01d0f552a073412b2a3f119585179fc9d558a3e1230ff452a202cb5a5484af16c59c8563927d1abdfdcc4bb1b235ed
- SSDEEP
  
  192:dRTB/2vfBX6szxgCg83SLtngrfgFfgD9BFA5V4/:dZxcfd6szxgCyLtngrfgFfgD9BFAS
Score

1^/10
behavioral27
- Target
  
  nselib/data/mysql-cis.audit
- Size
  
  9KB
- MD5
  
  25cbf8c4fcf5d200991c99f4694b0b6f
- SHA1
  
  750e9ae1b88c068fea0d2614033fb63fc444189a
- SHA256
  
  64cb0af05e9c6e1e9a011d75039f30e94d674d2129196a3841058b3b93068d92
- SHA512
  
  691774fcde13eb5c910efcad18b01fc5b54eb132d1fbbd2f8f797983324bae8d1ae310be033a994f47d8716a01846b823c8b4adc4f2c8827d64f846daa3de9cf
- SSDEEP
  
  192:EEfCHXd3e+mH83emhAGC1Y22vND2caP92CQ623oM2iPh2aJI2F9xKlW3:EEfMdOrcumhAGyhK0F6dwaME
Score

1^/10
behavioral28
- Target
  
  nselib/data/packetdecoders.lua
- Size
  
  29KB
- MD5
  
  a20802714eab29943483f4b7d4cc6c3c
- SHA1
  
  1d16eb445e5a5ca9891b1345a9b9ffc73816a116
- SHA256
  
  7e4e0d4238631794e4d04ee5924485569879c301afb80b2ec5a09667da6070bb
- SHA512
  
  e414edd04c24ed25d6130dfb430d9639651c1670b5e87f868d4ddeab07d7d6809e6336661bcf054daa6ebdb1807607dbaf26f37fe27bb88b58d77bd2d49b4e83
- SSDEEP
  
  768:WurlOezIV1M9uf30ODk8IWTq8FLU6vnEIicXdli5C:dlOvHM9u5kN8K6nti8dli5C
Score

1^/10
behavioral29
- Target
  
  nselib/datafiles.lua
- Size
  
  11KB
- MD5
  
  59e3ad114b11b731bf74ccc38b688db3
- SHA1
  
  b361780df85aba5b48c66f952e050455c0bac202
- SHA256
  
  927dd61d3c1a46243dc9242eebf3c4919ae0ccfae200fe4328f6a3804b067680
- SHA512
  
  96e76803d960721611b67df71a58aedfcb15dd371efd11c338da095a87dc2aa9cc0ad169569e1fd10a162d0451d1ba7d6b9eeb7b83dd8e452596945f6dd94d65
- SSDEEP
  
  192:RwskbOVvXuY0dVhb+0RJnq0YA1KJ1AKL5AVJ72aQ+Mn/xH9dBVEbpreTh82uh8Iu:Rwskb62YuVh40YA1LS5A6aQ5/x7Me184
Score

1^/10
behavioral30
- Target
  
  zenmap.exe
- Size
  
  441KB
- MD5
  
  9096cca0244a3f6860e31c32b01830c2
- SHA1
  
  f338101391120cb91d7892b9c4f6375557150a43
- SHA256
  
  080f3c25e76808357208530dbd45d4bd6b72377e479e4e3d1e68e77d36dd2646
- SHA512
  
  298f60583f0dc80a51ebcb70afdeacd6a38cc20b8e438b8fcfe0e7de963be3a66f3d6339b7881d338a2b5cc90b88d30a3d1692f12e7f9a5127604b0f612ed2b5
- SSDEEP
  
  6144:NLUiegj5NMHCwbd3IqYZivw1swgjCoto:NpegNOiw53HdvwawUCw
Score

3^/10
behavioral31
- Target
  
  zlibwapi.dll
- Size
  
  107KB
- MD5
  
  1a1acc43b3f11d8cba04d9427d194671
- SHA1
  
  b56be097f6195a902749944e5acc95be206e1ea5
- SHA256
  
  2488a51d64dd6086828fc94a8998613038ba26d707ccf18082861c6a4addc3aa
- SHA512
  
  4f318c669bf73c179e38a6353448069e2f1e553b749d5be44e372f33c2269de5e0b267e206aa49dde01130f08dc3a6c1838c556764d6b438e31beb98fb3d4d4e
- SSDEEP
  
  3072:10m3NpXQWEl5YSuVuOB/s5qi6CaQ7pUdv+El805zSG+YbUveYnlzD:10enSnOBUveYnt
Score

3^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

T1553

SIP and Trust Provider Hijacking

T1553.003

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Drops file in Drivers directory

Manipulates Digital Signatures

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32