a636a22ba499261bf77b114676f49241f9c4532d586bb206db1cbddcb9c6bf8d

Sharing

Copy URL

Twitter E-mail

General

Target

PowerISO8.exe
Size

4.8MB
Sample

240306-q8y93acd71
MD5

e266c762c389d911887606e3d9be7b1c
SHA1

f79243622e0abd9456e82030081bc158d2455f91
SHA256

a636a22ba499261bf77b114676f49241f9c4532d586bb206db1cbddcb9c6bf8d
SHA512

f7d2aa314d3aaf8ba0e8c7cae073e9b6900d05fb9ccafea267b7a21925605ac1f6abcf2aa7a29843ce56155400e97f24017b1a96c9a8e624522c094f0f6bd6c9
SSDEEP

98304:jdFL7/mO2sh23D4oZZGAV6WIu8qQjFWgG11:X/tNpcR8zjFc11

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  PowerISO8.exe
- Size
  
  4.8MB
- MD5
  
  e266c762c389d911887606e3d9be7b1c
- SHA1
  
  f79243622e0abd9456e82030081bc158d2455f91
- SHA256
  
  a636a22ba499261bf77b114676f49241f9c4532d586bb206db1cbddcb9c6bf8d
- SHA512
  
  f7d2aa314d3aaf8ba0e8c7cae073e9b6900d05fb9ccafea267b7a21925605ac1f6abcf2aa7a29843ce56155400e97f24017b1a96c9a8e624522c094f0f6bd6c9
- SSDEEP
  
  98304:jdFL7/mO2sh23D4oZZGAV6WIu8qQjFWgG11:X/tNpcR8zjFc11
Score

7^/10

discovery
- Loads dropped DLL
- Checks for any installed AV software in registry
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  8cf2ac271d7679b1d68eefc1ae0c5618
- SHA1
  
  7cc1caaa747ee16dc894a600a4256f64fa65a9b8
- SHA256
  
  6950991102462d84fdc0e3b0ae30c95af8c192f77ce3d78e8d54e6b22f7c09ba
- SHA512
  
  ce828fb9ecd7655cc4c974f78f209d3326ba71ced60171a45a437fc3fff3bd0d69a0997adaca29265c7b5419bdea2b17f8cc8ceae1b8ce6b22b7ed9120bb5ad3
- SSDEEP
  
  192:BenY0qWTlt70IAj/lQ0sEWc/wtYbBH2aDybC7y+XB9IwL:B8+Qlt70Fj/lQRY/9VjjlL
Score

3^/10
behavioral2
- Target
  
  $PLUGINSDIR/modern-header.bmp
- Size
  
  68KB
- MD5
  
  ca2542b0e66e48d7e3f361c8eef8f720
- SHA1
  
  368093fbcbf5dfe2cd58e77f2d6eee7ea5b808cb
- SHA256
  
  4566dfcc153cba168a02eebc5ddd9d82832cf463ebb8ecb4ec2f269f9f85aeca
- SHA512
  
  72296dd3d0a741caf051a326cd703b59132136bccbe43c000cf4e57e3d7955aa812501a59f4f62530b2a2b8a73bebf55d32aa428a869c4c840fc16bca1788a33
- SSDEEP
  
  384:tZfV37EjIopEmmR2vqTf73cynNOBD97H5x1QJOa5/LIsW4Jl7tJegwf0NY:rejIodmMiTDzNOBV/o5/jJl7DTNY
Score

3^/10
behavioral3
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  ec9640b70e07141febbe2cd4cc42510f
- SHA1
  
  64a5e4b90e5fe62aa40e7ac9e16342ed066f0306
- SHA256
  
  c5ba017732597a82f695b084d1aa7fe3b356168cc66105b9392a9c5b06be5188
- SHA512
  
  47605b217313c7fe6ce3e9a65da156a2fba8d91e4ed23731d3c5e432dd048ff5c8f9ae8bb85a6a39e1eac4e1b6a22862aa72d3b1b1c8255858997cdd4db5d1fe
- SSDEEP
  
  192:oRsHeylO012En8pqHtcE0PuAgkOyPIFc:sATI0d8pUP0WAgkBPIFc
Score

3^/10
behavioral4
- Target
  
  $R0
- Size
  
  57KB
- MD5
  
  e2399827f98c20dff849baf9703b76ee
- SHA1
  
  370354d049dea4ae83948294726cb6a17dd8c251
- SHA256
  
  ee90ee53cacaab34eb38cf4a130ac2196b02bc16e46ba99752129c01e329978d
- SHA512
  
  b67fe02ca7a147b63e04a0eb385e5c99e873bc24930bae1cb901a01f4f3e5f209ca427165f6da2127c4c3b35f6b05af20a0faefd5e83c523665678223449dc94
- SSDEEP
  
  768:eeHGLC03SEOlCidXlrnzFKhAtmofgevxHs4gZWk:0LJ3/OltrnzchAtmoflxHeW
Score

1^/10
behavioral5
- Target
  
  $SYSDIR/Drivers/$0
- Size
  
  121KB
- MD5
  
  4b5579223186e2e1ab4a24b608fdc949
- SHA1
  
  7836a870b946c26f718de2f6e27631286e27add8
- SHA256
  
  c7b58da9fd4cf2f7f83f92b2e98437a2420150fec6e58c2bd84c82edd2da9a8e
- SHA512
  
  410be06b5c17d44e83fba95a07d8c92f3ee318055adffe51bfa45bd61938c54e8f8f0f819b31133d3028d64b5d3b070ed49e2e4031054e825b0d73f1cff650f7
- SSDEEP
  
  1536:Q/fgW0Hm+cHFyFv6or1StlDEgFCsd2kDXaPaSPi20jE8q5swDzAWyyighSr:iycHFyF9RStlDdtXoan2g8sEpOr
Score

1^/10
behavioral6
- Target
  
  $SYSDIR/Drivers/scdemu.sys
- Size
  
  121KB
- MD5
  
  4b5579223186e2e1ab4a24b608fdc949
- SHA1
  
  7836a870b946c26f718de2f6e27631286e27add8
- SHA256
  
  c7b58da9fd4cf2f7f83f92b2e98437a2420150fec6e58c2bd84c82edd2da9a8e
- SHA512
  
  410be06b5c17d44e83fba95a07d8c92f3ee318055adffe51bfa45bd61938c54e8f8f0f819b31133d3028d64b5d3b070ed49e2e4031054e825b0d73f1cff650f7
- SSDEEP
  
  1536:Q/fgW0Hm+cHFyFv6or1StlDEgFCsd2kDXaPaSPi20jE8q5swDzAWyyighSr:iycHFyF9RStlDdtXoan2g8sEpOr
Score

1^/10
behavioral7
- Target
  
  $TEMP/$0
- Size
  
  29KB
- MD5
  
  c3b224d15a9036805575b2ff0bcefeda
- SHA1
  
  74779ae82a97e97d770435d097821810f16c97c5
- SHA256
  
  23d8aeff49ffbac9f9490e9739e059cd7064516dbcd693fe2de77830b127ff8a
- SHA512
  
  5a5d98cc9a4aca076049340a4645879a8e4a1d2e24a672015627446d7e3729acf0b64bc8a0f702b8da735d22607fe13ba3ef6a497a57891804576899b06bb461
- SSDEEP
  
  384:XE+iXOWKqv0WEXSvQiJb7Mejv14ESgQaMOaA9qqKYu8iFz/pvow3PrCDaU2:XxspKA0ZiVfWEVUfYuhFzVowOD
Score

1^/10
behavioral8
- Target
  
  devcon.exe
- Size
  
  57KB
- MD5
  
  e2399827f98c20dff849baf9703b76ee
- SHA1
  
  370354d049dea4ae83948294726cb6a17dd8c251
- SHA256
  
  ee90ee53cacaab34eb38cf4a130ac2196b02bc16e46ba99752129c01e329978d
- SHA512
  
  b67fe02ca7a147b63e04a0eb385e5c99e873bc24930bae1cb901a01f4f3e5f209ca427165f6da2127c4c3b35f6b05af20a0faefd5e83c523665678223449dc94
- SSDEEP
  
  768:eeHGLC03SEOlCidXlrnzFKhAtmofgevxHs4gZWk:0LJ3/OltrnzchAtmoflxHeW
Score

1^/10
behavioral9
- Target
  
  unicows.dll
- Size
  
  252KB
- MD5
  
  f8d176db5b14aed7c9b25e0640226bd1
- SHA1
  
  a31c1c641639f5b50e79e0330cfc91e6613bf7f9
- SHA256
  
  f06f36fa03a5db4980c9d1120ada1d9e558515be73eff5b7cd34c48c0d9afd35
- SHA512
  
  ceb50c3de105cb8a9541161c2bc9d65cc86c9b2bf5e6e40dcb8c8227ba38e0713d30aa84d8479c78e03ee63ef2f75debe7a5bc6a86cc6dcbcee106d93b9597bf
- SSDEEP
  
  6144:Y4OkcR5cbvIFc8vuB4ShpH4BemwbVkEZ77:YFkedmBPjHv777
Score

1^/10
behavioral10

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

Software Discovery

T1518

Security Software Discovery

T1518.001

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Checks for any installed AV software in registry

Checks installed software on the system

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10