781b18859a09602c65cc40c5871e9fa6630e2ab43801a2005ffb0d35ec1b7307

Sharing

Copy URL

Twitter E-mail

General

Target

GGM-Remapper-V0791.rar
Size

68.3MB
Sample

240318-yvkhraha82
MD5

9e04d39cbbf5b46883882fb74dadba0c
SHA1

09ee651342c634431618fc91d363a21f9620a6e1
SHA256

781b18859a09602c65cc40c5871e9fa6630e2ab43801a2005ffb0d35ec1b7307
SHA512

d06817bca1bcf22c6939d9b1304d03ba809d8f6329e2099a551e4998706c79f20b774f19b24043cb927f7be1f4fa447191157df2f581b1fb584dec8ab411acbd
SSDEEP

1572864:uIxjPvtGUSQqHFhdkef6tIJfpxm5AmzaiZ9ZDr+VoTC/iU:zxDlGUpqHFhdknt2vMX9Z9ZDr+GTCJ

Score

3^/10

link pdf

Malware Config

Targets

- Target
  
  GGM Remapper V0791/GGM0791/runtimes/win-x64/native/vcruntime140_1.dll
- Size
  
  48KB
- MD5
  
  cf0a1c4776ffe23ada5e570fc36e39fe
- SHA1
  
  2050fadecc11550ad9bde0b542bcf87e19d37f1a
- SHA256
  
  6fd366a691ed68430bcd0a3de3d8d19a0cb2102952bfc140bbef4354ed082c47
- SHA512
  
  d95cd98d22ca048d0fc5bca551c9db13d6fa705f6af120bbbb621cf2b30284bfdc7320d0a819bb26dab1e0a46253cc311a370bed4ef72ecb60c69791ed720168
- SSDEEP
  
  768:a0Q4HUcGJZekJSam1BbuBSYcCZbiLzlSHji9z4GwZHji9znwT:afnDex5izbiLzlE+z4Gwl+zwT
Score

1^/10
behavioral1 behavioral2
- Target
  
  GGM Remapper V0791/GGM0791/runtimes/win-x86/native/concrt140.dll
- Size
  
  253KB
- MD5
  
  ebcf24d1c4386b128fa10e954848371b
- SHA1
  
  6d9a30cefc136ffbfd57a7fc825cab5864b1abfc
- SHA256
  
  d23fce535c32d934461a0a39589d87afd592a3176033e3f2c97304122c96bf0a
- SHA512
  
  dc46c47cff3f2b1b3944df6e61f6ccddf9d9857cac3570a2a6d8c03134edbd9b2f2e4b3bda98d73e2385110cd5613b3f9ec91395d704a50793e70acc5b03b86b
- SSDEEP
  
  6144:ECojisTYsJ8wmqr85bqo0MJQ6AZiJeqaajUQnLg2CJuuwH/12z/5vy4vo7o:v7CpiAIaDuuw0zhl
Score

3^/10
behavioral3 behavioral4
- Target
  
  GGM Remapper V0791/GGM0791/runtimes/win-x86/native/cvextern.dll
- Size
  
  39.9MB
- MD5
  
  d58a87d5bc8a0a9f03bde992f7c7a0ed
- SHA1
  
  0b8b388b97e0c19ae48b4adf4010b3e0567bea94
- SHA256
  
  9132063161da6b00097370f4207b0e7702ed4e0e3879d3821a28b9717ed5f272
- SHA512
  
  87cc4f19a3d2fa48de6356c64d1e55f83c253f4768485bff9c49ef32622f3d253bf1452810ebbc93d651ba62fbd80ef07f37e47436493a7e1cc24392502d53c9
- SSDEEP
  
  786432:iiosjgqZvkfNxNhdohVQK0af/cWkX2/HNi5MjchFDcLcekp6E1CQkdQtsLRDty9Z:iLsjgqBkf/NhdohVf/cWkX2/HNiyAFDf
Score

3^/10
behavioral5 behavioral6
- Target
  
  GGM Remapper V0791/GGM0791/runtimes/win-x86/native/msvcp140.dll
- Size
  
  437KB
- MD5
  
  dc739066c9d0ca961cba2f320cade28e
- SHA1
  
  81ed5f7861e748b90c7ae2d18da80d1409d1fa05
- SHA256
  
  74e9268a68118bb1ac5154f8f327887715960ccc37ba9dabbe31ecd82dcbaa55
- SHA512
  
  4eb181984d989156b8703fd8bb8963d7a5a3b7f981fe747c6992993b7a1395a21f45dbedf08c1483d523e772bdf41330753e1771243b53da36d2539c01171cf1
- SSDEEP
  
  12288:kKB+zFjoLcAtFSYy9PA7TEsnmLIxhUgiW6QR7t5s03Ooc8dHkC2eszslz:kKMzFj4tFSYyO7TEsnmLIe03Ooc8dHkw
Score

3^/10
behavioral7 behavioral8
- Target
  
  GGM Remapper V0791/GGM0791/runtimes/win-x86/native/msvcp140_1.dll
- Size
  
  32KB
- MD5
  
  ca41f812e04bf186926c8e312ed86990
- SHA1
  
  06ad85c589487bb6a172c41164e404c152f58c1b
- SHA256
  
  037da271a83151debaa648a35cf5ce9ee9b8fedaa7e437bee1b44ece54ad9933
- SHA512
  
  796e43a7057ef7e0fc6863c221e43cec4e14c019e5ea2526ce4683f29702c25e7f478b1f27af59b21302de0e466483d1b846409f1e976d04c687f84b2c2ddabd
- SSDEEP
  
  384:E6sWCFIvQX2UJFJwjsX/LWcm5gW41QgKSt+eZRh1FNGaR9zBRbuvsHRN7JdDeZRG:n5CfGUnJFXGUzlvRlUW9zBcwJdDU9zs
Score

1^/10
behavioral10 behavioral9
- Target
  
  GGM Remapper V0791/GGM0791/runtimes/win-x86/native/msvcp140_2.dll
- Size
  
  245KB
- MD5
  
  0b9b70c45a35059cff46d03e675c6390
- SHA1
  
  44f28351b83485633f297f90dff709c8a10b3640
- SHA256
  
  750b7f72fa474406cd4a50165183e64af932e0defcd414a01a56ec79dc6fef9f
- SHA512
  
  86de24abc98e66ba695f6b76dd9762df9b24484ed9fbf0e9a46d2fb97847524fa9f193a21ec94065bb2d42162f72194ad28834f80e57ada2ea152e6d887fe442
- SSDEEP
  
  6144:E/ex7sgt8CZyY0UPo/BYNn+crb9ok6h32Llz9Jt2/NWbZJ25:kex7sM8CZyH6hvrb9ok6h3GlLgNWzM
Score

1^/10
behavioral11 behavioral12
- Target
  
  GGM Remapper V0791/GGM0791/runtimes/win-x86/native/msvcp140_atomic_wait.dll
- Size
  
  45KB
- MD5
  
  7819ff30aadbb22dd6b86accdb223a22
- SHA1
  
  f4a8a8f5b3b9c7f83d7bbf5e42714fc14ce345df
- SHA256
  
  71820ba963f1fb9e6469b8895613ec59283332f2a9650d96c9abe1a01b7a513c
- SHA512
  
  6750130447a1fcad1142f54f0471bc11e793522eb81709dadbe403d863cd8e215c356baa4654992b40066daa4b7dde1e547e1f1112f0142b0a7c0c07a38c785b
- SSDEEP
  
  768:kgeNYb+ne4tyxI8diO/lc5iJoV+wwzlkbdii9zSw9bi9zn:kgjb+e48x8Otc5iJo0wwzlkBi+zSw9bQ
Score

1^/10
behavioral13 behavioral14
- Target
  
  GGM Remapper V0791/GGM0791/runtimes/win-x86/native/msvcp140_codecvt_ids.dll
- Size
  
  29KB
- MD5
  
  16297b3597570f321f971fd3143d0c23
- SHA1
  
  8e26c7671c760f856e44bd8c093b71c837b1e5d0
- SHA256
  
  024e16380ae3722e164b48fb69b560f19b311d50921090dea4d1897f81c87591
- SHA512
  
  ac91c46f5f4737b50f60047bd145350d09fed77c0c7b4a866f6064a926f0da73854286cf02d9310e6131744c47050cba5eaaa503e29b695fbce8356dc5660980
- SSDEEP
  
  384:K5JDjJc3ZJBgjKOoWiUEWLegQgKSt+eIoP6zaHeR9zdj+SRvsHRN7K6zaHeR9zdx:mJO3ZrbyjzleWC9zAuwGC9zv
Score

3^/10
behavioral15 behavioral16
- Target
  
  GGM Remapper V0791/GGM0791/runtimes/win-x86/native/opencv_videoio_ffmpeg481.dll
- Size
  
  22.3MB
- MD5
  
  4aaef1456e282e5ef665d65555f47f56
- SHA1
  
  c2766baf02b13751ae27a4cae3c9a9170b3a5a68
- SHA256
  
  7543fcb050670136cf1cb50850b35348bfa924299d398e92c1506ec1a665a6ab
- SHA512
  
  e2c24273f632d4e51068f7fbd663fcb68c1175eda666ced3460ecd01ace7f786ef6f59d9b49042e695ac8f4a519ba6580ed4d3239bb8e589cc18fd7de2f7aacb
- SSDEEP
  
  393216:xImauu+SZNC39wUM9vzz22/OqDOGtNTtfmk4070bcgT2hONn6q+:zaHNC39A9v3RDOGtNTt7zEPNk
Score

1^/10
behavioral17 behavioral18
- Target
  
  GGM Remapper V0791/GGM0791/runtimes/win-x86/native/vcruntime140.dll
- Size
  
  88KB
- MD5
  
  1d4ff3cf64ab08c66ae9a4013c89a3ac
- SHA1
  
  f9ee15d0e9b0b7e04ff4c8a5de5afcffe8b2527b
- SHA256
  
  65f620bc588d95fe2ed236d1602e49f89077b434c83102549eed137c7fdc7220
- SHA512
  
  65fbd68843280e933620c470e524fba993ab4c48ede4bc0917b4ebe25da0408d02daec3f5afcd44a3ff8aba676d2eff2dda3f354029d27932ef39c9fdea51c26
- SSDEEP
  
  1536:Lb8h/b8bgkjohTX6pz0y9v+xSUKF1IuCmgnKecbWJdazlTjznFKwcjzBG:LbWUgkOTX6ey9v+xSjFyuBecbWnaNjjb
Score

3^/10
behavioral19 behavioral20
- Target
  
  GGM Remapper V0791/GGM0791/runtimes/win/lib/net6.0/Microsoft.Win32.SystemEvents.dll
- Size
  
  56KB
- MD5
  
  dd65cc318d2ef5f46a3f826c85322761
- SHA1
  
  5977fb1ef6d6696205aed84973559f58bfb7e3bb
- SHA256
  
  e712093997e02359ca09c14e80818735cc3592f4d2e1ac2657a8166e6c60047c
- SHA512
  
  4d14e8c9ac7d214da05d87c0f6d3ca7c009619397711eff630be981cc6ec84e458d3d910411267f83dcd2d482c9589375be82a9bc8b76d1c39eee4e85749c1dd
- SSDEEP
  
  768:qEqNJ08f83AZil73/ahl819ZTDj+jXr5k6o67Ib/itOQ9zcH:q/No3A8lbSlEHj+jDBIrirzA
Score

1^/10
behavioral21 behavioral22
- Target
  
  GGM Remapper V0791/Needed Drivers/Interception/command line installer/install-interception.exe
- Size
  
  459KB
- MD5
  
  0f0b50d92e030b8965ce669c8058fa6e
- SHA1
  
  257b3f0402285a29f4618b32958c208b3e9d4c4d
- SHA256
  
  e137863a79da797f08e7a137280ff2a123809044a888fd75ce9c973198915abe
- SHA512
  
  fc7c384fd6f682ad01b598abf87c522b38068f4488cea6dc7bd6dedd66e995e4d8fb583c54c6afed0c4c7a9a2318bb6ed257bb3cbd0e48fae83a7819d1167d79
- SSDEEP
  
  6144:+sglhAWORQG8O1dMDmJPjQy4xZWLUKc2:+s4LjGvMk74+B
Score

1^/10
behavioral23 behavioral24
- Target
  
  GGM Remapper V0791/Needed Drivers/Interception/library/x64/interception.dll
- Size
  
  11KB
- MD5
  
  fe8b2a022297aa36a3546391221f635a
- SHA1
  
  346e04907eb628372f459fbbf109b6cff57cac13
- SHA256
  
  ab88164c11b1b48488772d4c3bfaa4509d5b0ae9dbc5a691dc4f96f0260443c8
- SHA512
  
  fa203db607cb1154f7ac84e64b236b19ff29abab1b443609648ee3fafa53581c22420edd1f5ed2c522ab7f3c2577c73822eafbf143a8c80914a3061193b10a1c
- SSDEEP
  
  192:wBKz1mGyRWIddjlkuSCqPDKSyFVzhveZhAk3M+j4sreC:EKsGyRhdtlkuSCLS8VcZhP344
Score

1^/10
behavioral25 behavioral26
- Target
  
  GGM Remapper V0791/Needed Drivers/Interception/library/x86/interception.dll
- Size
  
  10KB
- MD5
  
  f90b05d294f094a122c6b99b5a820cb8
- SHA1
  
  757803f0e58269ac37ff81489465f80108032636
- SHA256
  
  9e1def27b804df9ba97fd07f9de835c70660ae568c00950102f70034e293a684
- SHA512
  
  84165cd9d27fb269411399b4a8b8e4e08279487324d840c52d46b552c427853e57b2007424f070f92c4f38b0c3632eab7710516768ac8670e01a413c38fe648a
- SSDEEP
  
  192:PEH6lRLkQel2t06XKAITvGKTNFqXJNr68JAI/sr0Ib/dk:PrL6w07AIDXqf68JlGZ
Score

1^/10
behavioral27 behavioral28
- Target
  
  GGM Remapper V0791/Needed Drivers/Interception/licenses/commercial-usage/Interception API.pdf
- Size
  
  21KB
- MD5
  
  10f52b28aeb0d7209c83b8cccb6a8c0e
- SHA1
  
  74c937b413b7766b93ceec9fd608220b77662437
- SHA256
  
  b6fbff2a6b20ba644632d13128589eac2a8886729f4aecf7724be4ccae17c2f9
- SHA512
  
  e4de6821ae76678791ee50cd4532845072ddbcaae4e29fbe9b00e710c1675d4ea55dbccd0604ae03c7285ab4400d4934649512b6d6e1eb22d4cff03147761207
- SSDEEP
  
  384:Y0EAbrvV9FhiI1jL8hgXIPvGqPYwVBPSSxX1Xt3wHuDvOF8uO+cZGLDZ1Qmg84Xr:Y07fFhiI1jYhgXIPvGqPYwjPSSxXD3w0
Score

1^/10
behavioral29 behavioral30
- Target
  
  GGM Remapper V0791/Needed Drivers/Interception/licenses/commercial-usage/Interception.pdf
- Size
  
  76KB
- MD5
  
  717bbe05ccc30dcb973f91c8f6b070a4
- SHA1
  
  8a3bd6b5ce01ebe311bbba1b3058b471fa904d2b
- SHA256
  
  f54331742d5d9bfed03822cb8a905b46960502048a1ac11e8060cc7fda7a7de9
- SHA512
  
  1a8fe010dbf1246c6f73c3818c3fee2ca58e39e906bf076b2161f4af8009efd55942b63f90ffb36a15abf1e9003a5b5a4e080966b438076dfd4862dc23cf8184
- SSDEEP
  
  1536:ba83/4twD6Pmr65d2DBUKGxSIeKToKHxW+Ne5lA8a3NQkd5nCYZUrnf8d:+83gOD6Pme5WU4VKToKHgyeA8aymnArm
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32