Overview

overview

9

Static

static

9

AVR0RX/AVR0RA.exe

windows7-x64

7

$TEMP/Senator.exe

windows7-x64

AVR0RX/scr...ts.dll

windows7-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    A V R 0 R A V3.2.1.zip

  • Size

    8.8MB

  • Sample

    240323-w5cvjsaf67

  • MD5

    b2449d7d3b8d4e874ba05517e19b195c

  • SHA1

    c93937fabeb4590090004beb218b7b8c4222109b

  • SHA256

    e72fed4e409007f32170aeeec9b3a66c189f419ac63134f49d061903e26b44ec

  • SHA512

    92be23473e17187e2b619504d53085dcc08ffa6d2bb3af2c0c949d1fab3fa3120fd59f8f52fc4426a94d5ebbec92b2b7db4dc3cfdf6d182b533432a5a4b75067

  • SSDEEP

    196608:Sfa46tHu+lPcbNKn2u1dJI+07d4ZjjapG0DHsCTza3:y69gOFa+07d4djapGQHsYa3

Score
9/10
cryptonepacker

Malware Config

Targets

    • Target

      AVR0RX/AVR0RA.exe

    • Size

      288.0MB

    • MD5

      c3afa0f2a2250d4315ccc8e1342bc988

    • SHA1

      77ff25f46824bb45eba911051850d9c918aa993a

    • SHA256

      ee3a3ba814d5cbf925a7cd5bd5f10d78141b62226cb93062847e613af0a42384

    • SHA512

      c39cc71a9a07ffbbb0b0551d62ddd3cb9f1fe63728024e071d669461bd0cb7b13cf7b1d17766bda80c948846b820181e47ccaf06234534613cb94893d4e542e2

    • SSDEEP

      24576:mYeXZFoujwyyHYSAm3JKTQNmIdlAQI2Srmy8Pk8NnhAA+ZO/pHkOR45Ykz8kUn:7fV463JWoDde2L1Ac/OOqSkC

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1

    • Target

      $TEMP/Senator

    • Size

      180KB

    • MD5

      ad0cf777fbb5165d21dd2bd12968456e

    • SHA1

      655369ae914224510fd03eb2da4d2f525c6405b8

    • SHA256

      fa0c66256fa45860236f3e01ff3de25c93881a6f6685c022582454482405f77c

    • SHA512

      c538b1194291ec00effdc378505e14ea3e1c2ceee35a7a2fffe3fc70af41cc988df81dfb77a829a18da40d688279be9de24cfa03a0ad0a72afecd816ce9fe540

    • SSDEEP

      3072:1Zg5PXPeiR6MKkjGWoUlJUPdgQa8Bp/LxyA3laW2UDQWf05mjccBiqXvpgF4qv+1:1K5vPeDkjGgQaE/loUDtf0accB3gBm1

    Score
    1/10
    behavioral2

    • Target

      AVR0RX/scripts/scripts.dll

    • Size

      18.7MB

    • MD5

      88fd7dbf04bcf75123d02009aea3f7f7

    • SHA1

      cecf16bdad71e54afc941179ea2b7438a04efa1d

    • SHA256

      01481b9a862936fbc090bda4033f22d7ffa5a7bfe5dc32f47c7794332b34eec4

    • SHA512

      2c6298b5adf91b51f0042d48e0846f5b196d52a588fd4fc577bf19ec26ad8e547382279a15f8bf131b08b0d7c140534aff25f82d5e8998818b812e72c9493917

    • SSDEEP

      393216:hqA/D2IIyzg8DolBo6i0KoI6Di42sC1/syU3DXNs6hq8:hqcaZyV0fC1JOpjhq8

    Score
    1/10
    behavioral3

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Process Discovery

1
T1057

Remote System Discovery

1
T1018

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks