841a98464457d2fceff8a35e6b575b1e5e0681f7232cb3c2b94c698e38960a25

Target

Prefetch.zip
Size

21.2MB
Sample

240325-zm6xfshc96
MD5

a394e06a529a62d8a0ced7b5209378e6
SHA1

90414df61e25dbaecc31fbb0beba6edf2f159520
SHA256

841a98464457d2fceff8a35e6b575b1e5e0681f7232cb3c2b94c698e38960a25
SHA512

6138832ff04c7f556b84b295d671f164104f905770a8e4c2a58c7855cfb8e42b31bf9daa5ad59964e34d7c82a0f5f760564151b1219bb1931c601491941c670a
SSDEEP

393216:jzAM2Eb2nznrCzQDkD7DbxxTfQndqURaAfOXxM4k5TZfZhmKX38FvCv:jz4wozrCssTEs+2XuRF8Fve

Score

3^/10

Malware Config

Targets

- Target
  
  Prefetch/CIS.EXE-B8EB3849.pf
- Size
  
  27KB
- MD5
  
  5bc9ebd7f3ea7ed1cb9af2e10e29fc18
- SHA1
  
  604da8f1553a389945db555c942e0c24320fa06b
- SHA256
  
  eb4ada1552408830a24c9d6bcbf57cdce2942e8330fbc99c94dc4c7ff7dc9c7a
- SHA512
  
  6d28e4073540d54bf3492b1894aa8020659ecbfd78eddd5d5c7e63cab286df4552e28d254c9105e1f64e2d589a4a549983dd9d9d8b65c490c131351f0e7a14e8
- SSDEEP
  
  384:C9Z7eHiMO9YGzroE02+r4sfi8BbscwLLz7eZkk3PhZqVx9NpQ5IHhH0CzeEPy5TR:CDwVEqAz70kUZORpNSy5CRH
Score

3^/10
behavioral1 behavioral2
- Target
  
  Prefetch/CISCLEANUPTOOL_X64_NJQ5MDMWYZ-D5FF57E0.pf
- Size
  
  8KB
- MD5
  
  39105222976b74ccd87106f842306c95
- SHA1
  
  9f8fd9762266fc69dcdc5459f3fa3adaa5137909
- SHA256
  
  8387a3d604ce79e33dfaf1f79533669fcb700beb773d210d7f61f00c11529b4e
- SHA512
  
  e7daa204233659e9d3d378e6953656d88c2eb0f3db285c18d4b0a50d92872336e0a1ffd549be522b9dc5d1a14893567bd110685b35c4284542cf1f9f1536c9b3
- SSDEEP
  
  192:D91wfGHe2VAoBiS5uAq5BRqXbSWecuxyNhlQOsjB1SB:D9CfGhVAoEdAkPqrSWeu+116
Score

3^/10
behavioral3 behavioral4
- Target
  
  Prefetch/CMD.EXE-0BD30981.pf
- Size
  
  6KB
- MD5
  
  2ec8c2035f587418c43a88cc8fc0e5c5
- SHA1
  
  9aef28f905e795272d494646610661a1c93d7534
- SHA256
  
  ff093f5ed9b9e49002a4af3d36eca409acab58a5047318eed4f4f92bd9c461de
- SHA512
  
  b853864576d05cb233e0f31cef2850751ae83a0c7a43049dae40bde04ff497374d001f1a5d0f0d268006dfe5ed8133329887500645f7d84c2b7c94b59489c3a5
- SSDEEP
  
  192:Bwy3SRAu40kWiRiaVJeQtP7DVIdKuI+zRVNr:BTSKu4xWigareQ1P0nI+1V9
Score

3^/10
behavioral5 behavioral6
- Target
  
  Prefetch/CMD.EXE-6D6290C5.pf
- Size
  
  5KB
- MD5
  
  039820f2f19e328671e8790d91fc705d
- SHA1
  
  2cdd6e94edcecfe7204242095f3d4d2adbfdb49f
- SHA256
  
  99bf56c2de0e852e29cc34848dfbaf0eef7d820ff01eb7afab176db3f42dd704
- SHA512
  
  3f3a8a5f776c893d91114e384ff24aceb5c28d34b52d915dcb759b606b92bd3bbe04b03b0ffa04c0842c6a5b51496a92e2d9f6610218612136bda328e8e4424a
- SSDEEP
  
  96:vgwcX0A4b1ONmmmPp2CpT5MW8OcgQ1ghL9GVR4S/s+Y89eBfLw6v+Oql:IwcXCRONmmmPp2CpNLTpthxKAls6v+Jl
Score

3^/10
behavioral7 behavioral8
- Target
  
  Prefetch/CMDINSTALL.EXE-71D8CC25.pf
- Size
  
  16KB
- MD5
  
  3d02b48afe12a4015b7a70fa95d5bed6
- SHA1
  
  45482bcb900080289b0e33522c98670df0a8e164
- SHA256
  
  227cb00649f3a75666dbcbaa531cf422b40a8f56a479911b728ea22cbde0e6be
- SHA512
  
  8cb40cbddfd9122107341652dd47c25caeb0b9ca16bcfec7bd97c07711928d65a555d28e19c92c95f9c4a4d5032c0dbed1d09ca56df009573a8f4f2eb45f4046
- SSDEEP
  
  384:CrX0Sgf9//q5mG55sui6v1WDvtNCG0r48nrK4YW4w:CrX0SgB/m55Nie1pG583
Score

3^/10
behavioral10 behavioral9
- Target
  
  Prefetch/CMDVIRTH.EXE-15ACB64B.pf
- Size
  
  4KB
- MD5
  
  52203338a0cd8c1c7434292f2f2f410f
- SHA1
  
  d6f263d86ad900580b30e8fdfbcd484d7fd9548b
- SHA256
  
  ee37c8df0965ebffd5b069aed90b3b96ebcf6254ff75fd094e799f4454a06074
- SHA512
  
  4893ff53ba48964b9fd348a9005737f1f9bd1bd98c360a43d4877cfd2f4225ce32675dc301126e32533d4664156d082409057bd07d8f73715b97d7991a20bec8
- SSDEEP
  
  96:hDi2P8oZFESxjwRLkZ9wd1fzsn4+deRqGR0X7c3nboe/uvKl2qjNpy4t9:hDiuhFFwRLkV4+d7A3nboe/V2qpy4X
Score

3^/10
behavioral11 behavioral12
- Target
  
  Prefetch/COMPATTELRUNNER.EXE-B7A68ECC.pf
- Size
  
  4KB
- MD5
  
  c51b26c47b40ed9cca5120c8f628b4f6
- SHA1
  
  24d3ae78f0b2c58a5bdef9a9ad275913da851eef
- SHA256
  
  4625fc8d915d6207d8bb2f15444187216d3ab23586f647d54e1d59772fa6f086
- SHA512
  
  f8909fb1c6b454558106d64911478f00f4d32d6b1a9c3d2a688c33865e4e76ef8260d2f02493c4d0357ecf0e1087d42e5260fd4a9805eb3a5893d16f8ad057a5
- SSDEEP
  
  96:Rizjw5g2bpveO3sBRJiB5kKxz10y0f3TbuF3dNP+ARCum:480krkKg3TCZdNP7Dm
Score

3^/10
behavioral13 behavioral14
- Target
  
  Prefetch/COMPPKGSRV.EXE-4780F0C1.pf
- Size
  
  5KB
- MD5
  
  bbd6689813cdad6672ceda4d10529dda
- SHA1
  
  3d51a75c3449f5151de2b0792b41e3703ab5e971
- SHA256
  
  c4cac66ece57d2eaedbd008bf5bcaa650d6175901786c733e8754b6c6d62645b
- SHA512
  
  cba6012c6d4e2fc24ce9a35020d14ac1e4a66fd067b2557ff781cc99cf68e7030588086b01d3afc1bce668e959cd5339c3ea6fc30acf1ff6391e7822d04d8d2f
- SSDEEP
  
  96:oP2YSfPurVeEDcarJqwoqY9ZP+dNz+fMlSAn/h3xmtnWSuPzMSqMFISgo9/HK:oPGHu5eEncwoqCP+z+f6d1xmtWPzMSqD
Score

3^/10
behavioral15 behavioral16
- Target
  
  Prefetch/CONFIGSCHEDULEDTASK.EXE-927F7EB3.pf
- Size
  
  9KB
- MD5
  
  697bfe72b84d61e0dd85a7053c1e1df4
- SHA1
  
  78577ea490ca9baa5a37a631e4f0ef7e9869f187
- SHA256
  
  f12e8766305a5e7837f68ada517f9093b0f27f2048131035b087e55607ad8a8d
- SHA512
  
  3f5e53addd73d20d12f755f70024d4e188653f883c22aec0c784e0c0a42d166834c92b009e644b5e07b05e7600d41b2e652e218a7838189d79e3afcb3f332b12
- SSDEEP
  
  192:KD+/uKs7/WRN+1EEZrzfbqF83X1kelONM3AhJ8LdDRFa:nqsN+iE2wlkelOK3Ar2fw
Score

3^/10
behavioral17 behavioral18
- Target
  
  Prefetch/CONFIGSERVICE.EXE-01160B6C.pf
- Size
  
  4KB
- MD5
  
  aabec26579082dc1b4d5ce6abf92db40
- SHA1
  
  55a54d93ef058f0b240fd1298b0137e460431cc2
- SHA256
  
  f48764ac2e6ce04e35ca0b889b7a92b51e117472cc5bd50c3b7cd44e6a51b08d
- SHA512
  
  111c0c97fe5e0d92a50b481c3d430c5d572c18541d8ccd7f91c4dd9797686cb744a314712a209b6863dcaffddd0975a3e98d3f189f7069a7849ed3a9d598b77d
- SSDEEP
  
  96:ctrQGHN2tEQjO+dMrtapUHFymQ5HQa/aZCP0ef2LkrXlO:CaEQjO+WtaoFMyNef2LkrXlO
Score

3^/10
behavioral19 behavioral20
- Target
  
  Prefetch/CONHOST.EXE-0C6456FB.pf
- Size
  
  4KB
- MD5
  
  2017a8fa498f093cace11ef065154a46
- SHA1
  
  0ea87f0846897e5eb958adc85ab4c8209336d81f
- SHA256
  
  f44e26446f0c2b423ec8a5e3e51c9c44c2b3f8a34ff9b3f451dcb7f6ec40ae95
- SHA512
  
  04fff13e7150ecafdea18252dce5da79dde3aa2b756c6294fc57bfc9270ad70aa4f9b0715cca3b81115ed64d963601acb0fccbd72c20444884b7ea78711b31b9
- SSDEEP
  
  96:k8yP0Gd+XPIw1ci2wCKyN1G8WXEozGZ2agXmGt60TYPlCSsD4fLH4iZuh:ePjd+XQJizCKwAZB67QUTYiZuh
Score

3^/10
behavioral21 behavioral22
- Target
  
  Prefetch/CONSENT.EXE-40419367.pf
- Size
  
  47KB
- MD5
  
  5bf2115dc8d3b729c5829874d5d8cb59
- SHA1
  
  f9a56d5cf85b67f84f4217c93fad6f48d9813202
- SHA256
  
  2b4056595a0cee651479270c2e09cd47ebba9124336c577ddd3b0c782afc48b2
- SHA512
  
  ce6d130a05aa1fa428f444ab3f156834a401e4f9029d6ba7a31f26f2dcfb532393acc19411b2cfafea7ff0bc29d5748d527d3d157623c35424f1362fc6bd15f8
- SSDEEP
  
  768:lwPFCp5xpgP+Qfx6tRRwCxWjoeT1glONlNNjBR3BUa+rJ9Fe:EFCHjxWt4uPR3BUlvFe
Score

3^/10
behavioral23 behavioral24
- Target
  
  Prefetch/CONTROL.EXE-6EA5489A.pf
- Size
  
  9KB
- MD5
  
  137fa333f1ee6346acb53228647e9a3d
- SHA1
  
  d7664e34f2cf417655aa93c736f785a7bbef7bac
- SHA256
  
  83a898e5e900ef63c2a93db0e7cc4a329e9d4ad9ca7a8b0c0d6fae6b4e5894ed
- SHA512
  
  b4eb065b65da381dac7cd793d7c30b64036ab4d6805f9c67d8435fabbb8502eb2d536c0d491a7ba93769d2fd2ec30b8ae86ae577409bbbaba6babe13e068ccaf
- SSDEEP
  
  192:UnTqRQJ8DcOxJocl1B3tYDvWRSsDrbzEf7yHAVW/a4Bsk71Se:UnT6QJz+ocl1xaDWRSsDHzE75Ga4BskR
Score

3^/10
behavioral25 behavioral26
- Target
  
  Prefetch/CREDENTIALUIBROKER.EXE-8CEDA3EB.pf
- Size
  
  29KB
- MD5
  
  9f68647bab55c52164801e00f878959c
- SHA1
  
  6533c5c468a2c8822a968243668fd98d19862216
- SHA256
  
  7489e3c5a5b58633272de1ad1fa8c06517ea291f79a2e9e9fab5b6261f2b63e9
- SHA512
  
  8ef553df5dfe28d9b1734e18f656b7c7701511d9a92a471a5e85381ce6ea9928ab06abab5b60368145311bfd7b3c7962c8eb7838858871e6e95b3de043939171
- SSDEEP
  
  384:lGTnWYszPzJk35Kb7AL3oXUUHF6kqletQecnIHqCltw3la0mPMobU9yCYvvSh6Or:lGTWZTzTEwpXHqC3w3gsC1Sh6oCs
Score

3^/10
behavioral27 behavioral28
- Target
  
  Prefetch/CSRSS.EXE-F3C368CB.pf
- Size
  
  5KB
- MD5
  
  7f43a31579363a1bc4ea108a42831a4f
- SHA1
  
  9914afdca0372bd65a0854a777108f3f558d8c9c
- SHA256
  
  3605b4b1fd767413b74bd08239492fcb007662655a7bc976487c7a62018765c9
- SHA512
  
  48bdc35433d55170e7856605851f12b6698c0179fbc9eb809fb53d195b23806b8c5a327d79137fb85c8ca76f964bb7da345a0ddaf7f53318a52a0321c73abbe8
- SSDEEP
  
  96:sq+e5b9p4dS/RD7eoZAoYG7X3CNvJ0SRAAXbib8sv9xkFvQDDRReBJ9rJeB:sq+e5b9t/RvHZAVG7X3Cn0+vLHsbTDRR
Score

3^/10
behavioral29 behavioral30
- Target
  
  Prefetch/CTFMON.EXE-795F8130.pf
- Size
  
  10KB
- MD5
  
  16cca8e728ec0f299a431d43d392081d
- SHA1
  
  9ae6349bde9afdc7673a20d946807338dbeac261
- SHA256
  
  d57e249ca14c74dcbcb4ad6a69abb8809d69fb16f3c5b78f7c1ce7255d32d08b
- SHA512
  
  af8072cc904162c1e13bf7af318f598e8268f1b3a42e63948dcbd716f9c3de7dec60a349398310b49c84ae0af2e4fe1ff963c170d8c16c77920bf08c6353e49b
- SSDEEP
  
  192:Abs2Dr+Mm20OvKKVItizdDI9g42YsYbh8oAbkt+4/wIcbPb0O8pPQEDZ:5MIeKKVItg1Qs6h8oAbkZib0O8dQOZ
Score

3^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32