Overview
overview
10Static
static
3Security.exe
windows7-x64
1Security.exe
windows10-2004-x64
1Security_x64.exe
windows7-x64
1Security_x64.exe
windows10-2004-x64
1Setup1.exe
windows7-x64
3Setup1.exe
windows10-2004-x64
3hh.exe
windows7-x64
1hh.exe
windows10-2004-x64
1mssecsvc.exe
windows7-x64
10mssecsvc.exe
windows10-2004-x64
10qeriuwjhrf.exe
windows7-x64
qeriuwjhrf.exe
windows10-2004-x64
tasksche.exe
windows7-x64
tasksche.exe
windows10-2004-x64
General
-
Target
muestras.zip
-
Size
8.8MB
-
Sample
240415-qvvpqaff23
-
MD5
5fab400739579614ebc9b0434e598a99
-
SHA1
411cdbc8cdae66d7c440d1387af7092dd31c0104
-
SHA256
bd55e0976da9f9e676f5b8387c81a90354b98ac58444058d2244a670e40696ec
-
SHA512
c62c817b1a5760e196823f8703dbbe38d10d850bb2ab4bfe895d7a15fb8661046fb9aac2ba9ab274c6ccc978875f4abe43665bf62cf748e40d368592287f6e44
-
SSDEEP
98304:QB9mXX5UXymphSodFQnMVJ34CUcg4MBOxymRrJBcnJJH3LyeV05:QcLx4VrU3BOxpiJt3OCS
Static task
static1
Behavioral task
behavioral1
Sample
Security.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
Security.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral3
Sample
Security_x64.exe
Resource
win7-20231129-en
Behavioral task
behavioral4
Sample
Security_x64.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral5
Sample
Setup1.exe
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
Setup1.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral7
Sample
hh.exe
Resource
win7-20240215-en
Behavioral task
behavioral8
Sample
hh.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral9
Sample
mssecsvc.exe
Resource
win7-20240319-en
Behavioral task
behavioral10
Sample
mssecsvc.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral11
Sample
qeriuwjhrf.exe
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
qeriuwjhrf.exe
Resource
win10v2004-20240412-en
Behavioral task
behavioral13
Sample
tasksche.exe
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
tasksche.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
Security.exe
-
Size
36KB
-
MD5
60db5cf12466686bb2821e3ba73c7694
-
SHA1
eb0fcee4f66277a54c33be051f85cc52f0536672
-
SHA256
c3c1d7ac3fbf75fb19f985db3fa16052b116db2a5321ad5684de19786df1bf7c
-
SHA512
7695c9f9375a23c4380ef7a9b8e12493c5ebe2f0a545ec5169e3ff8141f1dfdd6d033f2ac305e0f368bc665feb71824fbfa2cf1f7365d389aef1296a72446087
-
SSDEEP
384:LNTh3Aenf27SkCdyNTjDCLC9g6AyOdremo:L9Oke7SbMFHAj1emo
Score1/10 -
-
-
Target
Security_x64.exe
-
Size
39KB
-
MD5
4e32170d477b8ecb8a386560b2fc7633
-
SHA1
56165e507ff09941e74c9021050f635bf183face
-
SHA256
7589cde60b0cee04082b44334e53d973b0035f91ca6a5342ee009c3f94d3d0d7
-
SHA512
8b3c8e5fd097e61abee7ddaa593f82edfe4dcd4ae8f296168da8df62f35cc4599ee642186a2b1affe212f2504b8f98e102c1f9e86ab169dd73de25f3caf6d470
-
SSDEEP
768:T2tz0UbxPvW6npbdIH597xzqynepcXc6FyW2wpq2v1EOyo5HiayAx:6tXNXRbdIpqIepcM6FD2khtP5Hiarx
Score1/10 -
-
-
Target
Setup1.exe
-
Size
248KB
-
MD5
6c9ca1085414c4b2c0b2fe1fe6c9531c
-
SHA1
2b2531af4d1cafb574b5fea0f1cd8a62032c127e
-
SHA256
19e518f53ee8a1c2954dedeeeb507b331f9bf2e6edda23958fb7aabe38066536
-
SHA512
8408a3c4eb8157af967c9842e0c887b952a97642ef1af73dc11be418ab181eb5b80d379d6f008df2cd7cb01b56249e255527cc4558791cec1c01b97508bab185
-
SSDEEP
6144:ksuMamfDqaBv6xdnG6+hdbHSHqFJJe4XZ/:kS1H+NG6+h5371
Score3/10 -
-
-
Target
hh.exe
-
Size
16KB
-
MD5
3d0b9ea79bf1f828324447d84aa9dce2
-
SHA1
a42c8c2d26980bdfb10ccceb171bcb24900cf20f
-
SHA256
65c2b472d2f5c29b9f3b16ef803a85419c0c0a4088c128c96733584ae4017919
-
SHA512
fdec05e0f144f38a0de29589d5608eda4b34e0ea9f1129107d0e9e3210e8f25077402508477c3894557cab1078a99f0bf50e763a59d8c5775359b0308d3fbd33
-
SSDEEP
192:qgCqKuj3GrAwis6i2Pom1L2g04AbKS7bkz3Dm5GJ1KDJD/sWcqYr:cuj3GrDl60KL2ln7eyI1KD6WcqY
Score1/10 -
-
-
Target
mssecsvc.exe
-
Size
3.6MB
-
MD5
2cb069c56956bb9b6e62d393758d61a7
-
SHA1
220f4451f7ec2de03b482ddcf28c6ecda3e5366f
-
SHA256
0791f5ae5cbeec298082736457292521b23874ae0e77506c4ea12e65e3d2e52f
-
SHA512
13f47349f24593b4a0eb3094e816cf5c4bc826dc9a08c0ec9f5a4a55a17412b59fc6cfb2dcadbe1222c35e6d991e05605bf7db98b53557a2c128e831171babf3
-
SSDEEP
98304:yDqPoO1aRxcSUDk36SAEdhvxWa9P593RU:yDqPj1Cxcxk3ZAEUadzRU
Score10/10-
Contacts a large (3252) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Executes dropped EXE
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Drops file in System32 directory
-
-
-
Target
qeriuwjhrf
-
Size
3.4MB
-
MD5
d59d6d48c3d6e9292c296e557a186391
-
SHA1
7f0916d7befcf929521087cde11b6d94d7331154
-
SHA256
905ad8e2fc1f98ab1e934de1d01d85973291ccadd41c85ba1a7dcc3b2af6ed96
-
SHA512
7b2fc97070ac47e6596cfe0da96b1b1369feeb4ab62af136f172ee306187cee3e04b68b8f786d7b4b4dee49054d53a33cd8048abdc8cba9853b3e119a08ac23e
-
SSDEEP
49152:nQqMSPbcO1INRx+TSqTdX1HkQo6SAARdhnvxJM0H9PAMEcaEau3RCgHADO:QqPoO1aRxcSUDk36SAEdhvxWa9P593RH
Score1/10 -
-
-
Target
tasksche.exe
-
Size
3.4MB
-
MD5
d59d6d48c3d6e9292c296e557a186391
-
SHA1
7f0916d7befcf929521087cde11b6d94d7331154
-
SHA256
905ad8e2fc1f98ab1e934de1d01d85973291ccadd41c85ba1a7dcc3b2af6ed96
-
SHA512
7b2fc97070ac47e6596cfe0da96b1b1369feeb4ab62af136f172ee306187cee3e04b68b8f786d7b4b4dee49054d53a33cd8048abdc8cba9853b3e119a08ac23e
-
SSDEEP
49152:nQqMSPbcO1INRx+TSqTdX1HkQo6SAARdhnvxJM0H9PAMEcaEau3RCgHADO:QqPoO1aRxcSUDk36SAEdhvxWa9P593RH
Score1/10 -