2afb5303e191dde688c5626c3ee545e32e52f09da3b35b20f5e0d29a418432f5

Sharing

Copy URL

Twitter E-mail

General

Target

processhacker-2.39-bin.zip
Size

3.2MB
Sample

240415-tt68xada7w
MD5

b444cf14642ce9b8d75e079166a5df0b
SHA1

8e8f8423d163d922242b8b7d85427664f77edc97
SHA256

2afb5303e191dde688c5626c3ee545e32e52f09da3b35b20f5e0d29a418432f5
SHA512

915b9f7c0b1374ce52fa9653ba1084741d15ff79dbb7c04d2a0f41eea8262b2f556d451bf9eefbd2d32831289908b6a1b39ce2cbcafbbfc4ae6e71d701b1aa81
SSDEEP

98304:jDqt5TrOmlLB/7rTOqcXfOzJR1qioDLK2EbhQ:3sTrHlB73OqX4ioDfshQ

Score

3^/10

Malware Config

Targets

- Target
  
  x64/ProcessHacker.exe
- Size
  
  1.6MB
- MD5
  
  b365af317ae730a67c936f21432b9c71
- SHA1
  
  a0bdfac3ce1880b32ff9b696458327ce352e3b1d
- SHA256
  
  bd2c2cf0631d881ed382817afcce2b093f4e412ffb170a719e2762f250abfea4
- SHA512
  
  cc3359e16c6fe905a9e176a87acf4c4ed5e22c29bfca11949799caf8442e00ec0d1679b3d8754dbc3e313528d3e8e82c0ec1941e2c3530b48229c1cb337f6b8b
- SSDEEP
  
  24576:V7eokafnkAwgcU+29fR4PQviXq1pj3EDT5m+m8I:V6efnkdlUF92PGBOT3m8
Score

1^/10
behavioral1 behavioral2
- Target
  
  x64/kprocesshacker.sys
- Size
  
  44KB
- MD5
  
  1b5c3c458e31bede55145d0644e88d75
- SHA1
  
  a21c84c6bf2e21d69fa06daaf19b4cc34b589347
- SHA256
  
  70211a3f90376bbc61f49c22a63075d1d4ddd53f0aefa976216c46e6ba39a9f4
- SHA512
  
  0d7abcc792127c37d6af58ec5b900c1754d02913794fcf37d92c400d3a9eb8981f6aa5515e48fa8fc11ac0eb51c1da260d7defc0e60b21de70a4e58413c296fb
- SSDEEP
  
  768:ZkCOeX2Yg5KY6VgQqdzfVJdf/aEB2zBdZp0IfKg589z1hEn:nzn68BaIfRn
Score

1^/10
behavioral3 behavioral4
- Target
  
  x64/peview.exe
- Size
  
  229KB
- MD5
  
  dde1f44789cd50c1f034042d337deae3
- SHA1
  
  e7e494bfadb3d6cd221f19498c030c3898d0ef73
- SHA256
  
  4259e53d48a3fed947f561ff04c7f94446bedd64c87f52400b2cb47a77666aaa
- SHA512
  
  33060b907c4bc2335328498aac832790f7bc43281788fa51f9226a254f2e4dbd0a73b230d54c2cde499b2f2e252b785a27c9159fc5067018425a9b9dbcdbedbc
- SSDEEP
  
  3072:/U30KmLQQMpQZxRjsMUni4nuWKz+OHPKVgW9G0tpLmSlbJY/i:/UbmEQMp4TVtW0+Ovh
Score

3^/10
behavioral5 behavioral6
- Target
  
  x64/plugins/DotNetTools.dll
- Size
  
  132KB
- MD5
  
  b16ce8ba8e7f0ee83ec1d49f2d0af0a7
- SHA1
  
  cdf17a7beb537853fae6214d028754ce98e2e860
- SHA256
  
  b4cc0280e2caa0335361172cb7d673f745defc78299ded808426ffbc2458e4d9
- SHA512
  
  32de59c95d1690f4221b236376e282c8be1bb7f5d567592b935dcd798b36b80e86da81741c5845fa280386f75f6eafc9bbd41035362984150b134d24aede61eb
- SSDEEP
  
  3072:OkF+ncOyiGt9KQ130WlLJydacG3EkLLFjSeB:Oi+WH130U/
Score

1^/10
behavioral7 behavioral8
- Target
  
  x64/plugins/ExtendedNotifications.dll
- Size
  
  140KB
- MD5
  
  be4dc4d2d1d05001ab0bb2bb8659bfad
- SHA1
  
  c0ed9e375b447b61c07c0b00c93bb81c87bcfc2e
- SHA256
  
  61e8cd8de80a5c0d7ced280fe04ad8387a846a7bf2ee51bcbba96b971c7c1795
- SHA512
  
  31389e268fe3bf1175fa3c251ca026f77dc59361b8425c9826f31d18c5174e6de68c6092aef187f2bd2c92d89b3093a660b2fe6189af369293c1117c856b5cdf
- SSDEEP
  
  3072:ucUs2pkSTVRC6//SZDTWeEd1D6gyqAnr6rw8N9TZof:ua2zRC6ncXWl4
Score

1^/10
behavioral10 behavioral9
- Target
  
  x64/plugins/ExtendedServices.dll
- Size
  
  136KB
- MD5
  
  4858bdb7731bf0b46b247a1f01f4a282
- SHA1
  
  de2f9cbcec1e1fa891d9693fb3cadfdd4cfe1f60
- SHA256
  
  5ae7c0972fd4e4c4ae14c0103602ca854377fefcbccd86fa68cfc5a6d1f99f60
- SHA512
  
  41b39560e15d620733ca29dc37f55a939a653f99686ac86643ccc67fbb807ad95d1996b867319d98506f3b8a30772fff3c3317bbcc205987f48031923f674d9a
- SSDEEP
  
  1536:cjYKbIeoRGwasSxZVqHa0fdZ5OiRJjHlcUhzD55DBdisWpZ9dl3K+OL/VfRc2:diLhZCdZ5bHHlcUz5PaNKxjVpc2
Score

1^/10
behavioral11 behavioral12
- Target
  
  x64/plugins/ExtendedTools.dll
- Size
  
  196KB
- MD5
  
  bc61e6fb02fbbfe16fb43cc9f4e949f1
- SHA1
  
  307543fcef62c6f8c037e197703446fcb543424a
- SHA256
  
  f2805e0f81513641a440f1a21057a664961c22192cb33fca3870362c8f872d87
- SHA512
  
  0bbfe53e1dd933a3080d9775ad890fcbd73f9820885efa6b69e9664261249f34eaae3870f74de8511734fc9a0114f36e1bfc529a032d303a8e3e583e37a506c6
- SSDEEP
  
  3072:kahH9o/M+4BoraGA7sYt/zVcfg8Snh/3RFjxabZ67DG3p+DbR17LhY:P0MGraz/zRNh/3RU+72
Score

1^/10
behavioral13 behavioral14
- Target
  
  x64/plugins/HardwareDevices.dll
- Size
  
  180KB
- MD5
  
  a46c8bb886e0b9290e5dbc6ca524d61f
- SHA1
  
  cfc1b93dc894b27477fc760dfcfb944cb849cb48
- SHA256
  
  acd49f2aa36d4efb9c4949e2d3cc2bd7aee384c2ced7aa9e66063da4150fcb00
- SHA512
  
  5a4d2e0fa7a1a14bc4c94a0c144bfbfcef1ecabe4dc15f668605d27f37f531934778f53e7377bab0ff83531732dc15e9fc40b16f2d1f7e925429681bd5bdca73
- SSDEEP
  
  3072:MTvTGn6NTm+vpcUVBrM9mG56i5O6wKPudbCWT08hQPpoM:M/G69bvucA56iA6EM
Score

1^/10
behavioral15 behavioral16
- Target
  
  x64/plugins/NetworkTools.dll
- Size
  
  134KB
- MD5
  
  d6bed1d6fdbed480e32fdd2dd4c13352
- SHA1
  
  544567d030a19e779629eed65d2334827dcda141
- SHA256
  
  476aa6af14dd0b268786e32543b9a6917a298d4d90e1015dac6fb2b522cf5d2e
- SHA512
  
  89362a7b675651f44649f0ea231f039e0b91aba9f84c91545f15e187c6cbd07bbf3648a4e232dfe5122cf5636e67c458f4f7dab49ed4de3f3a303aa396c41d1c
- SSDEEP
  
  1536:mhhDibqaA8T+B++QWWEVGyEYfGup5oGjxNj8DsDdvsWch9dl/6RHyA8E0SHBZmA:ghGbA82+t6GLYfnoGjxp8e+ZB6RSALfr
Score

1^/10
behavioral17 behavioral18
- Target
  
  x64/plugins/OnlineChecks.dll
- Size
  
  222KB
- MD5
  
  12c25fb356e51c3fd81d2d422a66be89
- SHA1
  
  7cc763f8dc889a4ec463aaba38f6e6f65dbdbb8c
- SHA256
  
  7336d66588bbcfea63351a2eb7c8d83bbd49b5d959ba56a94b1fe2e905a5b5de
- SHA512
  
  927d785d03c1ee44b5e784b35a09168978b652f37fb73a1a2eeecd3583c28595fb030e8c1f87ab9a20beac4622775777820d1a2ad7219ba8b9ae8b6fbc4568a0
- SSDEEP
  
  3072:VDy7cjwTlCAlW0InMxf08ZyIjSNVnKJ3HzuoX7o+ThTPD0r7NF4jM9Td2xOdj+C9:Vu71TtInMxf08gI2HnKJDuG73JtxE
Score

1^/10
behavioral19 behavioral20
- Target
  
  x64/plugins/SbieSupport.dll
- Size
  
  95KB
- MD5
  
  37cbfa73883e7e361d3fa67c16d0f003
- SHA1
  
  ffa24756cdc37dfd24dc97ba7a42d0399e59960a
- SHA256
  
  57c56f7b312dc1f759e6ad039aac3f36ce5130d259eb9faad77239083398308b
- SHA512
  
  6e0bfab9ff44f580f302cabd06fc537a9e24432effd94b50ab696b35f57a61772072b7f9045a9e99fa4bf3bc316f43ea25ab6c87517242e7957eb86575203bed
- SSDEEP
  
  1536:Im0GxwvasFsbgkc+kvtRSmgDzxdXsWZr9dlnVrUv0ukc:Im0hasFs8H+kvtRovrTxVrUv0vc
Score

1^/10
behavioral21 behavioral22
- Target
  
  x64/plugins/ToolStatus.dll
- Size
  
  243KB
- MD5
  
  3788efff135f8b17a179d02334d505e6
- SHA1
  
  d6c965ba09b626d7d157372756ea1ec52a43f6b7
- SHA256
  
  5713d40dec146dbc819230daefe1b886fa6d6f6dbd619301bb8899562195cbab
- SHA512
  
  215d6c3665323901d41ae5151908c4e084a04a1558617016f0788194304e066410b92943bd6c119339727037ee02cfda893b9baf5603b2870d9fc5ae0c77ca7e
- SSDEEP
  
  3072:tOHhxKcNnCYBFNFAKIkpgVIgHAuopbQfhVV2aOQE6o0bp94wZOeb299zBw8:UHhrtaV3AuopMMeb21w8
Score

1^/10
behavioral23 behavioral24
- Target
  
  x64/plugins/Updater.dll
- Size
  
  110KB
- MD5
  
  6976b57c6391f54dbd2828a45ca81100
- SHA1
  
  a8c312a56ede6f4852c34c316c01080762aa5498
- SHA256
  
  0c11cdc3765ffb53ba9707b6f99ec17ae4f7334578a935ba7bcbbc9c7bdeed2e
- SHA512
  
  54d8b39457f516d921bb907615ff60a46b6031e1444a443c9657e06d78c9fb0f637ae4756bb7b884e4dca2f55902372ad4ddba1d020abe02e0a381702ae270cc
- SSDEEP
  
  3072:yy8QoSuThifQ0gUmL1lV51hdJFxZ9l1JtB9plRN51hdJFtVpRR5hJt0rsBLsGbOd:ZiYQ5UmBNerF
Score

1^/10
behavioral25 behavioral26
- Target
  
  x64/plugins/UserNotes.dll
- Size
  
  114KB
- MD5
  
  e48c789c425f966f5e5ee3187934174f
- SHA1
  
  96f85a86a56cbf55ebd547039eb1f8b0db9d9d8d
- SHA256
  
  fc9d0d0482c63ab7f238bc157c3c0fed97951ccf2d2e45be45c06c426c72cb52
- SHA512
  
  efdb42e4a1993ee6aa5c0c525bd58316d6c92fbc5cebbc3a66a26e2cf0c69fe68d19bc9313656ad1d38c4aef33131924684e226f88ef920e0e2cd607054a857c
- SSDEEP
  
  1536:0fiz3P6ZDIigvpiwyXtHaGFKNQCf5FlvULnQDCdxNsW99dlhSkkOZ8DCuB8ViFw:3P6Z0iGNyd6Gi7f5/eQExdL1kY8DCurw
Score

1^/10
behavioral27 behavioral28
- Target
  
  x64/plugins/WindowExplorer.dll
- Size
  
  133KB
- MD5
  
  0e8d04159c075f0048b89270d22d2dbb
- SHA1
  
  d0fa2367d329909b6c9efcb3cc2c2902d8cf9b22
- SHA256
  
  282696487ea5dc781788d5d8477b977f72b7c70f201c2af0cfe7e1a9fd8d749a
- SHA512
  
  56440f3feddc124574debfe3789e14d908982d4d8e9516f42fab7db7bcecdd3badd2f75e005016a7b9d87a00d5646b8df722bae8fba3932198babbe5335cf197
- SSDEEP
  
  3072:FrcYzsiPpE70C5FwyJBId/GkWXaVJ32kZ8:Frc0s502FFnS8
Score

1^/10
behavioral29 behavioral30
- Target
  
  x86/ProcessHacker.exe
- Size
  
  1.4MB
- MD5
  
  68f9b52895f4d34e74112f3129b3b00d
- SHA1
  
  c5e2018bf7c0f314fed4fd7fe7e69fa2e648359e
- SHA256
  
  d4a0fe56316a2c45b9ba9ac1005363309a3edc7acf9e4df64d326a0ff273e80f
- SHA512
  
  1cd875f9d0301b14645ea608fe61560a229ee395fa061f32675c3d84e41916998f887278d8497a5e875be22ba8fcbcfcbd878a5e2ed1746dc75430b7aed5fede
- SSDEEP
  
  24576:fsmjNvgp+pxECAucO9iWFT0z7rLuUhFP3MGX:PFgpAiIiWdzUz35X
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32