12c8a9ab93649f8c75399b6b96f4c54e7454cd0eaa25090dc53c223788c85222

Resubmissions

25/04/2024, 20:51

240425-znevcsef79 3

25/04/2024, 20:47

240425-zla4dsee5x 7

Sharing

Copy URL

Twitter E-mail

General

Target

AimmyV2.1.5.zip
Size

51.5MB
Sample

240425-zla4dsee5x
MD5

5f253f81377176b9091ae669acd1451c
SHA1

ac69f0836b4f07292f026abd64097c48bee33139
SHA256

12c8a9ab93649f8c75399b6b96f4c54e7454cd0eaa25090dc53c223788c85222
SHA512

ffeb2afa63515d1fbd3d39bb45bfa61ca5f63c858cbf9dcce091e7a97bf5e4791736a6398e483a8c804aea76502214160a53bc0d7b072c437b3a54abd29ae385
SSDEEP

1572864:RZ72Vgh57ip1mJxRBrnEyZINZs0Jb2IGLvKEMRj4:njL78EVzEmmJb2IGzKEf

Score

7^/10

Malware Config

Targets

- Target
  
  AimmyLauncher.exe
- Size
  
  161KB
- MD5
  
  1b61edaed8b5543cd875d3d22a219947
- SHA1
  
  45d0ded1b50b37063f3a0f328d56f676ccb0e519
- SHA256
  
  f9b275cef715b35cd5357b881bf2e62a22a6ea01a46f917cd2c072cdd2b3a18c
- SHA512
  
  668b3ee30fa7b2dd4a8e368f8b8eaae387f0641b2f874984e398a11141f520102568520f4fe27b6cd370b0b927f809073f9080092a413086e6f37a06de785a7b
- SSDEEP
  
  3072:BKta93TRDiicws0MWbs2OJiKF/ODxT5CyV9u2jNI8m5:B2wX7bJ39uyNJI
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral1
- Target
  
  DirectML.dll
- Size
  
  13.4MB
- MD5
  
  7982ce756c6e8c8f6bab62eb1902b714
- SHA1
  
  80f79ef136a8b4866bc7be1669584361b9a0ab23
- SHA256
  
  5ab77cc5db8e1544d386fd28586598317da8dcbef098fb86d8d8a60e739e0e5d
- SHA512
  
  71f9b4d30d41a28de009ddfbe6c9328a905dba6bb83623e14e252a255b641b88307c51754d509bed608a44882c5bfb9502bd1a533162a13d78d45c10140ed2e1
- SSDEEP
  
  98304:h4wQAqtHLRf+ZUSlVtwXgGN0gBl5NZsggKnHvibc0PMkFA9q068ZrS+O9mblF8G:mwzq5RGJlViXNHJsgXc/P1m9q0HNJuG
Score

1^/10
behavioral2
- Target
  
  TotallyNotAimmyV2.dll
- Size
  
  6.9MB
- MD5
  
  a95cacbb2a6540d97b99c5df61cb5196
- SHA1
  
  3949201761754ba240d846b36474f1ca2caebb9a
- SHA256
  
  147c739bfecbe74fc1b8e30dfc68b99214160aef76e1b42a360d3a1641b81f91
- SHA512
  
  5e080f7e7ec8159471b95766433c3239b93ed7259a5ecb3bc122621c7e589a322c08be19fbbb2b16329325286348fcde67b1432e33d6e0822972ca4d88eb554d
- SSDEEP
  
  98304:YHFl2w8cuNdWqX/ItGhbIC8LKVBBRHnZs3gP8i+FbiQZfrkE2N10PHRed9jqjHRl:88cuzd4H2VBBRHsfkUfH2kIkdmt5Ti1
Score

1^/10
behavioral3
- Target
  
  TotallyNotAimmyV2.exe
- Size
  
  139KB
- MD5
  
  3d729e9b4df34ddb7ddafe78a01b71eb
- SHA1
  
  2f01d3349288f33a5e50c1d779b27ea65f753249
- SHA256
  
  b48997a06687cbe6dadae5ab45884feadd5921f5fe6f79df810c492557669406
- SHA512
  
  bb476a263e2f29628801826c4f5869424133f26921262a98d399240cc6701519ad7337875adb2fa37f7dec122ec832195d0ea6216022646f61fc735528be5875
- SSDEEP
  
  3072:ZiS4omp03WQthI/US3BZC0EiRQ1G78IVn2tbSkcJB8ltt:ZiS4ompBUS3BZC0C1G78IVEcnct
Score

1^/10
behavioral4
- Target
  
  onnxruntime.dll
- Size
  
  13.1MB
- MD5
  
  b6fc1a8f648448de0bd61a0e9acda2df
- SHA1
  
  867ee3a88770d3980ffa8e38305d06efc7260ca9
- SHA256
  
  e268219a33cf3898c16ae364efc79a4a656c87d2ee67fd872b079aca769fd97e
- SHA512
  
  9349d8272d66cfe9d98155166deac902be87283e1fd442001a789d3ee9bdcfd4c0f53d26c158c7baa7f81f4d951b3fcbea5f8e21eb753505dfd57d172bedd479
- SSDEEP
  
  98304:DeNXISQ2bTVcsM9mYx1ylJYZFMKUQN/Bj9:DeNXaGVc7my1sYVUQl
Score

1^/10
behavioral5
- Target
  
  runtimes/win-arm64/native/onnxruntime.dll
- Size
  
  13.2MB
- MD5
  
  5221b559bca1f0cdbdbef26aeb9fafa4
- SHA1
  
  2740cef67a376495da642f6e9fb83ee42bff1de7
- SHA256
  
  b226fc6f6cb857eeeefb96c05cbcf286a1c2d30f45249e8424b07e49f6ab6b79
- SHA512
  
  f6105fd8a0e6009756b02294d5b25addba516f87ffbcbb6ee04c6d6a5f0417ffa37a57b323036a5b0b41ecb21f947c75b2dc4750735c1b5c18e76398159b94fc
- SSDEEP
  
  196608:w/xiCjAkQmL7te/oVlQOxEkikJg3jxXJEfxySW9IqQuNJbQbNR9sMZelsEXlg:w/x3AkRL7te/oCGuNJbQhR9fZelsAlg
Score

1^/10
behavioral6
- Target
  
  runtimes/win-x64/native/onnxruntime.dll
- Size
  
  13.1MB
- MD5
  
  b6fc1a8f648448de0bd61a0e9acda2df
- SHA1
  
  867ee3a88770d3980ffa8e38305d06efc7260ca9
- SHA256
  
  e268219a33cf3898c16ae364efc79a4a656c87d2ee67fd872b079aca769fd97e
- SHA512
  
  9349d8272d66cfe9d98155166deac902be87283e1fd442001a789d3ee9bdcfd4c0f53d26c158c7baa7f81f4d951b3fcbea5f8e21eb753505dfd57d172bedd479
- SSDEEP
  
  98304:DeNXISQ2bTVcsM9mYx1ylJYZFMKUQN/Bj9:DeNXaGVc7my1sYVUQl
Score

1^/10
behavioral7
- Target
  
  runtimes/win-x86/native/onnxruntime.dll
- Size
  
  11.3MB
- MD5
  
  c729f190fc5e167957b6b2b5161c9311
- SHA1
  
  7bff0b54c05c1f12e317e115551be239296a902c
- SHA256
  
  9aac6501125a2d3c32d0fb9595c94e373038b162fca46207dd161645e09ed920
- SHA512
  
  2d250cb0cb0c842a8b616e8539ba71822535915fa089b2f5ae95aec2eb4a9d689f1a1ee86e1eeb14797e8b5e49c107208ff03ce897fb4d3b33d70492812f1a79
- SSDEEP
  
  196608:8wkiQfuSJkmK8Lkciy8G+4EEhWTIP2jv1b8gVhTIRhHQldBTlaCoAEO1CtUPC2k+:8aQfuSJKciy834EEhWTIP2p8gVhTIRB2
Score

1^/10
behavioral8
- Target
  
  runtimes/win/lib/net8.0/System.Management.dll
- Size
  
  304KB
- MD5
  
  e1422b4c04b923dcfe00a55290dc18a6
- SHA1
  
  0609ecde6bc8a87f88bc32b98d19800ff19529b6
- SHA256
  
  b2d6e7e991dc9ef154b29f4966f04fd8ed4ebb2c1d1242ea1d5f3e90f8ae5143
- SHA512
  
  297f54fceeb0cde17745323e7c41fea830a376fe9c3cf92a692c48199c0a05f1533a3045fd9c6d21352d084aa9ccec7b6cf630c7df49b52ed4025ae156509a7c
- SSDEEP
  
  6144:9q4+FutZbJcMFEG3LbPhmlmsUwHdYhJkXUXewcn:j+FutZbJcMFEG3/KmFwHdKIUXmn
Score

1^/10
behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Checks computer location settings

Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9