cb97e869fa64eb7c797a1b817f20d63cbd8310a26f4249c5727be2b776c98f16

General

Target

ConfigureDefender.exe
Size

2.3MB
Sample

240427-fa8ezabc29
MD5

9913d5f652dbf25d363ff3d7b5cd1fc2
SHA1

151de1e486bcf572b9334472355f3623ea10b05a
SHA256

cb97e869fa64eb7c797a1b817f20d63cbd8310a26f4249c5727be2b776c98f16
SHA512

7ca70bc1f6b75677ee1f565ca5f22be0224b47f2e7000b82a7b22c8edb0e3306c058bbb67f68ca6a403fae1b6f02d75b6b7f2f0306cc2a814ae0447c0879997b
SSDEEP

49152:XLqgyALphFVTPAb3FbfxPBfV0Esz40BOdo6dPsdjvf3xTZtVYEszl:XLqgyUplPAb3JfxZfV0EUp0PsdjX3xFa

Score

7^/10

upx

Malware Config

Targets

- Target
  
  ConfigureDefender.exe
- Size
  
  2.3MB
- MD5
  
  9913d5f652dbf25d363ff3d7b5cd1fc2
- SHA1
  
  151de1e486bcf572b9334472355f3623ea10b05a
- SHA256
  
  cb97e869fa64eb7c797a1b817f20d63cbd8310a26f4249c5727be2b776c98f16
- SHA512
  
  7ca70bc1f6b75677ee1f565ca5f22be0224b47f2e7000b82a7b22c8edb0e3306c058bbb67f68ca6a403fae1b6f02d75b6b7f2f0306cc2a814ae0447c0879997b
- SSDEEP
  
  49152:XLqgyALphFVTPAb3FbfxPBfV0Esz40BOdo6dPsdjvf3xTZtVYEszl:XLqgyUplPAb3JfxZfV0EUp0PsdjX3xFa
Score

7^/10

upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  cff85c549d536f651d4fb8387f1976f2
- SHA1
  
  d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
- SHA256
  
  8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
- SHA512
  
  531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88
- SSDEEP
  
  192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
Score

3^/10
behavioral2
- Target
  
  $PLUGINSDIR/nsRandom.dll
- Size
  
  21KB
- MD5
  
  ab467b8dfaa660a0f0e5b26e28af5735
- SHA1
  
  596abd2c31eaff3479edf2069db1c155b59ce74d
- SHA256
  
  db267d9920395b4badc48de04df99dfd21d579480d103cae0f48e6578197ff73
- SHA512
  
  7d002dc203997b8a4d8ec20c92cd82848e29d746414f4a61265c76d4afb12c05bce826fc63f4d2bd3d527f38506c391855767d864c37584df11b5db9ca008301
- SSDEEP
  
  384:LCHDPMs4GdtyO5roguusMxUXiO3wOw95euooP2UgKbd9BvNtf:LCHD6Gh87MKXil/5r2U3z
Score

7^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral3
- Target
  
  $_0_/ConfigureDefender_x64.exe
- Size
  
  1.8MB
- MD5
  
  0f8ee39a0e3662205aa268c9a44f694f
- SHA1
  
  56271747a560ae2f2af08bd5fafd3e404baf21c2
- SHA256
  
  5b431d9be209a84b0e6c366bb676956c5e2b6a6b8d9d525a062b1931f4f30aad
- SHA512
  
  a43249ef57533c2f509470775a82729a3de9f06ce8d22571afb1e7057c7560880e13c967d16f74a5b430d41d6289c98b382afcb89a3e839b1788de24af826a76
- SSDEEP
  
  49152:5G00SSgCmP/ZwYj48a0vjPebNJb3xxLtVgEsz5:5JnZwQrPebNl3xVtVgEU5
Score

1^/10
behavioral4
- Target
  
  $_0_/ConfigureDefender_x86.exe
- Size
  
  1.7MB
- MD5
  
  7e5192a68a3e5c8827dc8e34e6e1541d
- SHA1
  
  ae8462a14e8c194c3f545ce0084be52e705db94a
- SHA256
  
  0aa5287900a1c02cacb0133d5c7cd6dd22b98339d87f5e936d48eb5a6d7baac1
- SHA512
  
  6bca7264070ce31232cd3b07f715a313f66d74c134868c0316af5e3ff8e52b98ca2fd60912a8fe82c236dcd99f23398584c881bf9d9f8a6e11af4670f7a5977a
- SSDEEP
  
  24576:BCdxte/80jYLT3U1jfsWabikPe7HNwmas3xT1AKtH1DkEsz3WQs:gw80cTsjkWabNPebNJb3xxLtVgEszRs
Score

1^/10
behavioral5

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

ACProtect 1.3x - 1.4x DLL software

Executes dropped EXE

Loads dropped DLL

UPX packed file

AutoIT Executable

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5