ae5b66322e5a7c26ad21ccc556bdc1618796166565d2939142c5aa3d76c38ace

Sharing

Copy URL

Twitter E-mail

General

Target

parsec-windows.exe
Size

3.9MB
Sample

240501-sb844she7z
MD5

01ef58e7c144c701b2ea01cfc049dbe4
SHA1

2f572accb519096c9ea805812ba53703c16cceea
SHA256

ae5b66322e5a7c26ad21ccc556bdc1618796166565d2939142c5aa3d76c38ace
SHA512

434fd6d4eb49669617da3a15c2239a2cf524624cc4fcf9f09d8bb78a40ddf2dc5e70105e6708ce7643448f3176301edd64a9b71244c179a836119532d7dd69a6
SSDEEP

98304:QsSoMQnPLeMNCvYa59QKS7XnqSsAVlsX4pIDmjjcrhm2NGbUU:QsSByeMj04VlslQsm2NK

Score

8^/10

discovery

Malware Config

Targets

- Target
  
  parsec-windows.exe
- Size
  
  3.9MB
- MD5
  
  01ef58e7c144c701b2ea01cfc049dbe4
- SHA1
  
  2f572accb519096c9ea805812ba53703c16cceea
- SHA256
  
  ae5b66322e5a7c26ad21ccc556bdc1618796166565d2939142c5aa3d76c38ace
- SHA512
  
  434fd6d4eb49669617da3a15c2239a2cf524624cc4fcf9f09d8bb78a40ddf2dc5e70105e6708ce7643448f3176301edd64a9b71244c179a836119532d7dd69a6
- SSDEEP
  
  98304:QsSoMQnPLeMNCvYa59QKS7XnqSsAVlsX4pIDmjjcrhm2NGbUU:QsSByeMj04VlslQsm2NK
Score

3^/10
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/ApplicationID.dll
- Size
  
  196KB
- MD5
  
  a858c1a57e32485505b1977cf0a125be
- SHA1
  
  25d86c4b51f7cc10fc70e3a0493a39c4460cc350
- SHA256
  
  1462a072345e86318b981089b08b613a34027ddf527bfb66606c683f218fc3b4
- SHA512
  
  32b597fc2412a9407fd12ac77c556ff9740f1dd0d2055426d11a7baf21b09c536a84cfb97865b4e94168656514e7ce71eb2bc4122aa340100f4ce483bad1722d
- SSDEEP
  
  3072:2pBNN6AmU9cDlKd3P6V9nSm49WTgKg4Fa1V3FuXRAuAg0FubA9cVsL+73:2pzxmQ3yL+9MgKbxAOEXY
Score

3^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  cff85c549d536f651d4fb8387f1976f2
- SHA1
  
  d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
- SHA256
  
  8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
- SHA512
  
  531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88
- SSDEEP
  
  192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
Score

3^/10
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  6c3f8c94d0727894d706940a8a980543
- SHA1
  
  0d1bcad901be377f38d579aafc0c41c0ef8dcefd
- SHA256
  
  56b96add1978b1abba286f7f8982b0efbe007d4a48b3ded6a4d408e01d753fe2
- SHA512
  
  2094f0e4bb7c806a5ff27f83a1d572a5512d979eefda3345baff27d2c89e828f68466d08c3ca250da11b01fc0407a21743037c25e94fbe688566dd7deaebd355
- SSDEEP
  
  96:o0svUu3Uy+sytcS8176b+XR8pCHFcMcxSgB5PKtAtgt+Nt+rnt3DVEB3YcNqkzfS:o0svWyNO81b8pCHFcM0PuAgkOyuIFc
Score

3^/10
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  7KB
- MD5
  
  675c4948e1efc929edcabfe67148eddd
- SHA1
  
  f5bdd2c4329ed2732ecfe3423c3cc482606eb28e
- SHA256
  
  1076ca39c449ed1a968021b76ef31f22a5692dfafeea29460e8d970a63c59906
- SHA512
  
  61737021f86f54279d0a4e35db0d0808e9a55d89784a31d597f2e4b65b7bbeec99aa6c79d65258259130eeda2e5b2820f4f1247777a3010f2dc53e30c612a683
- SSDEEP
  
  96:J9zdzBzMDByZtr/HDQIUIq9m6v6vBckzu9wSBpLEgvElHlernNQaSGYuH2DQ:JykDr/HA5v6G2IElFernNQZGdHW
Score

3^/10
behavioral10 behavioral9
- Target
  
  parsecd.exe
- Size
  
  454KB
- MD5
  
  62beb668110b4c5ddad09bb20d921cb6
- SHA1
  
  f3706372c01d1e607ff8c605307de6ef2c26c1a4
- SHA256
  
  6f1be9e26e403a885cc3b1ff0e4dbecbc96c0821119d25990c3e211564f215d5
- SHA512
  
  8994c3f1c78b0a816ecf30e463af8d6ddfd0a0ce7b962cbf13e9bbd360d37a024b8ee69c76745f4c332a4786dbfb9216667b1d03c32c60a7c06e85359a2186ee
- SSDEEP
  
  6144:rkdyuNAbS9p400tm61bXdCwx+3y6kR1DnjvGms7X5od0:rkUuNAbS9p9cx1rdCwh6+/+msjmd0
Score

1^/10
behavioral11 behavioral12
- Target
  
  pservice.exe
- Size
  
  408KB
- MD5
  
  46cd3fc327af9109bd143ba7f16df397
- SHA1
  
  53d2a6bcf0d21168050b852e287c2ef62f52f909
- SHA256
  
  5a699a165838c739e449ac19a52e0a05b841bcee1a27f7d348f0dd04c8e277a3
- SHA512
  
  d6e35f0dd4f6ef259dd7040d80cd469f27eb460836a4c767d40678ce82b46ce4c38b329c0cf3b41236cea2f0333f94669cfbef05ef484d91035f52ad4c1a5ca3
- SSDEEP
  
  6144:qaoZkv+B1x9heMY32Z4iZDzDJGjvGms7X5Hm:4Zkv+B1x9cMu2ZzS+msjZ
Score

1^/10
behavioral13 behavioral14
- Target
  
  skel/parsecd-150-93b.dll
- Size
  
  3.3MB
- MD5
  
  1ff3e1349edd37a206a97943731045c4
- SHA1
  
  6d1cfc0c0b26191385cb27149433e743b74d479a
- SHA256
  
  b43debe8105cfd4e2c8f81599497ad4ad38640f19a64f9e530e7d2f64662bf6d
- SHA512
  
  80f91692c22587e76e26c7ca38b267493d4598bce75e284b3fef4ef03c64ef8ba91d67bb7be2bddd9624e4aa52a67bdeb4b5eac3a86a31529bb18c44f5824fe6
- SSDEEP
  
  49152:UWvLIUXeaP9CAYaXaAndGk4L8jTMFv43/ruceDSbsRCy9uzY9eQoYVe0OUrVxkov:0I0jNdLrpEeD+vqBlMe
Score

1^/10
behavioral15 behavioral16
- Target
  
  teams.exe
- Size
  
  342KB
- MD5
  
  faa24223985abfbf64e4ddcd43f062d3
- SHA1
  
  e1374dc7c98405efc5a44aa3229b97eabdd69bb2
- SHA256
  
  6dc71b2e92b770dcfeca4a32c8f1787210311f731f1124754df193ec22d5d13e
- SHA512
  
  23324afcb51508f5ea3f120a5787b150a8226d677c5a55fef219674b4d619fd0d7300d2b4cad917864d5f54788b9c8546db2a77aa4f0d666a956014169c4a6c9
- SSDEEP
  
  6144:GAR9duE83BYjyEbU1SDgFg8EwkSdbAxD22y6jvGmp:H9gp3WjyEbU1SDAgJw40c+mp
Score

1^/10
behavioral17 behavioral18
- Target
  
  vdd/parsec-vdd.exe
- Size
  
  505KB
- MD5
  
  4b9a3048286692a865187013b70f44e8
- SHA1
  
  eefe91d9702314341acccd828fe4edb6ee570d7b
- SHA256
  
  e23332448fdaf5aa017cb308db5ef6855fac526a7ded05d80c039404126d5362
- SHA512
  
  a38b9a0a1626d9f40ff2c718717a793108c7e773b25493cc53c595e6b9840cc4de66587549f43ce00569b368834327184a90d55da3c4ae0e269e1d0edef6238d
- SSDEEP
  
  12288:QbLQNEFqf6MouZQqdF9zuAkDjdCjXHSZz2AKhAOYYA:QbUNEFKXrZ6ZjdFZxKhAOYv
Score

8^/10

discovery
- Drops file in Drivers directory
- Drops file in System32 directory
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  cff85c549d536f651d4fb8387f1976f2
- SHA1
  
  d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
- SHA256
  
  8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
- SHA512
  
  531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88
- SSDEEP
  
  192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
Score

3^/10
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  7KB
- MD5
  
  675c4948e1efc929edcabfe67148eddd
- SHA1
  
  f5bdd2c4329ed2732ecfe3423c3cc482606eb28e
- SHA256
  
  1076ca39c449ed1a968021b76ef31f22a5692dfafeea29460e8d970a63c59906
- SHA512
  
  61737021f86f54279d0a4e35db0d0808e9a55d89784a31d597f2e4b65b7bbeec99aa6c79d65258259130eeda2e5b2820f4f1247777a3010f2dc53e30c612a683
- SSDEEP
  
  96:J9zdzBzMDByZtr/HDQIUIq9m6v6vBckzu9wSBpLEgvElHlernNQaSGYuH2DQ:JykDr/HA5v6G2IElFernNQZGdHW
Score

3^/10
behavioral23 behavioral24
- Target
  
  driver/mm.dll
- Size
  
  169KB
- MD5
  
  f09967cc8cc9bf03612ddecb6bf86daa
- SHA1
  
  166f8e3000b6a1e2b13b46e85b7559b9837b9aa7
- SHA256
  
  96db6ae2f950b56e52be3e68f92893afa94645eae09fea2abd5dd1985758150a
- SHA512
  
  190d2edea81c42a2d7a5bc69cb98f03368e702a5fcb3fc1dcd4e9c387687bab542e4b0e5de67292e8b8a7efed7fd9e30d1efdd35bcdfea28417de71db0e13864
- SSDEEP
  
  3072:3zx0G2cnU93aR9bN9m3KUrru7qqybewIvUZdRfCzzr/:3zS9w9m3KUHAVvUZWXz
Score

1^/10
behavioral25
- Target
  
  nefconw.exe
- Size
  
  574KB
- MD5
  
  e9f2bc8c82ac755f47c7f89d1530f1a1
- SHA1
  
  7ce5938c4b8a3eb4de49f7a7e34972f5f2acfcb5
- SHA256
  
  cf746d1b0bbb713993d4a90dccd774c78d9fff8c2ba5a054b6c8f56c77e1eee1
- SHA512
  
  86ed0a391d22631da9bdc7eb9cb096ba4de4c6619c6c4326030cb03d196b63e5aa156bac264a48d5b4cda7401844a3b5050259b41859d32e0c4d39b96913c2ce
- SSDEEP
  
  12288:o27GX/DYwTLMcdMcYsWpP86/6L94gsleElgEo0JFoG:o27GX/DYwTLMcdMcYtF8S6L94gslbOED
Score

1^/10
behavioral26 behavioral27
- Target
  
  vddinstall.bat
- Size
  
  420B
- MD5
  
  ee1bfb5ccbb3949e3258155e141a68a5
- SHA1
  
  b79dd1e75e3e7acd8d21d7b17c86673a6c6383d9
- SHA256
  
  1e7c35eb6c296f96aee5ae4bbbd40395e8019bde95ef9bef91260dd8ef03c6d1
- SHA512
  
  b37d680f5dab52536926c718eb1b4c1f0e78552c061756f998e3a3ccb2dc4fbea15dd1a4b181646a68a2987a22ce225c185c2ef2bb1d10a70c780ada8cf9f9aa
Score

8^/10
- Drops file in Drivers directory
- Drops file in System32 directory
behavioral28 behavioral29
- Target
  
  vdduninstall.bat
- Size
  
  272B
- MD5
  
  fbc8d5e19f89dffccd165f44abf114b4
- SHA1
  
  a07501ea396a4e29654352cf8ed71c7819109e5d
- SHA256
  
  8f503e40a32959d9d2ee5a9e2a3da627f6ed158e6c87c47ef17f1e5d74f47b9a
- SHA512
  
  08739f57b74ea457f505d416c5cc6c50539343ee33e80d76b95ca1a9b8760eaef9e97712a5824d8c22a7287c819149a6b60e6a08511e292cac71ef064ad168f6
Score

4^/10
behavioral30 behavioral31
- Target
  
  vusb/parsec-vud.exe
- Size
  
  885KB
- MD5
  
  2d009d446a0ba83ec2f12242f7ed126c
- SHA1
  
  7e5346787e8950a8b3f17fb3f527e0f80055f059
- SHA256
  
  436088a5eb416935d7bd452e4e53123c2e65b737eab7d98ebe1913618f95e61b
- SHA512
  
  1a3e761f5cb3ad8b4979d60d197ab5ff75929408ddb065080d687be02a33058a953dfcb8f01e5b87332fe54cf578bed191122e57bb2f0d2fcf7a6874dfaf8a57
- SSDEEP
  
  24576:Ib45b9QaRG2zB9aKXrZ6bcmH0q8qHFael5:CsuWGcjLzmUaHX
Score

3^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Drops file in Drivers directory

Drops file in System32 directory

Drops file in Drivers directory

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32