d3b861fab82e305bc0ed504731aa44fbe4717ef1536c7e7a3049b722d95e4c12

General

Target

krampus.zip
Size

2.4MB
Sample

240506-162brage68
MD5

a6ff8476134d69ac2805e9fe6fc8a00d
SHA1

474821d771064683c3fb243b4ab36b3907b3d423
SHA256

d3b861fab82e305bc0ed504731aa44fbe4717ef1536c7e7a3049b722d95e4c12
SHA512

90f3070e11432194661fffb566526c5bd02d6dfa5daefd8e9f23b5d8ea46fb5e2a06d60385edcd4f93fe401d696f642dea21fb5686e426b37aff44ede417192d
SSDEEP

49152:yWRN8FlMWhpRkI91qIQ855/rMIzpwpibr5K6Rb2zAlosZ3QQw0Nlzwpp:yWRmFlMELkI3FzMIzpwpiRKQbjG0r5Ns

Score

8^/10

execution

Malware Config

Targets

- Target
  
  krampus.zip
- Size
  
  2.4MB
- MD5
  
  a6ff8476134d69ac2805e9fe6fc8a00d
- SHA1
  
  474821d771064683c3fb243b4ab36b3907b3d423
- SHA256
  
  d3b861fab82e305bc0ed504731aa44fbe4717ef1536c7e7a3049b722d95e4c12
- SHA512
  
  90f3070e11432194661fffb566526c5bd02d6dfa5daefd8e9f23b5d8ea46fb5e2a06d60385edcd4f93fe401d696f642dea21fb5686e426b37aff44ede417192d
- SSDEEP
  
  49152:yWRN8FlMWhpRkI91qIQ855/rMIzpwpibr5K6Rb2zAlosZ3QQw0Nlzwpp:yWRmFlMELkI3FzMIzpwpiRKQbjG0r5Ns
Score

1^/10
behavioral1
- Target
  
  krampus/krampus/Loader5.4.exe
- Size
  
  5.4MB
- MD5
  
  852ac135a3723323566a0c226128913e
- SHA1
  
  49bfbcf275e5cbdc1bb838bd497fb5a32727c2a1
- SHA256
  
  07f15b10ba58970acf83de539bc55c726c1cab3c6ee872d4172a1070c983e306
- SHA512
  
  c0928b9de4c2b8bea188dc1ebbecc76000f3e2aff29fe450ec88de5d28764272f2692e48c761e27113a9617f0210cf9a50cf8c44087a140dcad3f8ace65b4a2c
- SSDEEP
  
  49152:dXBlVZgljh/jCY7894a1DTMqX/akC6lXVkjU9jD5EHsho/CSymeI7++k604TxNB/:5FlY7AgoC6l/Ert7BLQecp
Score

8^/10

execution
- Command and Scripting Interpreter: PowerShell
  Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.
  execution
behavioral2
- Target
  
  krampus/krampus/READ ME (ro-exec).txt
- Size
  
  1KB
- MD5
  
  1f9c507519361f7b7cc8fc3d66212a68
- SHA1
  
  6119fef9df683505e941aeb6ea425c4247d388b7
- SHA256
  
  6b8772efbde31f7905ea54ddf51e4d8e3cb7ea49763215fa8cab88357885d9ff
- SHA512
  
  c0193bd5e43650fe5fed86ebe6329c903e5c820629826447c033d2b561ccca9f912a1663d8379d9cbb732691b4c65160f6a3d4eff996f6fff86d0ea41b7c3922
Score

1^/10
behavioral3
- Target
  
  krampus/krampus/README IF DOSEN'T WORK.txt
- Size
  
  230B
- MD5
  
  1f9bb52804593257612f822f47773403
- SHA1
  
  7e565a650accf004cf0a5661fa6098d16d09fbe5
- SHA256
  
  bd53d1a88482535f013ec246c40c79a795141bcd41cba6820340f585fa9b1796
- SHA512
  
  06054080ed75cb5a32467bb8e8659242ef6968b89c72cecd60841e592eb93f7ef0271102826eb2c90c058a36b7ebd3fa9b9754659d3674a8317a25ffd6a27a85
Score

1^/10
behavioral4
- Target
  
  krampus/krampus/backup.zip
- Size
  
  22KB
- MD5
  
  9b89aadbad03a6808ff6c5f24ee58466
- SHA1
  
  6eb9940bb7510cac5d9e88585a24ac71c6ff7000
- SHA256
  
  1f0973e75b0e859028c3793418b40430a2eaa54ab08506607177db4c769c5930
- SHA512
  
  230cc216bcfd5eda4a6a99b4b8f1f7306b39bceeebb5c5fac664650221c3472be98188dd0bc5a52b4506cec81c8ff44e093e9a3fcf0c6d23051669f8b7ffddb4
- SSDEEP
  
  384:S/It0+C+eTo9doqEsACmZWXo/KNhArDWOA7eJiEBmC8nBwxJhbSDGZ:x++Jio9doqZrmWXtGmveEEMC06XhboA
Score

1^/10
behavioral5
- Target
  
  krampus/krampus/ezdebug.png
- Size
  
  49KB
- MD5
  
  654dfa5c392f08728a7acc79587ecdd1
- SHA1
  
  56a1abc7ac86e7275c8fac870700417d724c66ea
- SHA256
  
  65792581029de7e992a20f67e1ebca3031c258e743f0f6f0f29d60f880573c32
- SHA512
  
  2c30c6972686a03e6c5fc89a024eaf3ceeb81b1fd8c19e2f8c652effa4e1e0e7171dfe1d17f95ad2e623ce5dfd80242489ffb3294f1928382ebae41ce764abb7
- SSDEEP
  
  1536:kNfMc6jr372U55shDVmWcEaOH5UWRxrL5PYpBv:kNf67glVmWcz+7RxZYpR
Score

3^/10
behavioral6