Overview
overview
9Static
static
3KernelOS-Modules.zip
windows10-2004-x64
1KernelOS-M...64.cab
windows10-2004-x64
1KernelOS-M...86.cab
windows10-2004-x64
1KernelOS-M...64.cab
windows10-2004-x64
1KernelOS-M...86.cab
windows10-2004-x64
1KernelOS-M...64.cab
windows10-2004-x64
1KernelOS-M...86.cab
windows10-2004-x64
1KernelOS-M...64.cab
windows10-2004-x64
1KernelOS-M...86.cab
windows10-2004-x64
1KernelOS-M...64.cab
windows10-2004-x64
1KernelOS-M...86.cab
windows10-2004-x64
1KernelOS-M...64.cab
windows10-2004-x64
1KernelOS-M...86.cab
windows10-2004-x64
1KernelOS-M...64.cab
windows10-2004-x64
1KernelOS-M...86.cab
windows10-2004-x64
1KernelOS-M...UP.dll
windows10-2004-x64
4KernelOS-M...H2.bat
windows10-2004-x64
3KernelOS-M...64.exe
windows10-2004-x64
KernelOS-M...86.exe
windows10-2004-x64
7KernelOS-M...64.exe
windows10-2004-x64
7KernelOS-M...86.exe
windows10-2004-x64
7KernelOS-M...64.exe
windows10-2004-x64
7KernelOS-M...86.exe
windows10-2004-x64
7KernelOS-M...64.exe
windows10-2004-x64
7KernelOS-M...86.exe
windows10-2004-x64
7KernelOS-M...64.exe
windows10-2004-x64
7KernelOS-M...86.exe
windows10-2004-x64
7KernelOS-M...64.exe
windows10-2004-x64
7KernelOS-M...86.exe
windows10-2004-x64
7KernelOS-M...et.bat
windows10-2004-x64
9KernelOS-M...ss.exe
windows10-2004-x64
6KernelOS-M...nd.exe
windows10-2004-x64
1General
-
Target
KernelOS-Modules.zip
-
Size
199.7MB
-
Sample
240516-aa84lsba7x
-
MD5
789dcd2aff73364375ec55011c8517e4
-
SHA1
14f1e45a03cbeb53978175c6140b50febbefcd02
-
SHA256
a09b29748ae4797b934cd854ce01eefc4debe385e7e642e26e035dea7569ff90
-
SHA512
4baeec16888a2df6cf58bff19b0d41272bac1db3d812d4aff4f0adaeb7b6cd6bfcd236c2713a651d7905a64bca9f10fcfd995d9836591e41fe98438397bb6bb8
-
SSDEEP
6291456:t+kd518xpex2BIGZCRvSy71icN702+5rMFV/wSC36D9hp2y6+2:n8xpYGa6Xm/w4FpwSe6D9D2y6+2
Static task
static1
Behavioral task
behavioral1
Sample
KernelOS-Modules.zip
Resource
win10v2004-20240426-es
Behavioral task
behavioral2
Sample
KernelOS-Modules/DirectX/APR2007_XACT_x64.cab
Resource
win10v2004-20240226-es
Behavioral task
behavioral3
Sample
KernelOS-Modules/DirectX/APR2007_XACT_x86.cab
Resource
win10v2004-20240508-es
Behavioral task
behavioral4
Sample
KernelOS-Modules/DirectX/APR2007_d3dx10_33_x64.cab
Resource
win10v2004-20240426-es
Behavioral task
behavioral5
Sample
KernelOS-Modules/DirectX/APR2007_d3dx10_33_x86.cab
Resource
win10v2004-20240426-es
Behavioral task
behavioral6
Sample
KernelOS-Modules/DirectX/APR2007_d3dx9_33_x64.cab
Resource
win10v2004-20240426-es
Behavioral task
behavioral7
Sample
KernelOS-Modules/DirectX/APR2007_d3dx9_33_x86.cab
Resource
win10v2004-20240508-es
Behavioral task
behavioral8
Sample
KernelOS-Modules/DirectX/APR2007_xinput_x64.cab
Resource
win10v2004-20240426-es
Behavioral task
behavioral9
Sample
KernelOS-Modules/DirectX/APR2007_xinput_x86.cab
Resource
win10v2004-20240508-es
Behavioral task
behavioral10
Sample
KernelOS-Modules/DirectX/AUG2006_XACT_x64.cab
Resource
win10v2004-20240426-es
Behavioral task
behavioral11
Sample
KernelOS-Modules/DirectX/AUG2006_XACT_x86.cab
Resource
win10v2004-20240508-es
Behavioral task
behavioral12
Sample
KernelOS-Modules/DirectX/AUG2006_xinput_x64.cab
Resource
win10v2004-20240508-es
Behavioral task
behavioral13
Sample
KernelOS-Modules/DirectX/AUG2006_xinput_x86.cab
Resource
win10v2004-20240426-es
Behavioral task
behavioral14
Sample
KernelOS-Modules/DirectX/AUG2007_XACT_x64.cab
Resource
win10v2004-20240508-es
Behavioral task
behavioral15
Sample
KernelOS-Modules/DirectX/AUG2007_XACT_x86.cab
Resource
win10v2004-20240226-es
Behavioral task
behavioral16
Sample
KernelOS-Modules/DirectX/DSETUP.dll
Resource
win10v2004-20240508-es
Behavioral task
behavioral17
Sample
KernelOS-Modules/KernelOS22H2.bat
Resource
win10v2004-20240426-es
Behavioral task
behavioral18
Sample
KernelOS-Modules/VisualAIO/vcredist2005_x64.exe
Resource
win10v2004-20240508-es
Behavioral task
behavioral19
Sample
KernelOS-Modules/VisualAIO/vcredist2005_x86.exe
Resource
win10v2004-20240426-es
Behavioral task
behavioral20
Sample
KernelOS-Modules/VisualAIO/vcredist2008_x64.exe
Resource
win10v2004-20240508-es
Behavioral task
behavioral21
Sample
KernelOS-Modules/VisualAIO/vcredist2008_x86.exe
Resource
win10v2004-20240426-es
Behavioral task
behavioral22
Sample
KernelOS-Modules/VisualAIO/vcredist2010_x64.exe
Resource
win10v2004-20240508-es
Behavioral task
behavioral23
Sample
KernelOS-Modules/VisualAIO/vcredist2010_x86.exe
Resource
win10v2004-20240426-es
Behavioral task
behavioral24
Sample
KernelOS-Modules/VisualAIO/vcredist2012_x64.exe
Resource
win10v2004-20240426-es
Behavioral task
behavioral25
Sample
KernelOS-Modules/VisualAIO/vcredist2012_x86.exe
Resource
win10v2004-20240508-es
Behavioral task
behavioral26
Sample
KernelOS-Modules/VisualAIO/vcredist2013_x64.exe
Resource
win10v2004-20240426-es
Behavioral task
behavioral27
Sample
KernelOS-Modules/VisualAIO/vcredist2013_x86.exe
Resource
win10v2004-20240508-es
Behavioral task
behavioral28
Sample
KernelOS-Modules/VisualAIO/vcredist2015_2017_2019_2022_x64.exe
Resource
win10v2004-20240226-es
Behavioral task
behavioral29
Sample
KernelOS-Modules/VisualAIO/vcredist2015_2017_2019_2022_x86.exe
Resource
win10v2004-20240508-es
Behavioral task
behavioral30
Sample
KernelOS-Modules/drvset.bat
Resource
win10v2004-20240508-es
Behavioral task
behavioral31
Sample
KernelOS-Modules/oss.exe
Resource
win10v2004-20240508-es
Behavioral task
behavioral32
Sample
KernelOS-Modules/pssuspend.exe
Resource
win10v2004-20240426-es
Malware Config
Targets
-
-
Target
KernelOS-Modules.zip
-
Size
199.7MB
-
MD5
789dcd2aff73364375ec55011c8517e4
-
SHA1
14f1e45a03cbeb53978175c6140b50febbefcd02
-
SHA256
a09b29748ae4797b934cd854ce01eefc4debe385e7e642e26e035dea7569ff90
-
SHA512
4baeec16888a2df6cf58bff19b0d41272bac1db3d812d4aff4f0adaeb7b6cd6bfcd236c2713a651d7905a64bca9f10fcfd995d9836591e41fe98438397bb6bb8
-
SSDEEP
6291456:t+kd518xpex2BIGZCRvSy71icN702+5rMFV/wSC36D9hp2y6+2:n8xpYGa6Xm/w4FpwSe6D9D2y6+2
Score1/10 -
-
-
Target
KernelOS-Modules/DirectX/APR2007_XACT_x64.cab
-
Size
191KB
-
MD5
8acbb49a7c2a97c12f63c16bdd8f7512
-
SHA1
7ba1dbd540142423df7ddd5b165da9550c397716
-
SHA256
0e1042d91b755a36e7dfca480bb3f868cb23f5438dd1415fd3fcfb13b27d761e
-
SHA512
e78f71ab8b055ac65a35500682fcc0e17d34bcd68b61e22b51a5bb96596cd737dc8e76f6362ccc5d90f7cc075240868a913a11eef9c7567c330a738c6f1bd8ea
-
SSDEEP
3072:zUQ+EPJ/0asIhqjUy7jRqMJG0HRzMG7xiND3Jo7EcTQt/1emc4lO9NUeKZTPzndO:Yr+0amjUgjJG0HRzMUxWDJkUMP9KeK1M
Score1/10 -
-
-
Target
KernelOS-Modules/DirectX/APR2007_XACT_x86.cab
-
Size
147KB
-
MD5
96f1ec4650282a0fd2dbd1eea7f5cfd6
-
SHA1
02043cd1b6f0e7e06932d210422d34eadfdca437
-
SHA256
9dee9f2b720b0fc90b8ebdac22d20f2008e58f16f354b9a967526c439bf0b9a3
-
SHA512
35f326dfeb3a1b610e0d83e2bba25ebdc162270d8e14f1d7a25bb5abcb6b2402fc295146df77b95853660849900e8dd7cc64cbde4d3e6519e3d72ba6792710be
-
SSDEEP
3072:NcJ4S2kOBrMASnHr7M58QmpeFT7582Skd1ksaIwbhQDp9kkIFxYJQZW9G9ow:NQ4S2kOi/MKbSV82xKnDVQ/EqQZa+9
Score1/10 -
-
-
Target
KernelOS-Modules/DirectX/APR2007_d3dx10_33_x64.cab
-
Size
682KB
-
MD5
3fba5d677f19c48f210ca5f6372d55ad
-
SHA1
52ef8d34285fb4cb1d8cab84a1654abc2d0dd77f
-
SHA256
1bed02f304d495c2769debff315ae3f017c7e9907d85138996554e8e61a61e91
-
SHA512
7a425b01a48d50da924c172a6c9eaec6045e45f744af93fcd7b7433816b8453ac3e17116563c38bbc0ef3ee3e68cdabd86ffd531947151b0e799ddd479b6f7af
-
SSDEEP
12288:VK6/uIaEOb2fc+HdQn/lDTK79RrFEYnj3LUFWQJcR1WrADy2IYxUSsEtiqUo7B:VUlb2fc+9Qn/u9RrFEO3LUjU95I/Etii
Score1/10 -
-
-
Target
KernelOS-Modules/DirectX/APR2007_d3dx10_33_x86.cab
-
Size
679KB
-
MD5
83033f2988efe706886e5aba492974d7
-
SHA1
3749dce941e880fe11f451ce11ce4b0753574506
-
SHA256
6aca96d6aa400d8ad07d2fb1c4aa94c62d261b9370cbf01d2acce24e489038ba
-
SHA512
44ff9b7606cfef86641b7f535f2321e96abd25fb064ba5b57a9668aca98a6f2e9691e8d7eab534a14730adcaa1aaf345074ab4c514e9dd68c0c9d992a600ab2a
-
SSDEEP
12288:mHwziN1v34WzSc6IA6ajvY8ov8ZdReUTQ8Mr47JYCophIa9sNDn1QcILtwGh:501wWzCI3ajjls4NpAsNDnMwGh
Score1/10 -
-
-
Target
KernelOS-Modules/DirectX/APR2007_d3dx9_33_x64.cab
-
Size
1.5MB
-
MD5
71c6a3c5c04093254e752e0d15af1869
-
SHA1
eb3bbd9de097558664b036e5b90145c5348f33db
-
SHA256
387c63928479e0ad138fa154f9f291821275f6fdf122aac8ace87f0d2033e77c
-
SHA512
555f832c37afc9743cc23d7983054b063a95cbc7861878932b6cc5cc0ea8f4a273e6272f9b4219692d3a3d702703a68e0d5a5d9d254b4bf3149f652c99754112
-
SSDEEP
24576:BjzSeifTXjfzuO/m35sCqSrSBEZqyi2bjbBfQbIKpP5FfiB0Qjq/X1ZXp8MF:BvSeSTXj7u0OUM9UStQbNd/Gjq/Ft
Score1/10 -
-
-
Target
KernelOS-Modules/DirectX/APR2007_d3dx9_33_x86.cab
-
Size
1.5MB
-
MD5
8e3e46de4d520b4836b8776a2c771eaa
-
SHA1
48db572e4e14e3cfa56fcda43bc4529d8b58aecf
-
SHA256
9a7e65d97910b2038bb01a640a86c2ebf62ab7b36a50f349e71ec901b206f0ee
-
SHA512
93f8af6f204c0d9a59dc45200fe31ac6587a6a20d851fe5f84141d8cc665be899caccf8f1fb55565b52083bfe4b67ffa31ebc9db015a2c17f34af04919eb3bbc
-
SSDEEP
24576:UcQY0tIpwa5ydxGuruluTsRWo1Iq9e5m98yiN9/0rjVH60mPxr/1Mag:UcIIi+G9rul8uooec98yi//0rjoDZrCv
Score1/10 -
-
-
Target
KernelOS-Modules/DirectX/APR2007_xinput_x64.cab
-
Size
94KB
-
MD5
743b333c2db3d4cf190fb39c29f3c346
-
SHA1
26b3616d7321978bd45656391a75ee231196a4a2
-
SHA256
e7a09f8235cc587cc63f583e39fbc75008d9677c8bb4dcc11cb8d0178a5153ac
-
SHA512
77fbdb86c79d7228bca2982a3285a417a365af980488a5ac2d470b532fa59fcc15e0e8dbee6eb1a3a5256fc29e0e3391529cd2ac13e0f72987ee0da136000957
-
SSDEEP
1536:CEDWhtT9OVcSEbv2sSXSf2rGrqZj64W/msrR2rKg+Yy9bMP+rGb2HtDZzmwG9rHR:It5OSvuXSf2rbZu4Kmsr4eLRwPC5B9G3
Score1/10 -
-
-
Target
KernelOS-Modules/DirectX/APR2007_xinput_x86.cab
-
Size
52KB
-
MD5
c234df417c9b12e2d31c7fd1e17e4786
-
SHA1
92f32e74944e5166db72d3bfe8e6401d9f7521dd
-
SHA256
2acea6c8b9f6f7f89ec51365a1e49fbd0d8c42c53418bd0783dbf3f74a744e6d
-
SHA512
6cbae19794533ad9401f92b10bd9549638ba20ce38375de4f9d0e20af20d78819e46856151cc6818325af9ac774b8128e18fbebd2da5da4efbd417fc2af51dab
-
SSDEEP
1536:9cnwcwzHEdb27WH2SfZDNu75ddnVR+ZFaNk0ZT9rHUh:0wb+2eZonQwN9oh
Score1/10 -
-
-
Target
KernelOS-Modules/DirectX/AUG2006_XACT_x64.cab
-
Size
178KB
-
MD5
9cafd440798ed33ec6561b09549ab263
-
SHA1
631f1d92633c6655afa445f9f2a218820ea7a1f6
-
SHA256
beaac99fd17bc9fa85a2a220a13d8c13bd90f66eee595cbd27ab9aaadc234b03
-
SHA512
d6c73fd47bcaaaed27a38b686c3ac4f7b7e94bf0abc823d6a5c0bfe9877184187530c6e83524b3f736a792ae5bc53bd71b772f6a961fcfdec73b92a20738fa0e
-
SSDEEP
3072:GglGrmTM3Ne3LnSYZr66OltMlRz/EFa6xoXJMOL7CmAvyl81g5K7VQLWRrZz95g:1ESKSRr66OltMlWFa6xoMOL7vmGGCAra
Score1/10 -
-
-
Target
KernelOS-Modules/DirectX/AUG2006_XACT_x86.cab
-
Size
134KB
-
MD5
155b66797691647bbb935f0c0872c64d
-
SHA1
91ddf1ac4f5b4bb7b7d2bdc5268622e17c55a5db
-
SHA256
cd2e1256efa1723eb77c77440f7b72f0eed8c0df17677cd4cc5a95a65a0f4849
-
SHA512
744bee6c4ae98b0748e2dc2e00fc5c587438c442f6b8ec2be7ba53069deaf95c427024ad0c71ee5eb35ac513ab73c55dd00206ad657e4bd531c99023553a51f1
-
SSDEEP
3072:lLkEev6VCdOQKPuF/p+emNC4J962LGMlPj6MoCW37gwND0S9olt:lLkEeKCdsPufE59tLGMpxobsG0qq
Score1/10 -
-
-
Target
KernelOS-Modules/DirectX/AUG2006_xinput_x64.cab
-
Size
85KB
-
MD5
866da8edbc4e6ecbc4b04e2a77613aad
-
SHA1
0a6e2b8b170271c8e2fba304cf31e74f67130cd1
-
SHA256
a54c7820f37b5e70068b801263c7efcc26b6404555a968094227e8bbaf5c22c5
-
SHA512
4f4e6e5eceb5ffda29dd850246078b23fdbadb8d75b7d85e4ddaed3a335923ed286b5949191bffa28db4b97e3eac30a286afbcf564b06f60763faa6d94df4b55
-
SSDEEP
1536:9lQFOMW9t2gGQtmxC4LbB8GXjgvW/j44krD+W2MLdk6v5yO1Ha6DB/4RPjz6ITdO:fIOMWm+tmnbXjVkWW1lgO166cjz6X9oo
Score1/10 -
-
-
Target
KernelOS-Modules/DirectX/AUG2006_xinput_x86.cab
-
Size
44KB
-
MD5
75b3d7d008dad88064ec3d768fc60fca
-
SHA1
69b2ec8c1007dda8da339d40ba1f2bea041859bc
-
SHA256
ad2b521d1a7abca6314eaeacb23690b63b2a17adbb2a47d3d69cc4660c7d2152
-
SHA512
f416c165855d2a472394502a577520f2f874f77b21d032046c7a175b48c91461cd74246ceabeb95a07c2e213c5b9d7fb85e9c996c39d18110ad698a935d667a9
-
SSDEEP
768:yuG396sAA1wXXvVFc2755DkphtVmUkt/lnkvH0odpl/q1AMi2jXHU0s:bwQsAhFcSmpJ3kt/xcd7o9rHU0s
Score1/10 -
-
-
Target
KernelOS-Modules/DirectX/AUG2007_XACT_x64.cab
-
Size
193KB
-
MD5
0e9ab7f465516fc690c79e230185caae
-
SHA1
19f229335832671e827f03ea47a4b550b4789a83
-
SHA256
35f09b0727ee1ab9116166c512c08886623a67939b2e0d841efdee689b6e0f84
-
SHA512
af1b6ea9c75298168e35dc910a489de34f4cf1d25506b6e6c33002502273668b09512bb13cd5db41f268b23b61e38ca610b95294ebd294f388c6fff476c8b641
-
SSDEEP
6144:r/ro1oeTmBD4NyYbzQpFXCB3HcIe8XpK8UDLIdex1:rTSRmBD4NnQpFXCBXcIhrUDLI01
Score1/10 -
-
-
Target
KernelOS-Modules/DirectX/AUG2007_XACT_x86.cab
-
Size
149KB
-
MD5
2bdd2481e5982de14ec680aa8b38347f
-
SHA1
a96d18ab55129420f90e07b1407cd10806e4686a
-
SHA256
b39c1b8483111be11cd4c10ef2d18ec8f0b23ff13b628482507076ede9fa9bd1
-
SHA512
b677331ea4a45e8f5379d513b4a61c71cf6a8ac6878dbdcc91a9bf31efb3e1e649f67da033806fc30faf9be000fa2b58a7f3b0af75d6388397ad05466556fe62
-
SSDEEP
3072:B1fyoa65g+jY8gS1uVqdpIZiUrwX7WsXMEnAB4QsTGW9o7A:B1FpljYe1dpLWwqrEnA1sTFGA
Score1/10 -
-
-
Target
KernelOS-Modules/DirectX/DSETUP.dll
-
Size
93KB
-
MD5
eb701def7d0809e8da765a752ab42be5
-
SHA1
7897418f0fae737a3ebe4f7954118d71c6c8b426
-
SHA256
2a61679eeedabf7d0d0ac14e5447486575622d6b7cfa56f136c1576ff96da21f
-
SHA512
6ff8433c0dadc0e87d18f04289ab6f48624c908acbda506708f5e0f3c9522e9316e587e71f568938067ba9f37f96640b793fdfaa580caedc3bf9873dc221271f
-
SSDEEP
1536:Bc8tBKv1HCyODN2wjIqlLmqxY3AMVI4I9okOEvc0/c/sZRYltL26VVE2S+JJqsHy:BftQv1iyODswNLmqxY3AMV71Ev54EAxM
Score4/10 -
-
-
Target
KernelOS-Modules/KernelOS22H2.bat
-
Size
63KB
-
MD5
32d7f72b68d881ed12300ca88b68cd54
-
SHA1
4e95abacf4a54720785e31a7c408609d3e3478be
-
SHA256
2b841784fbb8345e3bf40ab4950b60c7aee4633973ffea33f5325a0cb25da973
-
SHA512
a805b7373d823ea8c5cd33f69b71f759d9edf5dc0c38c53ac2dd0e1b9048bbfd243494e30e72fd5e399afaa6c389f6d3f5d7ac10501c1db8d4cc6ad665bc5047
-
SSDEEP
768:lTIyf6W5oGNbfrdAUY5eC9vOcbXmB9ofdfv3h8mox+QRv2WYV5FEvUr:hJi
Score3/10 -
-
-
Target
KernelOS-Modules/VisualAIO/vcredist2005_x64.exe
-
Size
3.0MB
-
MD5
56eaf4e1237c974f6984edc93972c123
-
SHA1
ee916012783024dac67fc606457377932c826f05
-
SHA256
0551a61c85b718e1fa015b0c3e3f4c4eea0637055536c00e7969286b4fa663e0
-
SHA512
f8e15363e34db5b5445c41eea4dd80b2f682642cb8f1046f30ea4fb5f4f51b0b604f7bcb3000a35a7d3ba1d1bcc07df9b25e4533170c65640b2d137c19916736
-
SSDEEP
49152:+r67+stI6RWGTAdyvlADUrpTmcOgohwJpEM5grO3oc1OXZViFeRyDErkLUMHzkRN:AM9l8pUr9m30L5grOQXZKAsErkbQRN
Score1/10 -
-
-
Target
KernelOS-Modules/VisualAIO/vcredist2005_x86.exe
-
Size
2.6MB
-
MD5
ce2922f83fb4b170affce0ea448b107b
-
SHA1
b8fab0bb7f62a24ddfe77b19cd9a1451abd7b847
-
SHA256
4ee4da0fe62d5fa1b5e80c6e6d88a4a2f8b3b140c35da51053d0d7b72a381d29
-
SHA512
e94b077e054bd8992374d359f3adc4d1d78d42118d878556715d77182f7d03635850b2b2f06c012ccb7c410e2b3c124cf6508473efe150d3c51a51857ce1c6b0
-
SSDEEP
49152:rqGRIgg2SirwkF9xdtb43lyGKCafpKkiwnaDahmPzpY4FPyaza:rxxLFfY/KCCpKk9aWMzZyau
Score7/10-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
KernelOS-Modules/VisualAIO/vcredist2008_x64.exe
-
Size
5.0MB
-
MD5
e2ada570911edaaae7d1b3c979345fce
-
SHA1
a7c83077b8a28d409e36316d2d7321fa0ccdb7e8
-
SHA256
b811f2c047a3e828517c234bd4aa4883e1ec591d88fad21289ae68a6915a6665
-
SHA512
b890d83d36f3681a690828d8926139b4f13f8d2fcd258581542cf2fb7dce5d7e7e477731c9545a54a476ed5c2aaac44ce12d2c3d9b99c2c1c04a5ab4ee20c4b8
-
SSDEEP
98304:98I8/pCVmdbx2rU/xFnTBU8UeNeagEXtIgvjyGFDdo85qyKYr5NM62dNKViClWPg:9Avx2rw5Th8XeNyGtW0DJr5uDdQdWPet
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
KernelOS-Modules/VisualAIO/vcredist2008_x86.exe
-
Size
4.3MB
-
MD5
35da2bf2befd998980a495b6f4f55e60
-
SHA1
470640aa4bb7db8e69196b5edb0010933569e98d
-
SHA256
6b3e4c51c6c0e5f68c8a72b497445af3dbf976394cbb62aa23569065c28deeb6
-
SHA512
bf630667c87b8f10ef85b61f2f379d7ce24124618b999babfec8e2df424eb494b8f1bf0977580810dff5124d4dbdec9539ff53e0dc14625c076fa34dfe44e3f2
-
SSDEEP
98304:vT4tlQ0aeY51XNURYxaA6qjEb9tRuPmBmWBDLTMTtbslyzRt9cuISY6Qa:vKlhE9U6476itR+mLPw6lyZY61
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
KernelOS-Modules/VisualAIO/vcredist2010_x64.exe
-
Size
9.8MB
-
MD5
c9d9eebccef20d637f193490cec05e79
-
SHA1
15d032d669078aa6f0f7fd1cbf4115a070bd034d
-
SHA256
cc7ec044218c72a9a15fca2363baed8fc51095ee3b2a7593476771f9eba3d223
-
SHA512
24b56b5d9b48d75baf53a98e007ace3e7d68fbd5fa55b75ae1a2c08dd466d20b13041f80e84fdb64b825f070843f9247daba681eff16baf99a4b14ea99f5cfd6
-
SSDEEP
196608:n9A3D5MBD0vwqMKgL29M2JWMWiKV/nPlnqIaAAVINqsAsbPnpCxmz7dU8:23D5MBwZMd0b4oSQ7VSrAs1gEdU8
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
KernelOS-Modules/VisualAIO/vcredist2010_x86.exe
-
Size
8.6MB
-
MD5
1801436936e64598bab5b87b37dc7f87
-
SHA1
28c54491be70c38c97849c3d8cfbfdd0d3c515cb
-
SHA256
67313b3d1bc86e83091e8de22981f14968f1a7fb12eb7ad467754c40cd94cc3d
-
SHA512
0b8f20b0f171f49eb49367f1aafa7101e1575ef055d7007197c21ab8fe8d75a966569444449858c31bd147357d2bf5a5bd623fe6c4dbabdc7d16999b3256ab8c
-
SSDEEP
196608:e9A3DAnfudQZKuNK0kMp2Wxw2tr3aA5Jegn9kaK6Hj0aaNz9ZBJ7C:t3DAnGKZKuNK0SvAn9kaK6gaaNRZbC
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
KernelOS-Modules/VisualAIO/vcredist2012_x64.exe
-
Size
6.9MB
-
MD5
3c03562b5af9ed347614053d459d7778
-
SHA1
1a5d93dddbc431ab27b1da711cd3370891542797
-
SHA256
681be3e5ba9fd3da02c09d7e565adfa078640ed66a0d58583efad2c1e3cc4064
-
SHA512
6c2f4eeb38705c2dafc4d75d8de0036a0aed197f83e9cb261d255fe26e4391f24b0b156e9019c739dd99057041c2bb80f9ab80f56869bc1e01f0469a76f24f75
-
SSDEEP
98304:vRWKtOl5CCGomEBkHUBmExJrIUg32t9RRyvo7VnOcyP24Vc35re94tb0eYbY1poo:v3tO3CCT/hBxtVtyUVnmSprzVIY7QKAk
Score7/10-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
-
-
Target
KernelOS-Modules/VisualAIO/vcredist2012_x86.exe
-
Size
6.3MB
-
MD5
7f52a19ecaf7db3c163dd164be3e592e
-
SHA1
96b377a27ac5445328cbaae210fc4f0aaa750d3f
-
SHA256
b924ad8062eaf4e70437c8be50fa612162795ff0839479546ce907ffa8d6e386
-
SHA512
60220a7c9de72796bd0d6d44e2b82dbdd9c850cc611e505b7dc0213f745ff1f160b2d826eaf62fd6e07c1a31786a71d83dc6e94389690fd59b895e85aba7444b
-
SSDEEP
196608:OwKjLs+UIkzHlAv4X6zQRgiwHLD2LQIX/:9KjaxFFP1iLD2LnP
Score7/10-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
-
-
Target
KernelOS-Modules/VisualAIO/vcredist2013_x64.exe
-
Size
6.9MB
-
MD5
49b1164f8e95ec6409ea83cdb352d8da
-
SHA1
1194e6bf4153fa88f20b2a70ac15bc359ada4ee2
-
SHA256
a4bba7701e355ae29c403431f871a537897c363e215cafe706615e270984f17c
-
SHA512
29b65e45ce5233f5ad480673752529026f59a760466a1026bb92fc78d1ccc82396ecb8f07b0e49c9b2315dbef976cb417273c77f4209475036775fe687dd2d60
-
SSDEEP
196608:bPwMcp4zKAKpCPhD5nsF5GBAiSG5VtJFeHi:0McAWKJsF5vib5VtTeC
Score7/10-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
-
-
Target
KernelOS-Modules/VisualAIO/vcredist2013_x86.exe
-
Size
6.2MB
-
MD5
38a1b890ce847167d16567cf7b7a5642
-
SHA1
0f5d66bcaf120f2d3f340e448a268fe4bbf7709d
-
SHA256
53b605d1100ab0a88b867447bbf9274b5938125024ba01f5105a9e178a3dcdbd
-
SHA512
907a9aac75f4f241a85ecb94690f74f5818eea0b2241d9ef6d4bf171f17da0f4bc702e2bb90c04f194592fcc61df5c250508d16b886ed837a74b9f45da9627cd
-
SSDEEP
196608:hPMlUtWUVbuVAwgg1wGiU6QCs9FbEwEhMJ:oUUUNHg1wGd6QxbEwv
Score7/10-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
-
-
Target
KernelOS-Modules/VisualAIO/vcredist2015_2017_2019_2022_x64.exe
-
Size
24.1MB
-
MD5
cdce5d5ee259d8071fa82f522c5c7d6e
-
SHA1
d4f9181e70e3f1aa6c8edffcc15b3c3d4babe36b
-
SHA256
ce6593a1520591e7dea2b93fd03116e3fc3b3821a0525322b0a430faa6b3c0b4
-
SHA512
8f86693bf9fb4ee0ba021b826663028158d580a0424417a30d8f95ef8853fcd224b5a213beba5d99b48be0607a0a6870158bf1899fe1445da9ca19a208608527
-
SSDEEP
393216:JBCFpXQn0ZIoLTNOqMJgrBrIIvsHCwmMziQUv4qXvscamEZF/N4fsdx/78YHVkEv:JWpXDWoLTNOqMJcdyDz81Xv//MYkl
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
-
-
Target
KernelOS-Modules/VisualAIO/vcredist2015_2017_2019_2022_x86.exe
-
Size
13.1MB
-
MD5
dd89ae7bc09cad5648524905d0f53214
-
SHA1
29e23dd7c19b03eb59304f9d1f8e7209c1167348
-
SHA256
cf92a10c62ffab83b4a2168f5f9a05e5588023890b5c0cc7ba89ed71da527b0f
-
SHA512
7174a4c0c90beef6c091f3b1065fd951c2ecf16aa6170af56c2b226f4d352f90e13afdb6bd3b61f81f0b1050482f21d3c3b61c0de379277459e4c966ec9e823e
-
SSDEEP
196608:oRjAHGflpQcIIS/Rj7BWl+aV8t8z72BxBwBgO42kGVfeiZUKcSqKLNeW5xg3lU5V:IAH4lptVYmfr7yBG/41L8ncSq68fUZFX
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
-
-
Target
KernelOS-Modules/drvset.bat
-
Size
23KB
-
MD5
758f3df3c374bb10f86731226d86b9c4
-
SHA1
62fa52e0cf62b7c1f8610e2967bb0ac4c893a6e6
-
SHA256
df2db344e54351a1dfe7bdc365fe60f1b2de24ce2eae0307cf7d1d4e5d9239a7
-
SHA512
f49352450df38726a175769c7f7de0f9c64b2c632ee0f8131b9b8a91b6a0280aa5af73016460196488bce85c97ea9c783719ab4685ca4dffb6539f541f3d35ec
-
SSDEEP
96:jlMkcbcP/cycocFcncfiCwdsIcktVYaXEJvvHkePcxhPEXYy0YyDYyZYlYXWPlQL:imKhYtaaXKvvEgdI6R/yhzww1NPizK
Score9/10-
Modifies boot configuration data using bcdedit
-
-
-
Target
KernelOS-Modules/oss.exe
-
Size
7.2MB
-
MD5
1d3eda57e6a1edcb406b6902319ecf78
-
SHA1
40f3299e3eddd98b5bc4d30e551d0989214725f8
-
SHA256
2f637b8a5666f4537fbb4e1502becde2469e4888008a79060549b26ade5068dd
-
SHA512
2690e4302ea960c7f0877d0fac987d5f633093e62b2379e7e371cd30334f22fc411077e8cde377676a1b1966871b5e3eccbb5d8ccfa477479f3d95ee3e0a90c0
-
SSDEEP
196608:mKkuxBFGMfSrS4qRRM8wrQJFwOXlt3Ket9ubsdZCYFwD/:m0NfSrkrwMUe/ubsdI
Score6/10-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
-
-
Target
KernelOS-Modules/pssuspend.exe
-
Size
282KB
-
MD5
df3d77d41ef28027b3069d39f9ee9c79
-
SHA1
0dfcf31ad455abd48d35b0250b5b03265052fba6
-
SHA256
02ec8c37dd946a2cd74673993c2108f12fff3e82019a1590231c4205ccb2f0d4
-
SHA512
ff9168421ea2e0b56ece4df777b1fa3605cbb4ac81d1c81cf2491a5c197baf67c47ba4d1d767c5c272a8f3cfa46b169234d19b98671ff6ad8f7a092f51e9378d
-
SSDEEP
3072:K/kvkbvka2pVtwouW9+DZUFIPcpGwDmXsBvpRyAHa0MiZUFw/oPACa337yGTkSEh:K/CkboR5INUR94GhnO6g1Co/
Score1/10 -