General
-
Target
21c1c5b62ceebdd74177318f5aa3818680e687012d3ca057f410825db313e2ef
-
Size
191.5MB
-
Sample
240521-b99d4aeg21
-
MD5
5aadc98dd07388e0e4102940fd9940d4
-
SHA1
8fa81a6cdb6b077cd9e27640eb3bc8e3f1917d56
-
SHA256
21c1c5b62ceebdd74177318f5aa3818680e687012d3ca057f410825db313e2ef
-
SHA512
9709ec9db96a72d7f6db8d5d242cee9fce620ec63c8bf766f87649318a197e1be17f67c33ae6801a673e66f68a7bad89a1e3f6600881910d42539bccd7ba3659
-
SSDEEP
3145728:goaS+2fXxe5RwLxA7jncf8YejaV89SrU8fX6u8teVhq+qQRpx6I5G/IMyGvoIeLN:gopfxe5CLxQjncfl6z9SrUMVEePqrQ0Y
Malware Config
Targets
-
-
Target
Virussign.2024.05.18/calc_avx_clear_pattern.exe
-
Size
112KB
-
MD5
e9cc8c20b0e682c77b97e6787de16e5d
-
SHA1
8be674dec4fcf14ae853a5c20a9288bff3e0520a
-
SHA256
ef854d21cbf297ee267f22049b773ffeb4c1ff1a3e55227cc2a260754699d644
-
SHA512
1a3b9b2d16a4404b29675ab1132ad542840058fd356e0f145afe5d0c1d9e1653de28314cd24406b85f09a9ec874c4339967d9e7acb327065448096c5734502c7
-
SSDEEP
1536:Zl14rQcWAkN7GAlqbkfAGQGV8aMbrNyrf1w+noPvaeBsCXK15Zr6O:7mZWXyaiedMbrN6pnoXPBsr5ZrR
Score1/10 -
-
-
Target
Virussign.2024.05.18/notepad_ovl_avx_clear_pattern.exe
-
Size
71KB
-
MD5
c8d738be96918c67f6ae7b26e18786e1
-
SHA1
cdd6001886be68d377c2b81506e493ec2ade1b30
-
SHA256
c159235f958f594578689665c2f8030f3539421833703a7b1398ae20fac54acb
-
SHA512
b6d17be73782c810919b929b71b4a7889f04ce810e4c4797dbd72937653c1a4f946073f21ea4d33c0ae2507163ddbcb5af48a918592000f87453c6b8c8b28c1e
-
SSDEEP
1536:MEwOnbNQKLjWDyy1o5RepJUEbooPRrKKRSq6Hn1:M2NQKPWDyDRepJltZrpRSfH1
Score1/10 -
-
-
Target
Virussign.2024.05.18/setup.exe
-
Size
453KB
-
MD5
d0362180eaedf6d54d86d12b96d3809c
-
SHA1
b193e2dde1b3597ab593f2dad643b2dfddf63ba0
-
SHA256
759e00f0aaf962ba1e883f4e742d693feab426a18602e00ae32d3c95d7404ff3
-
SHA512
58a3a49bd3a1de729689a1f6556e225aa25b5d2bd799ad2349054a8126502973b5882d1aa9aa4bb65c271c461ecb9337f662cd9ea0173d0285898fae5eb71aa9
-
SSDEEP
6144:s78n5Qw0tneDA/sqhleIc0HftDrkYY1hj63hgDonsogCh6NEpAFa:G85bM3npxYfj63hgD1Zi9
Score1/10 -
-
-
Target
Virussign.2024.05.18/virussign.com_00ceb6c3a68f258ea4ccdc52d737df8c.vir
-
Size
1.8MB
-
MD5
00ceb6c3a68f258ea4ccdc52d737df8c
-
SHA1
056f391b3b7cafef8a870e7c8a59347669f7a11d
-
SHA256
17958dc4631de7fbb1b8383f12395c81aa6b0c5ec7591e71222d8284712efcb0
-
SHA512
1ab91b61ce3515a1eef97d87724fde62298de3019db18bda55e5e00cbd58027783c420b7592f670b981622e754903e044300cfb94062064408e7c86af0279107
-
SSDEEP
24576:vBWelxqsfNMNr79DsIZcGf3ggHFlyyJ4kmCahuGUDRNr+mvQWwTOhmU9zIs3ntzq:8F/Y2jSzUxmlsNecoN
Score1/10 -
-
-
Target
Virussign.2024.05.18/virussign.com_04fb05c549d5a52ec70626fe4534fb46.vir
-
Size
180KB
-
MD5
04fb05c549d5a52ec70626fe4534fb46
-
SHA1
5c6a45023a28c794dbe6ab65228feede10d76f7a
-
SHA256
04c321ba188d3076a419ff5ca22a85696c78de734efea72a311a80d1406058ff
-
SHA512
fa6da45fa898e243bfe9abfe7814445d211e0fd097b36cdf187564bba5153758f0b40331c02c648b79e786b1a45267b83eea130fdecbca214feceff95daff0cb
-
SSDEEP
3072:yLUGDyOFAouArkm3ksr5iQlCkRkL3Z9xPoJ8/6AxMpaWEstG7h:lG763Arq+iQJkF92J8/ef
Score1/10 -
-
-
Target
Virussign.2024.05.18/virussign.com_0631206e87f9a6629676bd2c54c2c330.vir
-
Size
40KB
-
MD5
0631206e87f9a6629676bd2c54c2c330
-
SHA1
c3b4f6193c3082a74b16dcfc7751b078680ef96e
-
SHA256
9c0a4b81970e9f40e4114c8278462314c6b03e76803252996def4b126c8f331b
-
SHA512
f31a76cd87468c275c09974c26683467c7f3944d7f2b4be360aea82c6f94a33ca1491edc19b42962407006654f6c00f27a130d4812228cc3cb6fb6ad92df490d
-
SSDEEP
384:R06/jAw+vYUGlM7lbRfq93l+0rLyNvOppJ8nksPqXLfYjY:R0DwiYUGlUX0l+0rLkvOpKqXLf
Score3/10 -
-
-
Target
Virussign.2024.05.18/virussign.com_0644f7190db49dab20359cedf541f21e.vir
-
Size
367KB
-
MD5
0644f7190db49dab20359cedf541f21e
-
SHA1
09194b84d6d9754f1c38a5228b471650758a0ff2
-
SHA256
c2109b13a33648e6e37f58e21ad7e38ffc80746109f61483bed9bc944759cd0c
-
SHA512
d39051050d02731da9c2a8cb1e6315267716c03b8bfbb1fa713c9b58ed16f1c0165f3a4d1160e594bbaf4484c5e750f1a58d18a4df59e9f7f5fd9986c2bac8c1
-
SSDEEP
6144:nIyFESWu0SWuGSpqo1hUPwwo/oXc0H8x8QoEc0J8Yc0V8+c0f8fc0E8Tc0/wtc0i:Iyruwwo/os0H8x8QoL0J8/0V810f8U0R
Score1/10 -
-
-
Target
Virussign.2024.05.18/virussign.com_0670da5e605648d3612479c1b8c2b161.vir
-
Size
1.4MB
-
MD5
0670da5e605648d3612479c1b8c2b161
-
SHA1
bb55525480b41ddb3542eec69d3e2c477353dd4c
-
SHA256
406dc1ab363646a1f3e7f29263d9af899f0813efa45d4a1eac564faa325f1ae9
-
SHA512
54d595cc68524587f0d970ee45e2230eb2129532169d55bcd9276e3c4b5970ab6c51c40ba68680c34344e9106e85dc8fd1cd0db13e972090f6fac803be6a2bda
-
SSDEEP
24576:vBF6727XL1+KmMOWen5Fj6UfiyfOld+weeXcbRv41cca3xFpm7qA:rHxhOWenbffOldXeLA1cFrYH
Score1/10 -
-
-
Target
Virussign.2024.05.18/virussign.com_06d660813c67035f568796f6a305b69b.vir
-
Size
841KB
-
MD5
06d660813c67035f568796f6a305b69b
-
SHA1
b129c825132d8c48ee26f6f47be578233644cb18
-
SHA256
3388af113bdbf72200b71d665b2542fe49b66eceb0ee37737319a54d49a2a8df
-
SHA512
ad995aa814aaf41d4e04e1437cfe7051fa2c358d9bc4e4085686e09db30a3b17d43b948388a218c89f389b286c4da478962b56fb80986f731ca89e36b4598c31
-
SSDEEP
12288:RT5J33GwfSu2Cw/MygY50Aly1bUiRg4FbfmqqlE59hidux1szjlkN4pf3Lpi/Zm2:RT5J33PzVwUzAly1o2bmWhhSyht9
Score1/10 -
-
-
Target
Virussign.2024.05.18/virussign.com_07952ee09f86d961f8a8f90d84c8646e.vir
-
Size
4.7MB
-
MD5
07952ee09f86d961f8a8f90d84c8646e
-
SHA1
6c5aba03f28e6e30ab12907fb121fd3e47216ba4
-
SHA256
ee68c4aa4e330f6896455f4eeebc96a65f48163515ef2eade941c2aef1ebf949
-
SHA512
dd949833be6b373bddb5270b586a36d48b803108b5c0dad3aaa901bfbd59c41399c0c67c4c25374d6fa7b88a0a5e723e89b1fb157b42441e56c2f7ba72e79c4c
-
SSDEEP
98304:QrFpM+h99cgFsR4IRkg6719D27IzKgkDLlLC3D1JbG+nQG4:QFpM+hDm4656719D28zKgkDLlLEFJO
Score1/10 -
-
-
Target
Virussign.2024.05.18/virussign.com_07adf85d6149a7aa1fa528bfbbcf7187.vir
-
Size
2.2MB
-
MD5
07adf85d6149a7aa1fa528bfbbcf7187
-
SHA1
735e07a2342f7d9a5024c031bbc32efa8eb12182
-
SHA256
5e84596a000ca4fde5b69f04b7d1a648cf4ceb2b6c16a1d753e559d4511fbd41
-
SHA512
59070bf521731480de629958b00b4ab4cfeb45321ef4dcc144fde99f05404c12fc3326e4a3494097bf1b5c599db3e9971be5310ac761028e73e572522ddd86f1
-
SSDEEP
49152:4foDW/SDyzAO+jVFHNfyliTbrTZLjT1b5Jp6jFN:8YmAaiTtlb5Jp6jFN
Score1/10 -
-
-
Target
Virussign.2024.05.18/virussign.com_08a6c34267000edb55071c7e51c17a95.vir
-
Size
3.5MB
-
MD5
08a6c34267000edb55071c7e51c17a95
-
SHA1
947892f50816df0ae75b176b41546bfa2211f3be
-
SHA256
06a5779723219112d5532234fb721e39b6d6e7b756a8df6a68c3cc747ba7c588
-
SHA512
0f8252b3dc63a57498156ac72a031c95999ecd25c744c1031b9eb073ca2c7fe4daa837a5ba8b2c0c88230a11583d670c546a59486ad64642440ef7edf1f7fe76
-
SSDEEP
49152:ei5SsLpFmYEy67YVLZyxos2huMTkt2pKGi2v2qtbsvl4uJnwXp6Bt7PukT5GM3CW:ei5SIU8BVLUosY4t2pEMp4tKrSzSqD
Score7/10-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
-
-
Target
Virussign.2024.05.18/virussign.com_0a1b6be85247a893173f6358899f6ea8.vir
-
Size
88KB
-
MD5
0a1b6be85247a893173f6358899f6ea8
-
SHA1
c838c543430755d6964e96867ec4116b3dff0801
-
SHA256
b83b05b8b8ccaf282fd01b43c01c97856c52dd89791561fc0d17850e8b2c544d
-
SHA512
6f15241d39db43b935170019fa1485f7cf0c591aaaf23aefef7d856f5cf25d00403e16bcac446f0e5ea24fa2ab07dce4d7d8cff24cf6e43b28bc5c49ddddf91c
-
SSDEEP
1536:eRv592OxH4q1Xgwt12u2yai+v4mC0xyRYV14CLM/7SxP+:eRv5Jx51Xg9rij04KM/C+
Score1/10 -
-
-
Target
Virussign.2024.05.18/virussign.com_0add1be69ec253397ac34e7cd6e235a1.vir
-
Size
375KB
-
MD5
0add1be69ec253397ac34e7cd6e235a1
-
SHA1
b52715e831c037ba4cd6b9ef4fd15df8dd55ff9d
-
SHA256
be06471781155780bdfdf13a91edf54017e1ea8f273211e555170f607c82d959
-
SHA512
f4532237ec7f33cba7b4814135bc7b07bde550bfaeda508760647a136ee1296422924a1da4ca3e81bb963a141ab4829d5617f2ed6fe559c5c7b3fbddf3f7c374
-
SSDEEP
6144:8fi6C2MGNhE4NFeydBNmG0knxjIURnTQe2UrHE17w9tlx7HrmWz05RIHXH3DZh08:B6CszE4NFeybN/0kxjIURnTQe2UrHE1m
Score1/10 -
-
-
Target
Virussign.2024.05.18/virussign.com_0ce34849ed68e6c96adc6b5b396c51f8.vir
-
Size
1.7MB
-
MD5
0ce34849ed68e6c96adc6b5b396c51f8
-
SHA1
13cec5096e74a97f05f603dcbb15373d279e857f
-
SHA256
143c775f3192ac837028e02e71125c8f3c216ac7c1e7fa03b65d8be26d5717b7
-
SHA512
e545ff7dcfb8bc6070af6b1c168c6544e44205618b8d7621a25ad9fd17444e3b9d48711f3a3ea3aeeb18fb0b8a9ad812525af965b76ad79705d8e4c9e5194d54
-
SSDEEP
49152:Qchq5LrtH8GUz3x07wb5qKGjs9+UyAAXcADHyLash66cC918KxKz3x07wb5qKGjn:Qf53WGYyM
Score1/10 -
-
-
Target
Virussign.2024.05.18/virussign.com_0d19b6b1baaa8f6ea8c83a39e74ffa8d.vir
-
Size
1.1MB
-
MD5
0d19b6b1baaa8f6ea8c83a39e74ffa8d
-
SHA1
68595c21292e04a3a5d75c4512e8b822ba6856e8
-
SHA256
305f5fba5fd5fd190b224a8a794c506b7b79ef343381be87d7636f0c8e2e5937
-
SHA512
acd09d554ecd507c9f1d0b0e6a08abd7c8cbdfe927e47e18d31a27eea7fed6a81dc21c1ec94b492afc7c72f02204b28767cadf1fedf02cb6e2756e25af7bb1dc
-
SSDEEP
24576:vBF672l6i2Ncb2ygupgrnACAmZ/NwFC31G3AcMxA7DX+qtrRgxNrgvGBtcbj:r56uL3pgrCEdM/QxtgWUj
Score1/10 -