a29158eb8d65435a7f87236ded4e06cc5a53887f53bb4d8b6684350d636d2e00

Sharing

Copy URL

Twitter E-mail

General

Target

New_WinRAR_ZIP_archive.zip
Size

55.1MB
Sample

240522-c4kn8ahg9s
MD5

bf6d8839e234cacc54cc891c7b925b6b
SHA1

1b7bf49d12f5a9bc61f09feb0e5d7a2d045cc1cd
SHA256

a29158eb8d65435a7f87236ded4e06cc5a53887f53bb4d8b6684350d636d2e00
SHA512

389ad687a3bcaca7ea395da9d32959e2c9d77c850038bc3a89e06c7c4b9e4c03df691b0d2ae792aded5a0589524c721b5309c4f619b74d7167b26adbf5013770
SSDEEP

786432:oAHijawh64nyrfAZigQ+lyLdapj6+TiaQHklStwB5EmFIsbS0zQx223JPMSw43UJ:oANwfyLkHui6BagkfBXIfQwJESEJ92pE

Score

7^/10

pyinstaller

Malware Config

Targets

- Target
  
  AutoGpuAffinity/AutoGpuAffinity/AutoGpuAffinity.exe
- Size
  
  9.5MB
- MD5
  
  7ff1b350471b74b4d1761346ced3bf4e
- SHA1
  
  f22183fe77d1718350262f70d324c5c6e3872ae0
- SHA256
  
  b15e43031731b76a403b2a3caf193fd1ad4fafe77b1e550b473a1f4d4839b29d
- SHA512
  
  00304d72dd0ba76c8b11d93e847e69267371bb6b40e082fec91590dbd258427a89272507d64f38883b1248972f5c2ea3f875932582f62ecc8b020ede0164add0
- SSDEEP
  
  196608:1sz0sKYu/PaQVBlibbtc19onJ5hrZERkB2WZufOuD9LjjNWKKy1IrpDhm:qQVBl8btc19c5hlERA2WmfDZ3URoUd
Score

7^/10
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  AutoGpuAffinity/AutoGpuAffinity/bin/Benchmark.DirectX9.Black.White.exe
- Size
  
  13KB
- MD5
  
  cd5d956992b52bbd7cf9211475cd4586
- SHA1
  
  eec4ea3ab71711080f40bc1b3995f1f05d5a8631
- SHA256
  
  cb0fdad6085a99549275d9101bcf257b1b5a23099a9d2ba1b766cc4481927aec
- SHA512
  
  e71cf38f8ecc606ed37740af1223d245c2138fa9b8178f59dbce540b53cd87585c73be3d824f3bcf6929b1f9774b1eed029fe6016080ead290dac01df1784aed
- SSDEEP
  
  192:Roqziw4c2QKb4AFMreWUtyKhihdgqiaau3Q5tfkcD:Ko4c2QKb4VrJUt60i93
Score

1^/10
behavioral3 behavioral4
- Target
  
  AutoGpuAffinity/AutoGpuAffinity/bin/PresentMon/PresentMon-1.6.0-x64.exe
- Size
  
  444KB
- MD5
  
  8b6603deb94dc3d3209e5107886da308
- SHA1
  
  e9b9b53fec93edc60da33727e37f33a7164a1441
- SHA256
  
  b9dc19a5bbcd3c1a281ffb90f9926165baf0e7a0a74bd2b1e5a2dfa7a317042b
- SHA512
  
  51074eb46ad9c70c808085ff092d155fb432c707d6c8f9c85984baaf350087adccd35f38f16dcee3ac972271aa6ecc9a09c6a8cec00eb3e4357bacffec314fb7
- SSDEEP
  
  6144:YEvnPwHlG2CUOukoy/pxJFxD1Ngh2WYLOIeGzyXOmdFf5ILgh7uSXF31Om1lgH1N:EG2CKkBJq2WGOIeTHnh7NE
Score

1^/10
behavioral5 behavioral6
- Target
  
  AutoGpuAffinity/AutoGpuAffinity/bin/PresentMon/PresentMon-1.8.0-x64.exe
- Size
  
  311KB
- MD5
  
  1f3a9e2b9bbf1788947ebd472b0509f1
- SHA1
  
  4e0a9951b4db4d7b2664563f6263ffb278ace5d6
- SHA256
  
  b06f7c48de24b43d5d73f289a95da86c3fe78689db13b72e0fe96535695b7ef9
- SHA512
  
  e0c832266f25760d0c5e1af6ef8206f3368dfd3f91f8544a5d6042a6fef1fe86bc46fc6d10fac18482060cca7b859c2f731c3572c71d8442d00faf469fc3baee
- SSDEEP
  
  6144:FB7CAKFacnshr9HBePN/6gEVS1RKp59lPrQ8d35YK:iAKFRg9HBudEVS18N2y
Score

1^/10
behavioral7 behavioral8
- Target
  
  AutoGpuAffinity/AutoGpuAffinity/bin/liblava/lava-triangle.exe
- Size
  
  1.2MB
- MD5
  
  8c30b8aae84b38e3041ab4b30b56762e
- SHA1
  
  517c58a01f7cc4aa1382be6c2e987d5a61ed736a
- SHA256
  
  f50894606ac5e5a2533147c09acf29eb622efd640cd718147f136502889b715e
- SHA512
  
  48c08c7d3f39a4dce2a1c6562f07488a3b3c16da72b533a93383a2898f28316256d567f543ec30aba817f31db9b18ac8fdfe5a0cbd1b0dc55f398879db58c19c
- SSDEEP
  
  24576:eD5CFotM+3jroaxsMZ24I8IggoJvHnnT:PFyM+3QMt9IRaHn
Score

1^/10
behavioral10 behavioral9
- Target
  
  AutoGpuAffinity/AutoGpuAffinity/bin/restart64/restart64.exe
- Size
  
  73KB
- MD5
  
  297aa19bade534a791d053ca190b74ad
- SHA1
  
  15cb6a33994f75fe9e30a2afbc8a7e4616b63962
- SHA256
  
  5f779bb822aedaf5bd11693cdf73f6c7c3342f37371a78c07c2aca1e15dbfd00
- SHA512
  
  df883950c598f31b81f22a68b2a9fed7459dcad5084ec6e39399658b0492bcc458d9fc5bb80fda6bc994bed3241f969fc67a0b8e021fb82b040455d64776c625
- SSDEEP
  
  1536:8vXMJl7uRupZzidl/T+Dnx86Rpy4roKsIrryeq3OTM:8vMJl6RAZu/T+7x8qpRM8rNcOTM
Score

5^/10
- Drops file in System32 directory
behavioral11 behavioral12
- Target
  
  AutoGpuAffinity.exe
- Size
  
  9.5MB
- MD5
  
  7ff1b350471b74b4d1761346ced3bf4e
- SHA1
  
  f22183fe77d1718350262f70d324c5c6e3872ae0
- SHA256
  
  b15e43031731b76a403b2a3caf193fd1ad4fafe77b1e550b473a1f4d4839b29d
- SHA512
  
  00304d72dd0ba76c8b11d93e847e69267371bb6b40e082fec91590dbd258427a89272507d64f38883b1248972f5c2ea3f875932582f62ecc8b020ede0164add0
- SSDEEP
  
  196608:1sz0sKYu/PaQVBlibbtc19onJ5hrZERkB2WZufOuD9LjjNWKKy1IrpDhm:qQVBl8btc19c5hlERA2WmfDZ3URoUd
Score

7^/10
- Loads dropped DLL
behavioral13 behavioral14
- Target
  
  bin/Benchmark.DirectX9.Black.White.exe
- Size
  
  13KB
- MD5
  
  cd5d956992b52bbd7cf9211475cd4586
- SHA1
  
  eec4ea3ab71711080f40bc1b3995f1f05d5a8631
- SHA256
  
  cb0fdad6085a99549275d9101bcf257b1b5a23099a9d2ba1b766cc4481927aec
- SHA512
  
  e71cf38f8ecc606ed37740af1223d245c2138fa9b8178f59dbce540b53cd87585c73be3d824f3bcf6929b1f9774b1eed029fe6016080ead290dac01df1784aed
- SSDEEP
  
  192:Roqziw4c2QKb4AFMreWUtyKhihdgqiaau3Q5tfkcD:Ko4c2QKb4VrJUt60i93
Score

1^/10
behavioral15 behavioral16
- Target
  
  bin/PresentMon/PresentMon-1.6.0-x64.exe
- Size
  
  444KB
- MD5
  
  8b6603deb94dc3d3209e5107886da308
- SHA1
  
  e9b9b53fec93edc60da33727e37f33a7164a1441
- SHA256
  
  b9dc19a5bbcd3c1a281ffb90f9926165baf0e7a0a74bd2b1e5a2dfa7a317042b
- SHA512
  
  51074eb46ad9c70c808085ff092d155fb432c707d6c8f9c85984baaf350087adccd35f38f16dcee3ac972271aa6ecc9a09c6a8cec00eb3e4357bacffec314fb7
- SSDEEP
  
  6144:YEvnPwHlG2CUOukoy/pxJFxD1Ngh2WYLOIeGzyXOmdFf5ILgh7uSXF31Om1lgH1N:EG2CKkBJq2WGOIeTHnh7NE
Score

1^/10
behavioral17 behavioral18
- Target
  
  bin/PresentMon/PresentMon-1.8.0-x64.exe
- Size
  
  311KB
- MD5
  
  1f3a9e2b9bbf1788947ebd472b0509f1
- SHA1
  
  4e0a9951b4db4d7b2664563f6263ffb278ace5d6
- SHA256
  
  b06f7c48de24b43d5d73f289a95da86c3fe78689db13b72e0fe96535695b7ef9
- SHA512
  
  e0c832266f25760d0c5e1af6ef8206f3368dfd3f91f8544a5d6042a6fef1fe86bc46fc6d10fac18482060cca7b859c2f731c3572c71d8442d00faf469fc3baee
- SSDEEP
  
  6144:FB7CAKFacnshr9HBePN/6gEVS1RKp59lPrQ8d35YK:iAKFRg9HBudEVS18N2y
Score

1^/10
behavioral19 behavioral20
- Target
  
  bin/liblava/lava-triangle.exe
- Size
  
  1.2MB
- MD5
  
  8c30b8aae84b38e3041ab4b30b56762e
- SHA1
  
  517c58a01f7cc4aa1382be6c2e987d5a61ed736a
- SHA256
  
  f50894606ac5e5a2533147c09acf29eb622efd640cd718147f136502889b715e
- SHA512
  
  48c08c7d3f39a4dce2a1c6562f07488a3b3c16da72b533a93383a2898f28316256d567f543ec30aba817f31db9b18ac8fdfe5a0cbd1b0dc55f398879db58c19c
- SSDEEP
  
  24576:eD5CFotM+3jroaxsMZ24I8IggoJvHnnT:PFyM+3QMt9IRaHn
Score

1^/10
behavioral21 behavioral22
- Target
  
  bin/restart64/restart64.exe
- Size
  
  73KB
- MD5
  
  297aa19bade534a791d053ca190b74ad
- SHA1
  
  15cb6a33994f75fe9e30a2afbc8a7e4616b63962
- SHA256
  
  5f779bb822aedaf5bd11693cdf73f6c7c3342f37371a78c07c2aca1e15dbfd00
- SHA512
  
  df883950c598f31b81f22a68b2a9fed7459dcad5084ec6e39399658b0492bcc458d9fc5bb80fda6bc994bed3241f969fc67a0b8e021fb82b040455d64776c625
- SSDEEP
  
  1536:8vXMJl7uRupZzidl/T+Dnx86Rpy4roKsIrryeq3OTM:8vMJl6RAZu/T+7x8qpRM8rNcOTM
Score

5^/10
- Drops file in System32 directory
behavioral23 behavioral24

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Drops file in System32 directory

Loads dropped DLL

Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24