2ecafd8cc31c43c6eb82587850cb21e2748f2d88e92d94792689fade5555823e

Sharing

Copy URL

Twitter E-mail

General

Target

primocache.zip
Size

7.2MB
Sample

240526-ves86sdc5x
MD5

d2413f6036234bd528444e444c7fdba9
SHA1

e855031211be8a2c1fde6a180f29873d0167b4cb
SHA256

2ecafd8cc31c43c6eb82587850cb21e2748f2d88e92d94792689fade5555823e
SHA512

5e53d07ca405fde84a6c6fa49180c675bd212ac1904520efb0f02ef8db791915b884f57300ebfb3a7a61a97ce9879794a24c0c8a54430eb86962489e733ae231
SSDEEP

98304:XqoS7ffvDxs7dRdGtRrHqoSCG41cmQBqxe3tSXvAv5qbuNG4hfdE9Xqt9JdbCZQH:afNIcSv41lSSXvAvBF+Xqt922ma06n5

Score

7^/10

Malware Config

Targets

- Target
  
  PrimoCache/PrimoCache_Srv_Setup_4.3.0.exe
- Size
  
  7.0MB
- MD5
  
  6eef34fcb55dd0b46686bb4ff4b9af2a
- SHA1
  
  b1e36aa97e0e7961a22c36074043776831700ac9
- SHA256
  
  72272ad5a44142416f124e206a689c7d92b7fa1cdc6efb2e3388343e75d2a0b2
- SHA512
  
  172c2c9abf4528efb0d06d3a4ad304eca4d555cbb171b5847d3ceccba7777964aa9ba4daed05e55b2dffe360a932885c790f3e9586b0049696652ef07fbbdf17
- SSDEEP
  
  196608:dxV2Vn+IH0xBSz/i0zaxByF8+IGVC3WnOxdXQ8sXdZ:dxV2Vn+IH0x4zasa5eC3ucC8sT
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  PrimoCache/reg/CmdColor.exe
- Size
  
  96KB
- MD5
  
  6e54e2184be6bd8f45635a527f7eecd3
- SHA1
  
  e67328040eb9b6729017f2acb3203b2c42fcd156
- SHA256
  
  e46befb51126a087f69603c92083d1f76dcbf97a598d604b9784dc3ac64ffaf1
- SHA512
  
  7f750551dba011066eddc6a3d454531c7df08128086e1e68cc74e5a7c1ca0273d9c9a666d30eb3b433f3c113e40c45142a341888d61450cae3c311397553acc8
- SSDEEP
  
  1536:JEFfH/RpufYadbDyWEJrCZT5aCt9W2CpN8h7Kk7ord:JqffkYcbD1E9CZTr9rsSKEoh
Score

1^/10
behavioral3 behavioral4
- Target
  
  PrimoCache/reg/drv.bak/win10-11_srv2016-2022/rxfcv.sys
- Size
  
  165KB
- MD5
  
  473b8adfbe072b7801769aaa4737db33
- SHA1
  
  f3a89a15270781900d07e863e03bebe6218000b6
- SHA256
  
  3cd21708c94b637c524d2fe229efe9fc746a78c8d548cf5c3a4d982eb43df1bd
- SHA512
  
  efa183644bc7e5b9b27cd831d7d9251721db0f7e37da1a03b8494ec77bd3d8a806b02dd6b4df02391b60e43b245ddd799e23f382f146a40d415124402fc1d3c9
- SSDEEP
  
  3072:sx2wCHkf+Lre/d+I63SWnkB3pmdtgKQz25pwEo1M7hmdZC88vxPbS:OZWLa/dftWkCOEpsZCZvtbS
Score

1^/10
behavioral5
- Target
  
  PrimoCache/reg/drv.bak/win7-8.1_srv2008-2012/rxfcv.sys
- Size
  
  200KB
- MD5
  
  f834c1bc19620d2b8bf580e9c6ae09ff
- SHA1
  
  0ebfa5a36545d4b3c11bbd174ceb4ba5531099b6
- SHA256
  
  28c88793e56daa5485f29f113067da7be7cd0fb8fdff53b90c104f5b2bfb38bf
- SHA512
  
  1f36feae302c0f84f66075033809e7577e804cb71db94ed97739a5645e21e1f3464f4be3498cbfd0ee4e2eac20051105f039c787d4b16abb40339c079770cd47
- SSDEEP
  
  3072:MdRr4yLesbdhK15nv8YrQGCgWuJazDFMFHq+zAlddMunTaLQ94X05Y:SHeQdhe5vLSFgHP0ldiLQ94ke
Score

1^/10
behavioral6
- Target
  
  PrimoCache/reg/drv10/rxfcv.sys
- Size
  
  175KB
- MD5
  
  addd5f744b04737d236cd0bc042ee004
- SHA1
  
  45633006e207ab1e5b7ace73aab08ccf3c83f1cc
- SHA256
  
  c97f9bcac30e7c2c29d9b49a0fd192b8722fe041536b66b817f31d47449a2227
- SHA512
  
  7fbfdf38e3855eb72b3695881cf76bc86ca352eed7109b73c7367ab26b6d15cfcc45ac3d303925f0ad2c069d8730f98704703ba45597704e9002361f25dae734
- SSDEEP
  
  3072:Wx2wCHkf+Lre/d+I63SWnkB3pmdtgKQz25pwuo1M7hmdZC8Ae+Lx5:wZWLa/dftWkCOupsZCyy
Score

1^/10
behavioral7
- Target
  
  PrimoCache/reg/drv7/rxfcv.sys
- Size
  
  206KB
- MD5
  
  c95e180cb42dae6251585e8ffa868df6
- SHA1
  
  ae2aae8801d55452c22f77ddd9841d37f1c833f2
- SHA256
  
  67e75ec4f543140da115c0ed6e6e37b36b03bf7461906714e20d37e29a3d7f97
- SHA512
  
  8d4e40a0551abb35332dc951086555df53c8998bcbfb1d3840fd89e5d8fa94c6af24ff63bfd328abb47464d3b2913e254d4dd38184b9407d4fd7d450a3e1f0d7
- SSDEEP
  
  3072:dl6FOFh0PWZO5AMxHXc46ntszVjz3xbRgjSHneq+sTsDJmD8cV/Pkz:3pr0PWZ+x3t6tMJz8+Hr+sCJcV/P
Score

1^/10
behavioral8
- Target
  
  PrimoCache/reg/install.bat
- Size
  
  3KB
- MD5
  
  b80700284242156e058405a7a5dca822
- SHA1
  
  55f0ac2603e25b148d4c2c50bb0ba3519ac0f041
- SHA256
  
  899cbb3e5f112987bd4d98b032c27735c87d5266b17e737d86a7e913c3e5d711
- SHA512
  
  d73081e80d8c96bf3287ea65a439e4bdee0ab08bb91733825934437f51619cdcf96cc311cbc567c2e2c690f087dbfd9cb325a9d9d2afea7db4418854978554fa
Score

1^/10
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10