c12c9bb19d17f63cd8595b9a88c2c6913f6474c9d4c8b462e1dfa32a0f112535 | Triage

Sharing

General

Target

FA AntiVira.zip
Size

100KB
Sample

240603-z3jf4ahd3t
MD5

90f7ef65a0cb693b066ca6bd02f53343
SHA1

ee3df3bfb0cf844aaeb615170457bee55686d1f3
SHA256

c12c9bb19d17f63cd8595b9a88c2c6913f6474c9d4c8b462e1dfa32a0f112535
SHA512

896c08ed0746e4a23515ce81252d3a41db4b1f556e3b898060a3df38632d42ad96ad9cb5c8663d48d880feb447f95ec64fde5b9b2db554e0617108dc04cce3f3
SSDEEP

3072:Hmwg9XQKGRFN7oOThhtGvWT0FJOKoHHigliNB:G3AKYKOeWoSHHDY

Score

7^/10

execution

Malware Config

Targets

- Target
  
  v.1.1/FA Installer v.1.1 .bat
- Size
  
  45KB
- MD5
  
  a8cf0b50a3f3df3e4fc55e2c9ecdddaa
- SHA1
  
  882b09a0f73a609f24f4cdb934ac302af832094f
- SHA256
  
  7f8327b3d6aeecb76a3fbe49c23633a5477f85e322ed1c1fc37225266b428f73
- SHA512
  
  9923d012c51c09bdff94fff6c307c433f60d9448b3e689c57aeb523b4f6a54858e8e5d72eeab9650f29c7ee2e47dd54ad447ec34ac1017fcf9ce732491dcb979
- SSDEEP
  
  768:pfidnSP9zSgqnrT9AHuhUcKhnuxGTBmF5p8yJVS5LTf+iyy97+m6:ZRG9nf9tUc+nuxGIFwyKhTf+7Qaf
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2
- Target
  
  v.1.2/FA Installer v.1.2 .bat
- Size
  
  78KB
- MD5
  
  5c0d79069d6bf853f6aa44158b6ef945
- SHA1
  
  12b059f02b21a909d97c4b39f567a8bf0a76fc44
- SHA256
  
  52d4f97e25d579f78e016cb966dd48618780a3d51bdab7bf5632417d79e6838c
- SHA512
  
  9ec18b7dd96fe99ab7864269866bbf0cce8b2df2f04e2e21921dd98f239a262eb33e652c327819b9bbf4ac09abf5b5a74f69ea8ce0526d6aaeca6b4e12660fc2
- SSDEEP
  
  1536:FKBG9nf9tUc+nuxGIFwyKhTf+CQhyHAtQXtj01J4EyjgB:FoGJhyHAtQXtj01J4EyjgB
Score

1^/10
behavioral3 behavioral4
- Target
  
  v.1.3/FA Installer v.1.3 .bat
- Size
  
  79KB
- MD5
  
  0fd1873ebb0b210c90b07b2869392c89
- SHA1
  
  c6ec11cd5ec3fd247eb12518c78d5937302b233d
- SHA256
  
  63c010b0c5c7b649f8e64461b5cd83e996b0179c8d874f4847063a22c9c9e97a
- SHA512
  
  17c80c544e0d143d1ff466966260e9ff3fae13424b67aa94fed1ffb15a2719052c6e2534feb6cc922ac9fd46bc73094bffff22ae4a0f28c4e320dbb394d68111
- SSDEEP
  
  1536:kKSG9nf9tUc+nuxGIFwyKhTf+DxhbHAtrXt+01J4EyjgB:k3GDhbHAtrXt+01J4EyjgB
Score

1^/10
behavioral5 behavioral6
- Target
  
  v.1.4/FA Installer v.1.4 .bat
- Size
  
  81KB
- MD5
  
  37d42006922d718043d8576bcbba4f54
- SHA1
  
  bbb6a036ef8b05dae70fa9f9a3a4b98a7b91f709
- SHA256
  
  8491f71a082857e0b5875ef636b8d2b3f1d66b0510b622449b937075cfddced6
- SHA512
  
  28ae88a0de948737eb4843ee1bca19cc185a4fcd0472730d5316cac28d1396403db7ac8cfb94bceaca7e5ce0492bd23fe0d882e3c742fc868d85f5abe4c9ad98
- SSDEEP
  
  1536:XKSG9nf9tUc+nuxGIFwyKhTf+DxhbHAtr5t6EQM1J4Ey4fgB:X3GDhbHAtr5t6EQM1J4Ey4fgB
Score

1^/10
behavioral7 behavioral8
- Target
  
  v.1.5/FA Installer v.1.5 .bat
- Size
  
  83KB
- MD5
  
  01cb29916177e46315107b76be8f6cb5
- SHA1
  
  e218815f2e951604fe76af1e2fb5f0e3137c9a51
- SHA256
  
  5f010d661da950fb604ab5b004abe0980af6f5dffb1441df6ee054348b4490be
- SHA512
  
  7e2a2cab16a3e65744bbb616f81783bb8223f26708e851a7b172f4f0e298736f805e451c679b5edeb2ae68d3da04949f212f052babdd96f68a00b380575505ce
- SSDEEP
  
  1536:8SSG9nf9tUc+nuxGIFwyKhTf+DxhbHAtr5t6EQM1J4Ey4fg+5Q:8PGDhbHAtr5t6EQM1J4Ey4fg+O
Score

7^/10

execution
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral10 behavioral9
- Target
  
  v.Beta.1.0/FA Installer Beta 1.0 .bat
- Size
  
  16KB
- MD5
  
  f0e659fbafba45a0638c740476210ca8
- SHA1
  
  6bed33eb6ccdcca1518f383b3084a7fabe43fec6
- SHA256
  
  1c1e018fbba55e32f13531c22a5d89ff96d9c6c020fb467f293a27c6062709f3
- SHA512
  
  77e0dbf34455581b573ea345631969c5737af633a7ad73bafc64f2a85b5af8bee6626dab2fbe8a52d367d12d65b37073d2de18f9d6a100a69566cda0e9b4e826
- SSDEEP
  
  384:tQDjQEG4+P7r7PenrT9AHuhUcKEYK43x4quMRLy:iDEECrqnrT9AHuhUcKhnu1
Score

1^/10
behavioral11 behavioral12
- Target
  
  v.Beta.1.1/FA Installer Beta 1.1 .bat
- Size
  
  32KB
- MD5
  
  e81a27a38a504aeccf0c60a38b857222
- SHA1
  
  53cff2aca3da733c98eae09bc8cb166c1cb08e14
- SHA256
  
  ee229ae04f79791cdb9f786287414558d2152f44c98ca752c1289ded64bf7331
- SHA512
  
  842fa060035cc9363890f53da66a96d5d0ebb5054780d4dfbf7308ef2c29f9b2c7dacd42c7479f8730ee9891f02e24552ece1246157e594aff16b2decc0b926a
- SSDEEP
  
  768:ZVCSP9zYgqnrT9AHuhUcKhnuxGTBmF5p8yJVS5rTf+iO:Zc8c9nf9tUc+nuxGIFwyKVTf+1
Score

1^/10
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14