374e9db03970819ede98056b34b84154992dabf5c401c9cd4d5280f5eafe9d02

Sharing

Copy URL Twitter E-mail

General

Target

374e9db03970819ede98056b34b84154992dabf5c401c9cd4d5280f5eafe9d02
Size

1.8MB
Sample

240607-jdqwwacf4z
MD5

7f4163b09c2ce2d343c5713cb52b4af1
SHA1

429583d40ff75a833ab72c54e8edc9576ebb9455
SHA256

374e9db03970819ede98056b34b84154992dabf5c401c9cd4d5280f5eafe9d02
SHA512

9a8f90231527b8d529942a6b4ea82af9b96bddc077e27d9c236c94aa2af5e5f2a6a2b3ca682321d88c1337eccd325c9da9e5d33487cdcd1761e270f752c80457
SSDEEP

49152:3olvmehC5I7hjyWUeSLaXC8DOy5rNj7zA7DO4Q:3olvmO+I7VysJPxiDK

Score

7^/10

Malware Config

Targets

- Target
  
  374e9db03970819ede98056b34b84154992dabf5c401c9cd4d5280f5eafe9d02
- Size
  
  1.8MB
- MD5
  
  7f4163b09c2ce2d343c5713cb52b4af1
- SHA1
  
  429583d40ff75a833ab72c54e8edc9576ebb9455
- SHA256
  
  374e9db03970819ede98056b34b84154992dabf5c401c9cd4d5280f5eafe9d02
- SHA512
  
  9a8f90231527b8d529942a6b4ea82af9b96bddc077e27d9c236c94aa2af5e5f2a6a2b3ca682321d88c1337eccd325c9da9e5d33487cdcd1761e270f752c80457
- SSDEEP
  
  49152:3olvmehC5I7hjyWUeSLaXC8DOy5rNj7zA7DO4Q:3olvmO+I7VysJPxiDK
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $0/ArchiveUtilityx64.dll
- Size
  
  150KB
- MD5
  
  4fc9464d17d23f6540419a5fc496d8b8
- SHA1
  
  b14c769ddaa2fa9681703fe4db0060f253baf051
- SHA256
  
  e4636b0971e7c1af61d803cd1b0116dff6550348de42b47216321005c7cbaafc
- SHA512
  
  09affc1c17d0b2b2e3a32426922abdec78eadccc222b4226b48f972d425c02d000f9cf9c0b0460d29af39f5f171116ec825e9f382f3f4533551aba2a0053234f
- SSDEEP
  
  3072:HAZpz3eQkXBlJ6pM91zgrn4oul5ntwc6sOct7B8OP8cxH:HAvzD6l0+1grn4htOOUa
Score

1^/10
behavioral3 behavioral4
- Target
  
  $0/Microsoft.Win32.TaskScheduler.dll
- Size
  
  341KB
- MD5
  
  9f85d45874f35133bf0d57c0c782c75c
- SHA1
  
  4baa15af5994154e48bdb6d3c14a2023fe5eaf9e
- SHA256
  
  739487819a3f9691db5ade1622fd68925c4a2165ed42f13c6bc266fb097ad749
- SHA512
  
  83c3d100b3d746f31743130b19c45384312bd17cc37cb80e18e1a67e51ce1c258b3dff1d96a56ab0082fe830948bcabe7ee17b976b803cec9d2748171574d0c8
- SSDEEP
  
  3072:h1sSJApTSnQU/x0ImhuDzHfs4zbYOjujDRfygDgKQINXLLHIaKlay8weCycJ5Dfy:h1sSmRIt/xhtsOju1DH5NXnIKAchNUe
Score

1^/10
behavioral5 behavioral6
- Target
  
  $0/RAVEndPointProtection-installer.exe
- Size
  
  531KB
- MD5
  
  669e4e81a5618a7fffeab4b985ce1120
- SHA1
  
  b121199e075c68fb29c401b4a46d5c636c386c06
- SHA256
  
  c75abeb794038a9c303115cf5b779c3c011ba03b0e26e7bbbe4b36126788b341
- SHA512
  
  aee9c4a00c99b70aee19539afad8155cacc5da4070c01255c4ac68eb0df90c6605b6f70ff41f4b3074374b017ca6480c6a72bdc9e50a3869f3de435705c5e164
- SSDEEP
  
  12288:peZFVgIQtZM1A0+Nwhq3drtgZAPe4ZzLSZWs8XlK1Xe:MZF661A0ue8lmZAP3ZzLSZWsklcu
Score

1^/10
behavioral7 behavioral8
- Target
  
  $0/System.Data.SQLite.dll
- Size
  
  362KB
- MD5
  
  07b913c3acc9aab8623d67b546825d2c
- SHA1
  
  6aae5db6301c1ff4860a786f9a53f9ff33606b04
- SHA256
  
  4c8376331f89e3220bef6c642e238962ba703faebd83f75945eb1ff8bdd7fa17
- SHA512
  
  b0223e2634951f0640f489e6a5de538fb8d7d14045df36f828e7d9335f3c4fa4944a1f7455b5ffc2fd865d130559a7c724f4a1a8806ae6c27e29714e6cb8d12e
- SSDEEP
  
  6144:druNWxFaLx73+nRo2GGmZ2CRGpAM3JUGuT5up6zOPLyU0SJFNFaFeFOFwcGF6cmo:gNWx6xz+nRo2GGWHQZMaLyJSJFNFaFeV
Score

1^/10
behavioral10 behavioral9
- Target
  
  $0/System.ValueTuple.dll
- Size
  
  73KB
- MD5
  
  04f4ee7317fd64344ce4b243602fc68e
- SHA1
  
  2e4ed60ef386bc22d7d189c10b009df994693c63
- SHA256
  
  c3b8c0002079f67f72a435aad88dfde9db4dccddaf90ce69160dc67a2af37721
- SHA512
  
  f251064bec15206ee2f9850a3d33d4c73d909451bce2be06d08dc8477128240d4e94869bbebcab865219317d41e064285f730b631f25f37998c429bf2810fd7c
- SSDEEP
  
  1536:M784YWau8lqubx6WxXLA+o2SLFyEdux136ytgHo0AuresehSAW9bP8FRPxU:M7NV8v36tI0XCKAEbP8fxU
Score

1^/10
behavioral11 behavioral12
- Target
  
  $0/cs-CZ/RavStub.resources.dll
- Size
  
  12KB
- MD5
  
  a8e745358369b55bf8cae8106e9e6f0c
- SHA1
  
  2c43d584d8d60a3e0c3b64d56b0ba9ebf9973c44
- SHA256
  
  c137dca7205857fb7f1a98dc9d770c3bad3633bd1250d9e438929c5138b88749
- SHA512
  
  6f332dc0fe9762f866cc22377e1e243746b5faed3848dd2eea517f2caba65d0825351813ddb8d752482b58c6003aaf0a95293ff591a5c3091220c64262a758a0
- SSDEEP
  
  192:gAWZ4c9TX/G6Nui2xtBIVN2pAV7W2CLAdPXzb+3s3vk3UmVnJkYUECd1Vl7Iru+L:gAWGc9TX/yi2xtBIVN2pAV7W2CLA9Xz+
Score

1^/10
behavioral13 behavioral14
- Target
  
  $0/da-DK/RavStub.resources.dll
- Size
  
  12KB
- MD5
  
  ae1aefae74fec7a1c28063282e18adff
- SHA1
  
  25b586a646c0df40df3de1b78f13d0e177cac6a4
- SHA256
  
  e2a45c3bf5be59dd1624db6bb9e416cd8d7b4a0215443f3d5581a8af455863e4
- SHA512
  
  b74a713cbd8c454073f8bb856ed521fc95acd8b94b79f8f433534585ffc94cac6b0d6d2bf04e9604f0084438a93e9d0076b103b1fe6a47ccf3b449cc45ee36b2
- SSDEEP
  
  192:s+AWZ5zl2eGAZxBLxaRaBT0OibW3MvrPS1dZP3UcALXjAUwMXrAfeMA7AWmBHYb1:vAWnzl2eHBLxaRaBT0OibW3MvLS1DPHo
Score

1^/10
behavioral15 behavioral16
- Target
  
  $0/de-DE/RavStub.resources.dll
- Size
  
  12KB
- MD5
  
  dfd3fb698313d94ee83d6de74601adf5
- SHA1
  
  8afed5d99a8254d1970b2b5387e0c927a2746fdb
- SHA256
  
  f8193a6ca49bef2b04eef41be3c364e9f121877c324d822c4014a991d036c84c
- SHA512
  
  d0058b90d02a89baa51d01b6b1d165b5413633f6b17ec9a433e542dfeeb27ba4abf2da622752c8f1f94c609606cea0be52d3cc57da5a91708a47691a30e48875
- SSDEEP
  
  384:CAWkYpn3gboNx320E3bsrwJTRwqO43OPGtL3+yFdmyndL3s8i:dWIENh2XOQcGFO2dmyndL3s8i
Score

1^/10
behavioral17 behavioral18
- Target
  
  $0/de/Microsoft.Win32.TaskScheduler.resources.dll
- Size
  
  9KB
- MD5
  
  f83d720b236576c7d1f9f55d3bb988f9
- SHA1
  
  105a4993e92646b5dbb50518187abe07ca473276
- SHA256
  
  6909a1c134d0285fba2422a40ea0e65c1f0ca3c3ef2b94a1166015af2a87780f
- SHA512
  
  fd8a464f2bc9d5b6c2efa80348c3a9362f7473d4d632b2addad8c272e8874e7e67c15b99b67e6515906b86d01d57cd42f9f0f1e9251c0af93a9391ccc30e3202
- SSDEEP
  
  192:0MiWWNv/jzSENtqcadVl8PandjJUf7ZJSqSi/ufP/1S5rxg0XWr:0D1Nvb5adVl8P2djJMZJSGu3A5rxg0Xq
Score

1^/10
behavioral19 behavioral20
- Target
  
  $0/el-GR/RavStub.resources.dll
- Size
  
  15KB
- MD5
  
  7a7ddf2e84d9f4d4d6a969104fe9a7d1
- SHA1
  
  c4b716ede6400c6022d8efc9606a7c8b40c661f3
- SHA256
  
  1a13e9b8c542763a050d4ed262586d756066f9f0e255cd58e50858fd4f970429
- SHA512
  
  38e9849ba31759c6549092655a2ccf152c3927dde9b8354eebf2a9561a1e473d33c3252e281a4bac0687f2b6d79f92313c1d7aeb59be4d25595d5e1798d15548
- SSDEEP
  
  384:kAWhBf+X6RExXZ4S5VKGieJVhzGJQvp3Er+PMvozT33s8M:rWRREBZ1w6p5PMvMb3s8M
Score

1^/10
behavioral21 behavioral22
- Target
  
  $0/es-ES/RavStub.resources.dll
- Size
  
  12KB
- MD5
  
  794c44acf14c7b435688fdddba975477
- SHA1
  
  d321115153c8d5c0e043aaf04639ce5418bb217a
- SHA256
  
  4cbd815c73680d62696e8c4a62d34398678378004df4fde3f58fd0f4fb1d80b4
- SHA512
  
  5dd27c29b6fd8de0096a6bf577a6ecb3b53f9cf197a963b02d0995b736a08304230f0c84023a3eb7a29d04e641cdedb73d921477847b2635d238c00cf64cb77a
- SSDEEP
  
  192:bAWZ2XLtQmG/ocC7gx1Mwa+1XbYrW8l6vdP1cheAsU3bsrwRlhiYwEHU4dIyrokf:bAWYLtQmSC7gx1Mwa+1XbYy8l+918eAr
Score

1^/10
behavioral23 behavioral24
- Target
  
  $0/es/Microsoft.Win32.TaskScheduler.resources.dll
- Size
  
  10KB
- MD5
  
  15db634b70d6d9d6cd41baae3f02eb14
- SHA1
  
  1456ffe09df896271a746f9cb40a230f188ad397
- SHA256
  
  e893c6907da8d68c03b1a10e68b554ad5a8c0533f15912106f32e925f2beabf0
- SHA512
  
  1230e5368d4dab9776d57056993669327e95fe72e262efa541ed5d43abc1bcd3618db13b6bd6b3a27da053c103e3fb647eae759ccaeb443f7d9ffd1ecaa1122b
- SSDEEP
  
  192:r0WWNv/jzSEStoC1vxx6hUltfxx+BE00cUnAP9115rxg0XWr:r01NvbGVxx6hUltfxgE00cLF5rxg0XWr
Score

1^/10
behavioral25 behavioral26
- Target
  
  $0/fi-FI/RavStub.resources.dll
- Size
  
  12KB
- MD5
  
  e9072b811e18aa6d14997a344a88de0d
- SHA1
  
  94b59dbce0e242415b543e8e16857968eccb7dda
- SHA256
  
  6e92a2027ba180074cd183652e3ba6074fc9d1103a7af0abb05d21230b0785b5
- SHA512
  
  dc905cc7a48926eaf5886db0a17c03914b113661e1247e72beaae224a1a2c668529c542a367b21b51bee6f486c590dab7b6d6b132635aea1a00de682ccabf425
- SSDEEP
  
  192:KAWZ5VctwGeJszihxP5jrDd0WONMy9RPVEF3F4x3LSjVwzrJzfPWCiqxskBbHUic:KAWnVctwnOihxP5jrDd0WONMy9pVEpFH
Score

1^/10
behavioral27 behavioral28
- Target
  
  $0/fil-PH/RavStub.resources.dll
- Size
  
  10KB
- MD5
  
  19ddea1549286862797b7d7f67d7c898
- SHA1
  
  7abfdcedb844e1afdc3fbf6d67d2b7abb21f3160
- SHA256
  
  0c78510c5fba6b7763022ceccb527fef3e796b6d78a658d2289a87bd80281c56
- SHA512
  
  3f72772b222f9fb390c580e1b0bf1320ca8206661da1cd858a899846138503122fd7f283e1796333f89e537b643c2f4f66e94fa6bcce4902beb48c9422bc9e8b
- SSDEEP
  
  192:a0Zne9hwoGBjeCipxwU6LOl+DDUbqN4PPjjDr8d30LfmJyXOhZCa2m5sml+T9lml:a0Y9hwoEipxwU6LOl+DDUbqN4Xjz8V4U
Score

1^/10
behavioral29 behavioral30
- Target
  
  $0/fr-FR/RavStub.resources.dll
- Size
  
  12KB
- MD5
  
  fb45477a3bf263d7333184fe860d13b7
- SHA1
  
  4bef84b74a439763be66dafa49f6e478838124ab
- SHA256
  
  17ecf18535d361e03532dc58390d6b7c55f8c09e830ae6c970b27b69386519a0
- SHA512
  
  cc1d4f3033c97d5c49ef53154f364b69d041d34af609adbf82306471ecbbeb6352549f99f38e564c9e4574b9401ad533f7836b7daca7a3b1975d09d46077693a
- SSDEEP
  
  384:sAWncid9ZZXxYj9rYgfBudAExPjjyLqfjXahGY7uX03s8P:jWVZXeje3eLEjXwGY7uX03s8P
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32