3c93d8b1e69fab840a52746dc183e2bcac113cf1f05bd558a689c0bb5f24f4aa

Sharing

Copy URL

Twitter E-mail

General

Target

CADe_SIMU V4.2.rar
Size

18.3MB
Sample

240611-r8kmca1cjg
MD5

ddb463dac1d48d0537b95ee4d7495b0f
SHA1

b3595f2675b0f0dccae5f0e73594f113ab9849b4
SHA256

3c93d8b1e69fab840a52746dc183e2bcac113cf1f05bd558a689c0bb5f24f4aa
SHA512

b2b2fd9955a8470e793d28c861cfbfd8253e9a07ec6bb5e808e0fadf63f07198ce4df6d709cfd56c2a718a1b091ccb10122c14dd4985419685afa9a970e09a12
SSDEEP

393216:utTGhryhDpYNQHf08cT8HaaZOL1SbQxPi7Uvlsujm/0n7eM6rAgizTYLm:uZGhr+DpYs7aqOZO82ujyK776caS

Score

5^/10

pdf

Malware Config

Targets

- Target
  
  CADe_SIMU V4.2/CADe_SIMU_V4.0.exe
- Size
  
  44.7MB
- MD5
  
  8c47bb76c690cf4b08534ccc5b6df351
- SHA1
  
  512de7025584c803ba583fac956328b4f217fadb
- SHA256
  
  a5208930140862dd89bd01b1ee981fe0443235ccc9bf0119e7b2aee8f2fe8e91
- SHA512
  
  f9db18f9c4fd7d26a1f9c0b7f89ccba3e5711e7a343e536040ce2448867fd54a419b034846bbd1b437b82fce6ab3c86e7add7d89adb8d55834e175edbe8aca87
- SSDEEP
  
  786432:ue4+Bf1HkwCXU6W3PxoAeoWlW7qQZsL7n4s4B3H2MPs4+lI6pRT87MlUPEBkY9e+:ue4+BJkwv9nqSs4B3H2MPs4+lI6pRT8+
Score

1^/10
behavioral1 behavioral2
- Target
  
  CADe_SIMU V4.2/CADe_SIMU_V4.2.exe
- Size
  
  38.5MB
- MD5
  
  7133e92c7d8c1b965bd58ff03dd743f6
- SHA1
  
  65f34de74e4c0f1e8fd9e400ed9b698a8309ba35
- SHA256
  
  07df299e6892c2f1b6a66d19f96b1dce13523ced14d4f7807076f730680a4ffd
- SHA512
  
  e436f744a3f50d6e26b18e50e4d26c12041ed786f139a926af872e2327313e07e664d948a612e74679b1c84667d2fe84dae8c63f54d09881b98b36706b0f35b3
- SSDEEP
  
  786432:Ye4/h7VnUwS30aW3/BYQe4WlW76QZcL7nIs4B3H2MPs4+lI6pRT87MlUPEBkY9ei:Ye4/hdUwfdX6ys4B3H2MPs4+lI6pRT8i
Score

1^/10
behavioral3 behavioral4
- Target
  
  CADe_SIMU V4.2/MFC42D.DLL
- Size
  
  908KB
- MD5
  
  c60082fb1353f0ebe37a8362be4a496a
- SHA1
  
  bd741adac32bbc361222c76df3865d30b768e6cb
- SHA256
  
  3a3fa253ce80cf55027abc7918f8984057a94d1832302fb9893402aba9d35dff
- SHA512
  
  66e944ef70e14c7892ebcafff5cdf0123fb56ea833f03c609f3ec86f2ed856993acd0e9bf09511d9ca1cca80581251e6a271e20bcae594d7d07a063424c2e918
- SSDEEP
  
  12288:d57XJUz541hUabdgYtVvBIEukPnJA9TehluopDAh2aGxG/W8nw7D7xgjtbjHAL5:d124USt7IcnJttcheGJnw7/uBHC5
Score

1^/10
behavioral5 behavioral6
- Target
  
  CADe_SIMU V4.2/MFCO42D.DLL
- Size
  
  780KB
- MD5
  
  21a2c7a5d4f6d647005f5fddc378db89
- SHA1
  
  ce02b020e9ca9e7a6dd8515b0abcf0f5dbf99cb2
- SHA256
  
  c24f04b2bdcd9211e49853ec874c6d5c1bc6487b09c378d185aa37cceea5c4c5
- SHA512
  
  872f442ce3642f4f7b536d33a2c854495b91df30cbe03f1c35cc23a048a89a1a48b724b858850079a2bdf0a30d80cd0c144718e7a92d775d669a039e0c3fee16
- SSDEEP
  
  12288:zzhf/HP2VTuOGJyUIgX3b3z4UnjXHPzm3H4KaA+Id5l9Ijpzn6F:zRv2AyUIs3ouLHrr2jlCF76F
Score

1^/10
behavioral7 behavioral8
- Target
  
  CADe_SIMU V4.2/MSVCRTD.DLL
- Size
  
  376KB
- MD5
  
  2760781da57e727ba519af0139b4b1bc
- SHA1
  
  f378f53bb3da9d2bf5580bf5cbd9cc8e224f896b
- SHA256
  
  db39f55c12069c366e4d1ce73dc42fb76cd5587468182048cc11ecfedd518b9a
- SHA512
  
  2c81fc965874513e51d9730690e124e72f73b1c6b5e99e8eb493e8bb891e99c144422e838875cbab04b1382597ade9089768cd4cbb96b20aba0d953378c4a4ee
- SSDEEP
  
  6144:R4oS2r52o9Ee35JEBv3ksFdQv7UzMB+4IGU6niRiKW9DeiXij4XrDtr8k3MWiFJp:Rxr52o9Ee356Bv0sFd67UzMB+4IGU6ix
Score

3^/10
behavioral10 behavioral9
- Target
  
  CADe_SIMU V4.2/Nettoplcsim-S7o-v-1-1-0-0/bin/IsoToS7online.dll
- Size
  
  45KB
- MD5
  
  f9d48978385a006f1b6e1faf9c021fa3
- SHA1
  
  a2b3fc157c465af3ff3d3cd9b5f86a5ee2ecec46
- SHA256
  
  9667e6f87c1180e2ac79ad38397e7ecb7477a33fd62091a7f467ffa3765cbe4e
- SHA512
  
  8bab91f84d24d6e9d5fab99c85e2a63d7c6364ebe49510e661f99becb3ba22a98743969199b5a4ad503ba9024c9a844c73b9845eec8e59fca8fd78f8aa56d9c6
- SSDEEP
  
  768:cGbCowSCKx5dwkFKVbdVOhBtnhEGHhA+7z3YrNC7cgpza38Ey2hYnizNwfXt:zb3w9Yw48dskmzoC7cgpza38Ey26im/t
Score

1^/10
behavioral11 behavioral12
- Target
  
  CADe_SIMU V4.2/Nettoplcsim-S7o-v-1-1-0-0/bin/NetToPLCsim-Manual-de.chm
- Size
  
  457KB
- MD5
  
  d154072d182820d83adad497f261ddb8
- SHA1
  
  b58281c6d178996420dd6f8f504cbb892b7c6def
- SHA256
  
  6c3dc0a9e279152a3c9738578e676d2d1757107830e64551894996db41ad512a
- SHA512
  
  0670b119fbb29a56c3b83de65267b377443ed5221fb62132ec9c805fc3badd37570880cf5738b5b07a9c6b78c17f9b9c445dd29abc6cd6f247a8b13e0d04fbaa
- SSDEEP
  
  12288:S0PNxFG31EsanesT0OX01c+dVsX4Y33psutnYUJO5O:MXeesT0vcgsPqoCO
Score

1^/10
behavioral13 behavioral14
- Target
  
  CADe_SIMU V4.2/Nettoplcsim-S7o-v-1-1-0-0/bin/NetToPLCsim-Manual-en.chm
- Size
  
  454KB
- MD5
  
  9896212c55797644b26f455f08afc3a6
- SHA1
  
  91a8cd3597f5767f4bd5211cd51e880156b0ecec
- SHA256
  
  570df5675632bdf60850ab3785574f97d6996fe9a05b77cf975a7d35f9f9cf00
- SHA512
  
  342b347dc97d7e1931b4e573f85bd153d85e406ac750ba48aa83a1624169c75c8e5cb72486e5bcf32fbf9618b9abd2242ff0fbcbc9ffec225426cbeb68d63a64
- SSDEEP
  
  12288:mMmLAq7z4EyPJWA1cmDAL9IXGkSKC3QU7lnMaaa+:m1jzVyPJ31U9XNQYMtF
Score

1^/10
behavioral15 behavioral16
- Target
  
  CADe_SIMU V4.2/Nettoplcsim-S7o-v-1-1-0-0/bin/NetToPLCsim.exe
- Size
  
  67KB
- MD5
  
  70b3ec988c1abd3d148bb9356c2e805d
- SHA1
  
  0f2d0b7d52dde9d1738cce7c45508da2e1f1dbaf
- SHA256
  
  b8915a0e32c78c667d65781f521befacf00cbe24cfe1a132d251b6285f2073ae
- SHA512
  
  799ab571c3a521e7bb0f1ac47ef9578d7b00dcc1260625c86907136c7b67949795ac4a6d542aa427c60d96955b32a2cfaea10bbfe4f76a8e3a77c131b0ce98d8
- SSDEEP
  
  1536:XF/tVQ9FKBnerwTk+FFFFTF7FFFFFepmF3FFFFkFJQFFFFFFXFFkkFFFFLvF/FFg:XOFKBncwFFFFFTF7FFFFFepmF3FFFFkX
Score

1^/10
behavioral17 behavioral18
- Target
  
  CADe_SIMU V4.2/Nettoplcsim-S7o-v-1-1-0-0/doc/NetToPLCsim-Manual-de.pdf
- Size
  
  533KB
- MD5
  
  b96c98f8d501285d4e656e93a4c8f2a9
- SHA1
  
  68cb90e3673f34a81f7946751f591e2e58511f48
- SHA256
  
  0821c16d87e10ea843495e526910edc03334a1706537c9eb52705129cd5e7a38
- SHA512
  
  039abef054f0c6523426ba66f019d2a0a976605147a88f99c1c9057d62ce498784b514d3c387386e74fe343c49e2b540e05dea0276a08f05fb1b491631e35905
- SSDEEP
  
  12288:hSK3qMtRTtiIJKcyQjviT3pMCmqHHtsUxO+pkn9z3W:hSaq5IJHyQiTqo2Ux7693W
Score

1^/10
behavioral19 behavioral20
- Target
  
  CADe_SIMU V4.2/Nettoplcsim-S7o-v-1-1-0-0/doc/NetToPLCsim-Manual-en.pdf
- Size
  
  515KB
- MD5
  
  ec5c9a75bb6827cf43fbb35cedd82bcf
- SHA1
  
  a616127f9ed156163220c5d4c0e0124c184a0e73
- SHA256
  
  35b03399b3b837e70d51c97dbf1be1de2ee6a59f20eb314de459c8ff27fb7dfa
- SHA512
  
  a05672223ae9f97b7c06e36fae9b02065cbc7018b8fabb35a9149484cdbe5be013bdcfabe69723d24b5d303078b9f017a6fd7c993a0fe966d976c78a900c9056
- SSDEEP
  
  12288:JJSK3qMtRxtiIPcmNjviT3pMCmqHHtev+p3WoT4:zSaqrIkmRiTqoIv+NWoM
Score

1^/10
behavioral21 behavioral22
- Target
  
  CADe_SIMU V4.2/libnodave.dll
- Size
  
  124KB
- MD5
  
  3f9383240796ff0bcd7211aaffa70ec2
- SHA1
  
  29cb7113a6a08eaa701fd5d55811205d0d8499a9
- SHA256
  
  d61b4728dc1bdfbfcee780b2eecc867549ff4637bc611ba115e023d4bda493b6
- SHA512
  
  3e8eef1fa22858e40c1b97106dcf904f36aa271002e45b3b57bd1370753f413c14369e55f8e341ed09dcfd41a2cb5cbafef5021703ed2b5ae0b2f7e778ecc698
- SSDEEP
  
  1536:tyrhe5iAd5jGErfo0KtauWnuH3rXA4hBmILCC7dulTm0Dyw8jy1:tyo1NGErfOBYuHzpBXeC0lTm0gy1
Score

3^/10
behavioral23 behavioral24

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24