5edf82763a3b79627af5456f1c678b136a3cb700d1d8221ed2aa1f19a53028bd

Sharing

Copy URL Twitter E-mail

General

Target

5edf82763a3b79627af5456f1c678b136a3cb700d1d8221ed2aa1f19a53028bd
Size

1.5MB
Sample

240612-epp2ha1ajk
MD5

ff98bff64c9ee3eeba76b3052165921e
SHA1

18b3c3664444e6877167bbdc325a22cc3f17339e
SHA256

5edf82763a3b79627af5456f1c678b136a3cb700d1d8221ed2aa1f19a53028bd
SHA512

96baa28d54c0ade04701a228e19bba3a95e997001898d67177e644b3f45a3e2ecbba1b1ac3e2ece2cb7b0daf1f530be7a684b6a5ab9d2d514f265cf0f2acfee4
SSDEEP

24576:bN2lE+POJedCeVX7e0Nnjg6kmjwutG80/cTvssF5P/LL5M4KlNxQ5DS:B2l9PBdjq0NjflRY/UosF53LONfxYm

Score

7^/10

Malware Config

Targets

- Target
  
  5edf82763a3b79627af5456f1c678b136a3cb700d1d8221ed2aa1f19a53028bd
- Size
  
  1.5MB
- MD5
  
  ff98bff64c9ee3eeba76b3052165921e
- SHA1
  
  18b3c3664444e6877167bbdc325a22cc3f17339e
- SHA256
  
  5edf82763a3b79627af5456f1c678b136a3cb700d1d8221ed2aa1f19a53028bd
- SHA512
  
  96baa28d54c0ade04701a228e19bba3a95e997001898d67177e644b3f45a3e2ecbba1b1ac3e2ece2cb7b0daf1f530be7a684b6a5ab9d2d514f265cf0f2acfee4
- SSDEEP
  
  24576:bN2lE+POJedCeVX7e0Nnjg6kmjwutG80/cTvssF5P/LL5M4KlNxQ5DS:B2l9PBdjq0NjflRY/UosF53LONfxYm
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $0/ArchiveUtilityx64.dll
- Size
  
  162KB
- MD5
  
  442c9b272a29ae1301f403f187451c44
- SHA1
  
  d63da4bc0d311d768951db6122617bb91d99b4e6
- SHA256
  
  d2f1e3f39335dd2025a095074c8d0f31b0fa8ab1aa6e4c7c340b0d000b6121a7
- SHA512
  
  a4490927fb26e30ee625987af06696b49d631c777fb802e61c8da2be497ac4cc1029f7f798219b8f427876a86584b1e3417e86b55a7c60546f1c4f2724f28e8c
- SSDEEP
  
  3072:MAZpz3eQkXBlJ6pM91zgrn4oul5ntwcJsOct7BzUv9DMm:MAvzD6l0+1grn4OtJUZV
Score

1^/10
behavioral3 behavioral4
- Target
  
  $0/RAVAntivirus-installer.exe
- Size
  
  526KB
- MD5
  
  8a1393c7b22bf756706d03c454f54850
- SHA1
  
  34121b55f2140bb2b6bd941edda91e273cd6163b
- SHA256
  
  2aecb7a6e46e142344cedbe166bc416cb6167a4023f97f706764336b16d54573
- SHA512
  
  ed10a536abadb6d782b85b344e813f32cc664ff00764548f6b16b5d9cba02f937eda02c6dbb36e6cb5812faa5c916fba22f99d63d0a8f8f376c6bb213a75820b
- SSDEEP
  
  12288:LqZijgIQtZM1A0+Nwhq3drUsZZssxZB7mlK1kt:LqZis61A0ue8ltZZsyZB7mlR
Score

1^/10
behavioral5 behavioral6
- Target
  
  $0/System.Data.SQLite.dll
- Size
  
  383KB
- MD5
  
  768085bcbd6c43acc360ef680a25a264
- SHA1
  
  71dcee643b71e4bf70188e6010bec7786ac66200
- SHA256
  
  3d643ef7d6c2963ec4a3dd87dfd13fcfe432e34cbe78f54118f23776707f4694
- SHA512
  
  4f7f34a9033a1ffcc76fb72fe80a74880d86567303da168859a3d10071f463445063a7670db3be6a2781e1f0184d97167ef8bcc3e4f1456d7b08effe3da4eea7
- SSDEEP
  
  6144:bQJFAhq2x3R+rlvz6I95dmzw0U39EC/j4GwhaOrXhOgA1GnTrwp/zwB25QGKSHFa:9hPXbJd25mSHFNFfcaFeFOFwcGF6cmFS
Score

1^/10
behavioral7 behavioral8
- Target
  
  $0/cs-CZ/RavStub.resources.dll
- Size
  
  11KB
- MD5
  
  739b40c8781f9e380c21e485a3511982
- SHA1
  
  b1775aecb48ca4ede49f7a2aad23984a7ee749c4
- SHA256
  
  ea2ce903dc2d7d3d1b38dfdc3d2b0677c1886fad3be2a4ec64cac75791e2ca4e
- SHA512
  
  ca6a259f3c3e0a2f65a81d2c9d8e0b3e890ca304cf2cba0dea7efdd3eb42fbe48dc5b6ea2268d8b422b0fa199d9aa69c750bb20447f95173c02037d5efb71050
- SSDEEP
  
  192:8qBxc9TX/G6Nui+xBtkB+xSVURONH0JPcBK3RPBt+VnJkYUECd1Vl+Iru+M3Y3Mc:8qBxc9TX/yi+xBtkB2SVURONH0hcB4zj
Score

1^/10
behavioral10 behavioral9
- Target
  
  $0/da-DK/RavStub.resources.dll
- Size
  
  11KB
- MD5
  
  76328808c1ea8f24c0fcd00a62012161
- SHA1
  
  f3515a3466d9a412eb90e01810643508e515d932
- SHA256
  
  7414d6112879ec3915ec6ba2824ba02308428755b555f93ee5d2d270230e487f
- SHA512
  
  da2150752540012e08068de7425bd322929d3d59098cec173408c38b4ee72624095bb0782f765c5757cf162bc15721b978950525c5a32c64911506795b5245c0
- SSDEEP
  
  192:vBQzl2eGAZxBuxkgpIRF/T/POg/cPMPllM3d34EPMLXjAUwMXrAfeMK7AWmBHYeq:vBQzl2eHBuxkgpIRF/T/POg/cqllM3Vs
Score

1^/10
behavioral11 behavioral12
- Target
  
  $0/de-DE/RavStub.resources.dll
- Size
  
  11KB
- MD5
  
  476bef49132efd74feacac159b575350
- SHA1
  
  e03766490f45d3e49ab76703e243d491cb0a8fa4
- SHA256
  
  be51647a637980d4a908a661135fcd3ef95ab2ffd03b045b0ae2e070c052b882
- SHA512
  
  c8fbda0ca1f4d1f6584fb7571eea6c0c80194e032d29f9e0e258c1d17ccb88fc2113388b90047c7a3d8b9189cc6aed3aacb08c7687c5c4eb5b946df744a916d9
- SSDEEP
  
  192:4BTYpn3Gj4GbovxI++3XBfq0mVEwMafrgPXmg3Ve6adroWbvWprondNgRECuwnrf:4BTYpn3gbovxI++3Xhq0mVEwMafrOXm0
Score

1^/10
behavioral13 behavioral14
- Target
  
  $0/el-GR/RavStub.resources.dll
- Size
  
  13KB
- MD5
  
  9568a39f06c407d3aaef6fcefcee922c
- SHA1
  
  69712c96e139f5985912f2f6ad93d1213cdcc99b
- SHA256
  
  77d1fe2ec114f68bca204d310bdba27ccf075aa6874feba647af9de8c553951c
- SHA512
  
  5dca0d5169d13da57159a0df9d02ac4f3ccef6ed9683f0b694d1a0a18ed26c8a2eec910aea3d4f9852e7bf8fdcbdb103af4da977323c47b50455fc17c5b279d8
- SSDEEP
  
  384:aBWBf+X6RVxblku95T6dJVRA3QIFY73rWPMF2TlK:kSRV9lPDYCPMF25K
Score

1^/10
behavioral15 behavioral16
- Target
  
  $0/es-ES/RavStub.resources.dll
- Size
  
  11KB
- MD5
  
  2dde8607acdb8d06b7d948931220ebd9
- SHA1
  
  5ba8bbba5a4cd605804bfde4d04717eb686218e5
- SHA256
  
  b2a420691e2d8f2aab4b944722b20ed432a67467ff94cd63b21e370cda29571f
- SHA512
  
  b8da58f063124f491937b59e8534451047d0b5de84004d5d1afa004b2d739e727bc0f3fa9d1dcbdb22efb44b80dd24aad6e5651997c54f8159b7c4f208ebd435
- SSDEEP
  
  192:5BPXLtQmG/ocC7JxyrnuTMm73slMv56RPjHil3u51wRlhiYwEHU4bIyrokBD7bGN:5BvLtQmSC7JxyrnuTZ73slQ56pjHiN8x
Score

1^/10
behavioral17 behavioral18
- Target
  
  $0/fi-FI/RavStub.resources.dll
- Size
  
  11KB
- MD5
  
  21644b0b040404e65a754a4458ee491a
- SHA1
  
  3416c6251d9a7c2f896f15a33a27dec2d5065f91
- SHA256
  
  e8f07cc384404b04cb0136a94b3bd8b127d5895c727331942c067a06ca03a13d
- SHA512
  
  18571ec4375ab1922e6aeddc31c18501dea1c4b71d8d91525fe6674ab20b78fa311df68c9dbea6e8ba3ae9476563cb06040503208b177aba94b4225604b148e0
- SSDEEP
  
  192:rBQVctwGeJsziex7z9auMFRTRW+1vC6P3C2ae3XECEwzrJzfPWCipxskFbHUiHtm:rBQVctwnOiex7z9a1FRTRW+NCQ3QUUeh
Score

1^/10
behavioral19 behavioral20
- Target
  
  $0/fil-PH/RavStub.resources.dll
- Size
  
  7KB
- MD5
  
  9ff406d55fb450f3073614bc960dd772
- SHA1
  
  d878ee6bff7f8e72d68ef6aa6a7711807558e42e
- SHA256
  
  dd7abfcc8be0cacd97948883cfca1520c251c22c920267ea8247648ec7b0b937
- SHA512
  
  bd5f0bf74784b67659bec4be6b5cf4681d82982756336de7b5750d8310c75c730374dd889e041dc425f79d9e7fd22287dc5b140b692d99fcef621248855bbfe9
- SSDEEP
  
  192:KUWFiKI9hwoGBjeO5/FSv/tTmJyXOhZCauEt+l+T9lmi34LLZhJ:KUkiKI9hwoE5/FS3tHJ
Score

1^/10
behavioral21 behavioral22
- Target
  
  $0/fr-FR/RavStub.resources.dll
- Size
  
  11KB
- MD5
  
  cd434dea3975470bb6a3dfc35cd24f35
- SHA1
  
  49f4875eac0ac8aa004803c46e3a0773bdd71eb3
- SHA256
  
  c3848d790b7ed060a24ef7e1c72c03928dd0561148d934fdbb0d66bdf524c97d
- SHA512
  
  fa9d9c514a7d5a13539d73716b1144f880dd7690403417a487862d7f874ab0d0c4cbcd9ecc537a9274f7f57f668649d4bd7704c3d2e01133f7e5211da2c5c56e
- SSDEEP
  
  192:uBQcid9G4CSlZY4PKxwboDfgE2lqpPFo85nxgPT2z3X8HjPGpEGiIAxem1+XCfh/:uBQcid9ZZY4PKxwboDlHpPFo85nxOT2I
Score

1^/10
behavioral23 behavioral24
- Target
  
  $0/hi-IN/RavStub.resources.dll
- Size
  
  15KB
- MD5
  
  3315c0e520e936240d113940d997bd68
- SHA1
  
  ccda50256879732f0682442de10dd6016e974dc7
- SHA256
  
  429b983c5e902e24e69c12ddf76a68848d776bc83d89b80cd09ab6e432493914
- SHA512
  
  710e15e1ed890d2cf67bccdb2d3d483e38afb41c2b106f222a64b1ba55ed2b40a53b5f7df9ab0edacf84ef9996e0f930f40a396a0355753a30fb7d4e863fda93
- SSDEEP
  
  384:pBZX3BZ41Zl3txEiW43vdWiiVVeKBccgH6eKVZnWT2ox8mn9TyvB5gE2ac7Pmf:/cl3tuiAuL3AZn4t4DqJmf
Score

1^/10
behavioral25 behavioral26
- Target
  
  $0/hr-HR/RavStub.resources.dll
- Size
  
  10KB
- MD5
  
  658c26fd4dece054bb0bf8cace832b7c
- SHA1
  
  93b1d9b29d997cc12f18c46c4c317e639e5bb985
- SHA256
  
  6539d57eb9ea5983b420761b9c38ec9336872489569b280d60fff98db5349031
- SHA512
  
  2979e737eccd7cf25b2b4e95bd595da6d7d04bc41060548d3c220985c14fcc6ff34be89be51dbfb982dbd7c5d9653dc1bdba4ebc1c87d5439d362e94c61f35d7
- SSDEEP
  
  192:fBPXwUyf1G064Wixoo2VpjYCMkA+WQP7ius3fOaozmKV/4jNnih7gXWXSX44nWE1:fBvwUyf1pWixoo2VpjYCMkA+We7iuafR
Score

1^/10
behavioral27 behavioral28
- Target
  
  $0/hu-HU/RavStub.resources.dll
- Size
  
  11KB
- MD5
  
  1fcdb140854ce8471be59091c45aab62
- SHA1
  
  7b4cb78ddf179f4b4f783e5e7e6af63db8dd77f2
- SHA256
  
  e93afa8a242f4a754d07eae6d841b287b55370cc315a6d48515048cc52da078e
- SHA512
  
  37f448d62f352ddb6cc80c51a36f103774c1cc3e066a088e9302ae0721fa5fdd4daa7379c4e9099d6913b0a810fa89db73ac36097b2fabef89cced1020e3e803
- SSDEEP
  
  192:LBTcc3eGoHi/RDOxjvIsRvTSl9uuAYPbPJ523ZtuSn9m2c20XmAQ29f1FLk04dYY:LBTcc3eMDOxjvIsRvTSl9uuAmbPJ58DB
Score

1^/10
behavioral29 behavioral30
- Target
  
  $0/id-ID/RavStub.resources.dll
- Size
  
  11KB
- MD5
  
  cc19413892ca170755f46a560782eae6
- SHA1
  
  04168e3fadd66dc4a1fc017c5f08819b1421e57d
- SHA256
  
  2c60b267defd2879cb0e044ceccd606f6c6a39bee0f5026e6ea9a09ae3eeac89
- SHA512
  
  bf1af5e9fff51f65ceedbb5cd65f3d782840566f49f40bb736ff9346c847b236ce16be0413142f4229a1c69bed932886bc3a48b788d63013bc2cb419b1abad92
- SSDEEP
  
  192:aBQqPb7GseJwyCpAx8jzVnizvQM3DJz/Ppr6E3sEfFCdKKXgXruQh8X0tF8HzGCE:aBQqPb7LiCpAx8jzVizvQM3DJznpr6C/
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32