General
-
Target
error.7z
-
Size
2.7MB
-
Sample
240612-vdbmqswcln
-
MD5
eb5d98b4eec52807b34a284ce97cf4c2
-
SHA1
4f244c9563b847ef5a861ca8e226f60f18b060c2
-
SHA256
3699c0c3fb15277d1676e273fad74844ba09590610472d5f3d34ff0ae826f50b
-
SHA512
b25d881071438285340e3130d380de89754b8d33fd58101ccf7fe9296c3280a5e0e34c0c1e2a7bfc9d40600063829b40b11b0c3a4e8205ca63f72c1ba537fa2e
-
SSDEEP
49152:ix6hHxmYEWIJx6hHxmYEWI6Bk4GFY4reBd9JbD4gk8:XhHxvX7hHxvXLGdGN/4B8
Behavioral task
behavioral1
Sample
error.zip
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
error.exe
Resource
win7-20240611-en
Behavioral task
behavioral3
Sample
error.ico
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
my malwares/error.exe
Resource
win7-20240419-en
Behavioral task
behavioral5
Sample
my malwares/error.ico
Resource
win7-20240508-en
Behavioral task
behavioral6
Sample
my malwares/money.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
error.7z
-
Size
2.7MB
-
MD5
eb5d98b4eec52807b34a284ce97cf4c2
-
SHA1
4f244c9563b847ef5a861ca8e226f60f18b060c2
-
SHA256
3699c0c3fb15277d1676e273fad74844ba09590610472d5f3d34ff0ae826f50b
-
SHA512
b25d881071438285340e3130d380de89754b8d33fd58101ccf7fe9296c3280a5e0e34c0c1e2a7bfc9d40600063829b40b11b0c3a4e8205ca63f72c1ba537fa2e
-
SSDEEP
49152:ix6hHxmYEWIJx6hHxmYEWI6Bk4GFY4reBd9JbD4gk8:XhHxvX7hHxvXLGdGN/4B8
Score1/10 -
-
-
Target
error.exe
-
Size
913KB
-
MD5
b13c084d58511e62f275496c1a163274
-
SHA1
05bf7c48622084d1a139bada82dbefefcca9450e
-
SHA256
7f2ceba84512f035ac66322243f8ed0877df85e156c79fb778532420f1b1701a
-
SHA512
6bfb79646fbd97ee7927d0e8f522b1675b7a262b5da4f7239e0a6f5e5a51ba3ec73df56dd99f35a27f888ba042232a3bc1618efa9a230d4928d7661f04c17004
-
SSDEEP
12288:UyXEcoNs7qWoRpDVx7Xnqx83qGS+XoThDmQd79sgATBqhC7rsi8jtsf8rQNcqzql:baee5JtnQhZDP9ANqhpiw2cqc
Score10/10-
Disables Task Manager via registry modification
-
Executes dropped EXE
-
Drops file in System32 directory
-
Sets desktop wallpaper using registry
-
-
-
Target
error.ico
-
Size
4KB
-
MD5
451508060edfe13eea3429e29c069732
-
SHA1
ecb14050d7b890dd3a7e0478ef64eeaac1436dc7
-
SHA256
bf8da7264c96e1260d17174232ed702f222dc8a750a1f52ea4377c3d77b80197
-
SHA512
0db02a3879dbed34fb07348edb31ad8e74621cfcdca849c691194804b26285259647d3ac2cf43d987c95e10a32cfc49addd798bc75a61301582a69f45d241448
-
SSDEEP
96:1SLdoDJMbJlhIIrY0hCTAWHwR4Baj0mdKY2uZi3YAbknwHste6rzMhN:1SLdgcl+OYwWfHwhjdDWYACte6rz4
Score3/10 -
-
-
Target
my malwares/error.exe
-
Size
913KB
-
MD5
b13c084d58511e62f275496c1a163274
-
SHA1
05bf7c48622084d1a139bada82dbefefcca9450e
-
SHA256
7f2ceba84512f035ac66322243f8ed0877df85e156c79fb778532420f1b1701a
-
SHA512
6bfb79646fbd97ee7927d0e8f522b1675b7a262b5da4f7239e0a6f5e5a51ba3ec73df56dd99f35a27f888ba042232a3bc1618efa9a230d4928d7661f04c17004
-
SSDEEP
12288:UyXEcoNs7qWoRpDVx7Xnqx83qGS+XoThDmQd79sgATBqhC7rsi8jtsf8rQNcqzql:baee5JtnQhZDP9ANqhpiw2cqc
Score10/10-
Disables Task Manager via registry modification
-
Executes dropped EXE
-
Drops file in System32 directory
-
Sets desktop wallpaper using registry
-
-
-
Target
my malwares/error.ico
-
Size
4KB
-
MD5
451508060edfe13eea3429e29c069732
-
SHA1
ecb14050d7b890dd3a7e0478ef64eeaac1436dc7
-
SHA256
bf8da7264c96e1260d17174232ed702f222dc8a750a1f52ea4377c3d77b80197
-
SHA512
0db02a3879dbed34fb07348edb31ad8e74621cfcdca849c691194804b26285259647d3ac2cf43d987c95e10a32cfc49addd798bc75a61301582a69f45d241448
-
SSDEEP
96:1SLdoDJMbJlhIIrY0hCTAWHwR4Baj0mdKY2uZi3YAbknwHste6rzMhN:1SLdgcl+OYwWfHwhjdDWYACte6rz4
Score1/10 -
-
-
Target
my malwares/money.exe
-
Size
974KB
-
MD5
a7fa97439070aa5a504f003fba95d819
-
SHA1
4ffb89b03f8101b23bd90401fe74f12eb2418b78
-
SHA256
ba50f91341bbfda18f5afcc332462ef8e4f99e7dadfad8ea4edd5ee6595f1ab5
-
SHA512
b07383279fa27225df23a9e44acf55fec18946fa44f1064fc0eed43ebf8a741565f23ad28f1da3c508de6e25ffa12218f0971cb8104ef7016beab64d89281cb7
-
SSDEEP
24576:MaU+FkESyjCx5xQbjm2K/ABdX/8ydHTDWg:MKFkE25KOdIBdX/XDWg
Score10/10-
Disables Task Manager via registry modification
-
Executes dropped EXE
-
Drops file in System32 directory
-
Sets desktop wallpaper using registry
-
MITRE ATT&CK Enterprise v15
Execution
Command and Scripting Interpreter
1PowerShell
1Scheduled Task/Job
1System Services
1Service Execution
1Persistence
Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1