Overview
overview
7Static
static
3AIMr.rar
windows10-2004-x64
7AIMr.exe
windows10-2004-x64
7autopy.pyc
windows10-2004-x64
3AIMr.ico
windows10-2004-x64
3AIMr.py
windows10-2004-x64
3config.json
windows10-2004-x64
3config.py
windows10-2004-x64
3library.py
windows10-2004-x64
3localv.json
windows10-2004-x64
3logo.txt
windows10-2004-x64
1theme.json
windows10-2004-x64
3yolo.cfg
windows10-2004-x64
3yolo.weights
windows10-2004-x64
3General
-
Target
AIMr.rar
-
Size
28.6MB
-
Sample
240626-h3hq5avdpq
-
MD5
d27f0c019db37a84babd60c28e1c527d
-
SHA1
4d63348ea4b3b615769417bf8d1e0ddc6a4e8808
-
SHA256
80aa0376eda30f4c4bb076b66f85e60d35a36c0b6bf4e9ea42c18eaf64ef4479
-
SHA512
e82509ca2aa9ae757b62c008343c3dd267f58c41b896b6062cca1cdc93bf67530ad1cde1354ad76fac087bbb4ccdd2f9070175e1b1f1491b507ef666e3551ae8
-
SSDEEP
786432:s9rhKU6KSH1Ddu1q83ZlaIgG5tm1N0Ot2API8+jGvnMhe46:s9rhKUS1mqnXdAuI8AQnR
Behavioral task
behavioral1
Sample
AIMr.rar
Resource
win10v2004-20240226-en
Behavioral task
behavioral2
Sample
AIMr.exe
Resource
win10v2004-20240611-en
Behavioral task
behavioral3
Sample
autopy.pyc
Resource
win10v2004-20240508-en
Behavioral task
behavioral4
Sample
AIMr.ico
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
AIMr.py
Resource
win10v2004-20240611-en
Behavioral task
behavioral6
Sample
config.json
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
config.py
Resource
win10v2004-20240611-en
Behavioral task
behavioral8
Sample
library.py
Resource
win10v2004-20240611-en
Behavioral task
behavioral9
Sample
localv.json
Resource
win10v2004-20240226-en
Behavioral task
behavioral10
Sample
logo.txt
Resource
win10v2004-20240508-en
Behavioral task
behavioral11
Sample
theme.json
Resource
win10v2004-20240611-en
Behavioral task
behavioral12
Sample
yolo.cfg
Resource
win10v2004-20240611-en
Behavioral task
behavioral13
Sample
yolo.weights
Resource
win10v2004-20240611-en
Malware Config
Targets
-
-
Target
AIMr.rar
-
Size
28.6MB
-
MD5
d27f0c019db37a84babd60c28e1c527d
-
SHA1
4d63348ea4b3b615769417bf8d1e0ddc6a4e8808
-
SHA256
80aa0376eda30f4c4bb076b66f85e60d35a36c0b6bf4e9ea42c18eaf64ef4479
-
SHA512
e82509ca2aa9ae757b62c008343c3dd267f58c41b896b6062cca1cdc93bf67530ad1cde1354ad76fac087bbb4ccdd2f9070175e1b1f1491b507ef666e3551ae8
-
SSDEEP
786432:s9rhKU6KSH1Ddu1q83ZlaIgG5tm1N0Ot2API8+jGvnMhe46:s9rhKUS1mqnXdAuI8AQnR
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
-
-
Target
AIMr.exe
-
Size
7.2MB
-
MD5
adcd61646dd9ee3238279ff36dc0e88e
-
SHA1
8c679e249394af001e72225dd866a9f6c0ab3bda
-
SHA256
481865d699e7b4dc3c160e33181f4d2a82067d2d03dd661e0c8fbe047e9f283c
-
SHA512
a52f4dba45a9cde8754ee01224e4d39b22b78edf4ed1e78715dc75e1c4fbd055880b86c7dce2a8441c278b9237ec80312ebe2b8e0125e557c10138384fde3b4f
-
SSDEEP
196608:EnF9x2vX0yELU+poLlRo6hgs41EcHv2SE8LAPHnYG:G9xGX0yMU+aLlRo6d4ug7S4G
Score7/10-
Loads dropped DLL
-
Legitimate hosting services abused for malware hosting/C2
-
-
-
Target
autopy.pyc
-
Size
5KB
-
MD5
996ba99e569817ce1a8f2a5d88c58781
-
SHA1
33c135c089ba155ae43072a318b15af0ec6fa681
-
SHA256
dcc1b90c7a6eab4a6f5abc62d8390fe327f7a51a792c143c6983d0e293fbfcb1
-
SHA512
305e41e5337f55c93b3f6a478293da2b1273b15ee34f19013237f1bee3794ddd3518d6af51797fea06e94d3416a9dfc7485038e15258170ac08e1ea3fbc5d12c
-
SSDEEP
96:Y5rM+1hU5zSPCTHafPmgpj6vsbjOPikrn+yxfL9uXL/MtG:6M+1hUYaTHaX1pj60bjOPXn+yxfLUXLh
Score3/10 -
-
-
Target
AIMr.ico
-
Size
16KB
-
MD5
242c9b7e51cac4e19ba395cc76db2327
-
SHA1
1e4139926f65ef60c6dda0a469d10cafd606301c
-
SHA256
1cc948832ed92f5971b8611550e06eac74cb4acb58dc40f95fbdbef66c3bcad1
-
SHA512
cf08f58d250ebd209aea7b17f67e5f84b8a45ef4f34defc61bb28f8f47d699cfbb5d4a8ff38c46cc819219f51c6bb6aa362ee5ae6d29552a41e8fdcbb8461ac9
-
SSDEEP
192:fCeN7RgC7dzR4GaDwC/0d7gstC+zhdDdeBRbMVuLtGvg8NEDraYhYKCcLNP:6G/Z2rDRsdDEqvp1dNKY9qNP
Score3/10 -
-
-
Target
AIMr.py
-
Size
9KB
-
MD5
59f08c92b759ada1d447387b7b71e5d6
-
SHA1
394ba0d955bd7e4e37f093a5bbfda9e5fe28cc59
-
SHA256
bfb4a9e7c1d5ec07d4248e2ce522d271dba26b6300139c7fcd6c3d0107251552
-
SHA512
ab3286c359872d3c2ad6aa7efdb541ca57a50f55f95d57f9624c5a359f841d8056e01d8a139fc7afbd47a4eea514602c6af466d13590d2dec78bfa4886008235
-
SSDEEP
192:S9EVODVxMUS4PAkDN2HH2RD86PGTGK7jiONaeuAYTksmGQq3s:EjxMUTP5h18yUGKHiONavAYpPc
Score3/10 -
-
-
Target
config.json
-
Size
192B
-
MD5
6397e26edffbeea54425d347d998ae0f
-
SHA1
5834e475160d2793bd28bb087f5502ae8953fb25
-
SHA256
f8cb068c2c32a27f1843e83b6d8de84bcc9ee1213d8c1ca2c2e09da709f70e4e
-
SHA512
ba406b7a1208692de50a8f37d80ddd400c528e11bb34b175ad7e9a51d9fc9e3d51633e3dd8e3b45052f661f79456398e56a49976dffdcd695ba4fac60f9a1f22
Score3/10 -
-
-
Target
config.py
-
Size
21KB
-
MD5
ba26cb22e73915dc2dcf1704cbb56fda
-
SHA1
be3b5cf36a663b5fdb7e95e7953d0b02794436ad
-
SHA256
383c184729a301867052df629ad05d1c50c323af1b0cc5a16de784098c4a1d21
-
SHA512
21e7fd4dd9b6bfd4e3d548bf2e8a5a24ee43f3a17032f20351d54ccdefea38e1e852f63338582e693dd43962b01e45e273d4238d2c7f071ead3ccc499fbcbff5
-
SSDEEP
384:wvp4gaC34eVTfugbmAAtGgq7nkcq61/ldQsTck6Jc6OipubOcwXkhe3CWK2B0:LC3KtAGXmnkcqU/lWs8cDipCEkhcZ0
Score3/10 -
-
-
Target
library.py
-
Size
18KB
-
MD5
e7e2a0977bc9167ca25f90b1ed4fb6f3
-
SHA1
da280ac06882235ded4b50156f6616c7c7d6142a
-
SHA256
b93e46b5a27082ed237d53cefa84dbe498a7341afc7d11fcb20d4fa63a09eb0c
-
SHA512
e6aa03b0543484e5fe3ae92b9b8dbfb861cc63e808c57fc09cbf6d13a5efc5dde5865f78535aa5b929f06e871f574659958c9babc600f6107e3b31f40a106f0d
-
SSDEEP
384:xjWf8VTVd70crNQ2U/t67IWcvSJ0ehf6AldJPlxdR0KBzNWCBT:aeTVJ0crO24t2bv0MBNxdqCBT
Score3/10 -
-
-
Target
localv.json
-
Size
92B
-
MD5
125f5b9f0d7395eb081ce1cf752555e7
-
SHA1
893e252d8197a41873041b32b413fa181bd0d4d4
-
SHA256
27ad08689dfe1a9ac371efd2d221722143ec32f3327dd6d4df367d5c3bcca295
-
SHA512
175e428b0941402296719332612fec076a55e7c2fe51b8dddcc5f22ea92a5d4010d27ec8d0bb3a0ccac9dc72947c5017b00cf07ed33d17cec00252b3adf13385
Score3/10 -
-
-
Target
logo.txt
-
Size
329B
-
MD5
c7d3e84125e24819571cc29caf9139df
-
SHA1
48868674b6a2dcdf773e74d5c684fab0e0207dba
-
SHA256
3bd49f4a1aba239ae850245d11b134bf0141238b3b7b90cba187c46e0676c17e
-
SHA512
ab05bbbefb331eff5143a1a73cc0056928b7aea40696959cb602100609f3082097d6da53dcddf5633c9f2eb13642926adfa8ec125c6a5f3b79969c62063325d4
Score1/10 -
-
-
Target
theme.json
-
Size
6KB
-
MD5
90aac0405c0e484759eca6193c58247a
-
SHA1
ab7015e7a1da5eb1ea7da0485d996ac34f114623
-
SHA256
081c027b083cb6cae1e4c39dbd67a4194305f6f090811ade785e4e8bf801be02
-
SHA512
ece8efc213a3f41580c06023619f2bed6f0cb63729af18fc9519536ac3ce97534f34fcf48cdba161aac86004d6637ee3d7f1291bf87cba292eaa9892021e4628
-
SSDEEP
192:+bZ3yZ31SoYq+q2dke0eojeSEQ0cJeztFo2Z1eztFyOeztFpvktexkexezepF/de:aZCZlSoYq+ldkVeceSEzcJezty2Z1ezL
Score3/10 -
-
-
Target
yolo.cfg
-
Size
3KB
-
MD5
65f390d99ea818c47c1752b720cb5b88
-
SHA1
73e92a678b5d8948c76a6fa04eecfa6cec9c066b
-
SHA256
a6415c2e303f7b3647913a7bb3675f0fe7234049d8875ae7d75c01b8e4dcb854
-
SHA512
9960a926548c91ba056ca8f8bbebb61ce5504e2feb3c536a87cfd3d994980df32125e959b348f33cac4db4f680208e4d8023b54c1a840f805a7d0d1f5ccad91e
Score3/10 -
-
-
Target
yolo.weights
-
Size
23.1MB
-
MD5
8911bf808aed305d6854c4ea48fcc731
-
SHA1
451caaab22fb9831aa1a5ee9b5ba74a35ffa5dcb
-
SHA256
cf9fbfd0f6d4869b35762f56100f50ed05268084078805f0e7989efe5bb8ca87
-
SHA512
7d4d9fe150f9fe3ea7d2310f1445fe983b31fbf06d301c70ecfe00e8559e6f1bf940198c2dd55db772238f23ea0092fb6553558e5414f3ee173b8b28e53c5b54
-
SSDEEP
393216:DjDyuGrgQr/YQJjTn7zzdYCrTUQzHaydATKrYhpLZ3AfxImkkpso/E7TdjK3k/rW:Lfgr/Jjb7HdYibvdAT0elr9ThnD/rp2l
Score3/10 -