Overview

overview

10

Static

static

3

Pack de Op...MD.url

windows7-x64

1

Pack de Op...MD.url

windows10-2004-x64

1

Pack de Op...MD.cmd

windows7-x64

1

Pack de Op...MD.cmd

windows10-2004-x64

1

Pack de Op...IA.url

windows7-x64

1

Pack de Op...IA.url

windows10-2004-x64

1

Pack de Op...MD.cmd

windows7-x64

1

Pack de Op...MD.cmd

windows10-2004-x64

1

Pack de Op...ia.cmd

windows7-x64

1

Pack de Op...ia.cmd

windows10-2004-x64

1

Pack de Op...or.exe

windows7-x64

1

Pack de Op...or.exe

windows10-2004-x64

1

Pack de Op...ld.cmd

windows7-x64

1

Pack de Op...ld.cmd

windows10-2004-x64

1

Pack de Op...ti.lnk

windows7-x64

1

Pack de Op...ti.lnk

windows10-2004-x64

7

Pack de Op...sd.cmd

windows7-x64

10

Pack de Op...sd.cmd

windows10-2004-x64

10

Pack de Op...V2.exe

windows7-x64

1

Pack de Op...V2.exe

windows10-2004-x64

1

Pack de Op...ll.bat

windows7-x64

7

Pack de Op...ll.bat

windows10-2004-x64

7

Pack de Op...64.exe

windows7-x64

7

Pack de Op...64.exe

windows10-2004-x64

7

Pack de Op...86.exe

windows7-x64

7

Pack de Op...86.exe

windows10-2004-x64

7

Pack de Op...64.exe

windows7-x64

7

Pack de Op...64.exe

windows10-2004-x64

7

Pack de Op...86.exe

windows7-x64

7

Pack de Op...86.exe

windows10-2004-x64

7

Pack de Op...64.exe

windows7-x64

7

Pack de Op...64.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Pack de Optimizacion by bask1ngg.rar

  • Size

    95.1MB

  • Sample

    240627-2aznqavake

  • MD5

    47054aa960c0b660d328d30d31a33578

  • SHA1

    3f0656fd6af9b55386e7c8198e3e1d216bc324dd

  • SHA256

    32f80f04d936215e00017d445f93489ddedb001a346c9ca04cdbbbd76c96b154

  • SHA512

    5174198e90eee504caed14f00e8dc31dd1ffb9f6dc71e7289b26294ce6b1bbd7ef42d85b7b8e1372c191294d6ce76d24d15dfd6beb289206fa5c01f8ccc84644

  • SSDEEP

    1572864:pc1BokMe3Cp9v+TSV4IH/6MSmCP1hgrzW/PmcdNuKBo9r2xU1hNWfY/+M1oxQJD/:p3kDPTSdHKP1h0zWXmwIWo96UnCkDrjH

Score
10/10
discoveryevasionexecutionpersistenceprivilege_escalation

Malware Config

Targets

    • Target

      Pack de Optimizacion by bask1ngg/11. NVIDIA O AMD/AMD/Controladores y soporte de procesadores y tarjetas gráficas - AMD.url

    • Size

      346B

    • MD5

      c8cd3f8693542cd37f3704c5f61395d5

    • SHA1

      6ca2035d7d145f2724aece605bca5e24c415cf30

    • SHA256

      bbdfa5aedc1c36bc60d77830dac1da3662a185594f87d98a04c797a1e7cb3d03

    • SHA512

      0c7ee1c4c388b2ff9a6255d366154b4577142358d39ba8c393e9a32b837cbb7fccc12ca1c34c7ac9812d2fbe828346c14e696d134562772812e049bfb284f99a

    Score
    1/10
    behavioral1behavioral2

    • Target

      Pack de Optimizacion by bask1ngg/11. NVIDIA O AMD/AMD/NVIDIA O AMD.CMD

    • Size

      3KB

    • MD5

      b58eeb067a1480591450204ac44ae5ad

    • SHA1

      03f45e7d16a306851c9197069ca4e374a7fceb17

    • SHA256

      d9302fa5a2622e6c130c383d4857d6b69999ac42eb263b76c3259a70fb696858

    • SHA512

      348e5378bffcfbb555942b43d8c656b7b533a1f82d9f328a650f5a371f91c51f3dc0c3adc1de0eb18889273eb04bf0b1d099bd97e8af001314cd469d85e9bc67

    Score
    1/10
    behavioral3behavioral4

    • Target

      Pack de Optimizacion by bask1ngg/11. NVIDIA O AMD/NVIDIA/Drivers Oficiales - NVIDIA.url

    • Size

      75B

    • MD5

      4bc978da41d0953859a1f9891ab0bdfa

    • SHA1

      ada49ed299f34107533ee021dc700a6fb88d85f0

    • SHA256

      3361068917c9a60470807e53dadebb07f0002d481ce0fd777603b1f3e80dcbaf

    • SHA512

      49eda4cde2c34a52434de249ae3f53708d0a6808c09e54342a971934b2d53f1cf51dbb1f8ed7be3132e16834d9481951e07df0b45ba66bc563d73e2b3fbe43de

    Score
    1/10
    behavioral5behavioral6

    • Target

      Pack de Optimizacion by bask1ngg/11. NVIDIA O AMD/NVIDIA/NVIDIA O AMD.CMD

    • Size

      3KB

    • MD5

      ce50c2ac4aa4df0bee6d2d5408ab2bbd

    • SHA1

      2e76f87a243284d937ad9dcda32f6b74b142c321

    • SHA256

      aa3eb3eae77a81c0980cb047506d8c802437dc577eace6a06b6ee6a42bab3afb

    • SHA512

      0836b06558ee2beba463b184137aaaa6f1555f5a06b855246531dbc791753b8e2e31d3a70c92e7817e687ff39e2388a31803008a3ed4f3d2df73148c569356b7

    Score
    1/10
    behavioral7behavioral8

    • Target

      Pack de Optimizacion by bask1ngg/11. NVIDIA O AMD/NVIDIA/nvidia.cmd

    • Size

      804B

    • MD5

      41f014d298c76925f718e0b2241e2db6

    • SHA1

      6a83ae335cddffc067089b4a19fa3066deb9f01b

    • SHA256

      789f1621fd24496497312457afc8d9a60c2feaf33ee99c6428afe6aed701b523

    • SHA512

      6ad3a2d8e2d3b4e483b7ec46e3c6267914a93c3c5e697caee57d39124b1bf79e713695a435a33cff079fbca1fbffba63adc5356e86a12900ae7ad3e19e654cc2

    Score
    1/10
    behavioral10behavioral9

    • Target

      Pack de Optimizacion by bask1ngg/11. NVIDIA O AMD/NVIDIA/nvidiaProfileInspector.exe

    • Size

      535KB

    • MD5

      ff5f39370b67a274cb58ba7e2039d2e2

    • SHA1

      3020bb33e563e9efe59ea22aa4588bed5f1b2897

    • SHA256

      1233487ea4db928ee062f12b00a6eda01445d001ab55566107234dea4dc65872

    • SHA512

      7decec37c80d1d5ad6296d737d5d16c4fc92353a3ae4bd083c4a7b267bb6073a53d9f6152b20f9b5e62ba6c93f76d08f813812a83ce164db4c91107d7ad5a95f

    • SSDEEP

      6144:4sP/zdlaCgMOx9mN1S0Mi11iBFmEobpU0u5p:/P5cCdOHmN1S0Mi2BFmLU0A

    Score
    1/10
    behavioral11behavioral12

    • Target

      Pack de Optimizacion by bask1ngg/13. mantencion de disco/SvcHost Split Threshold.cmd

    • Size

      5KB

    • MD5

      e3203ae244a91f6ed4b7b382ffe39622

    • SHA1

      2fd984409a852fcc5e105b316f9e50f4a559d50f

    • SHA256

      9ce64f661e8a836b348ca37057829f13a289d31ea71a68099d1590e1705b7b0d

    • SHA512

      e4fb93d3078482ad61a2f6882645be108f5dc1dbac44ef64a5457f213defd4c859ad6d36c48ce9bf218769e832f8b25d9e84abae23c98c837658bafae8dd7256

    • SSDEEP

      96:/edjWRuh32IGsnWuIdrVNVPC9rVNVPMDrVNVPgvrVNVPLArVNVPyZPrVNVPvjKrZ:/MjI+Ef2IKtTZJjSpVCC4NFc1t

    Score
    1/10
    behavioral13behavioral14

    • Target

      Pack de Optimizacion by bask1ngg/13. mantencion de disco/mantenimiento de disco/Desfragmentar y optimizar las unidades - Acceso directo.lnk

    • Size

      1KB

    • MD5

      7781f1b5f68bdd1dedc1d5df67f89620

    • SHA1

      d54cc9c554b4167153cb5125683c4765b9fad888

    • SHA256

      cec00f754781ecd6eca60df9bebc66988ee294e19ba024a0a594ddecbc67a3bc

    • SHA512

      4a3e3e03daf5e3a82f00e95e5f79518096702c424d1086274379152de87133742535739dfc8c2d7842008f421fc6e7d844a113ff1cbf314e0240302fb179d7de

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral15behavioral16

    • Target

      Pack de Optimizacion by bask1ngg/13. mantencion de disco/ssd.cmd

    • Size

      1KB

    • MD5

      4066662cd910be7283ccc4963b762ac1

    • SHA1

      524ad1353b5d023c952b1207f0f2491e110124fc

    • SHA256

      b84710ed8dc571ceb955b83ca1a7475d7d77ef59ff2d8a073ed90199fc1fda08

    • SHA512

      dc7cb243600f30fa2a4a54701403a3ba5ce18f468fcc6f0ad9551690279bb1d1ac224346a91a82062f8a827a9a0bb2593fde0c2f493a9f36c2ad670ba91378b3

    Score
    10/10
    evasionexecutionpersistence

    • Disables service(s)

      evasionexecution

    • Power Settings

      powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.

      persistence
    behavioral17behavioral18

    • Target

      Pack de Optimizacion by bask1ngg/14.Programas/MSI Mode Utility V2.exe

    • Size

      29KB

    • MD5

      dbd2194b7a5b38636edf7112ebc6fe91

    • SHA1

      6fea8daee367fbdee5a299a214c0419ef04ea7bb

    • SHA256

      927004a7ed771954853acfd331baf0a2d74c84037d4adff5a4a65fb1b287e586

    • SHA512

      238cf410957b64bc0f8997fb3669b6f362e6b170c942fecca43ddc72a73ebffe75d829f0bade82cc712ca6786d6083921df9648d8c7a19ddc1e0de55cc526d42

    • SSDEEP

      384:rHrg8dKZcKMUK+ftkHia5hPAiGfWjf4qHWv6wzbkROjDAZBoVYUb+harH+AtN7hO:rHrJdW1g4N6IgO8oVFChcWqfvB+A5+z

    Score
    1/10
    behavioral19behavioral20

    • Target

      Pack de Optimizacion by bask1ngg/14.Programas/Visual-C-Runtimes-All-in-One-Jul-2022/install_all.bat

    • Size

      1KB

    • MD5

      9b4fea565818559696bea3f0fad24739

    • SHA1

      f03bfcffed865e632b47bca399e4aa1f977c8e86

    • SHA256

      a335d8db7a068fd6914f51dea69e0c19463264c9d342f16c9ed364e8b2a93008

    • SHA512

      8658b052a4b0fb219366b405bddfa5d0e49ba0f29c01387f237ecd1600b52b7c8f2917aafb2e00afe63542c69dddcb67da78e727866e63d596942ad0f62d2f69

    Score
    7/10
    discoverypersistenceprivilege_escalation

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral21behavioral22

    • Target

      Pack de Optimizacion by bask1ngg/14.Programas/Visual-C-Runtimes-All-in-One-Jul-2022/vcredist2005_x64.exe

    • Size

      3.0MB

    • MD5

      56eaf4e1237c974f6984edc93972c123

    • SHA1

      ee916012783024dac67fc606457377932c826f05

    • SHA256

      0551a61c85b718e1fa015b0c3e3f4c4eea0637055536c00e7969286b4fa663e0

    • SHA512

      f8e15363e34db5b5445c41eea4dd80b2f682642cb8f1046f30ea4fb5f4f51b0b604f7bcb3000a35a7d3ba1d1bcc07df9b25e4533170c65640b2d137c19916736

    • SSDEEP

      49152:+r67+stI6RWGTAdyvlADUrpTmcOgohwJpEM5grO3oc1OXZViFeRyDErkLUMHzkRN:AM9l8pUr9m30L5grOQXZKAsErkbQRN

    Score
    7/10
    persistenceprivilege_escalation

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral23behavioral24

    • Target

      Pack de Optimizacion by bask1ngg/14.Programas/Visual-C-Runtimes-All-in-One-Jul-2022/vcredist2005_x86.exe

    • Size

      2.6MB

    • MD5

      ce2922f83fb4b170affce0ea448b107b

    • SHA1

      b8fab0bb7f62a24ddfe77b19cd9a1451abd7b847

    • SHA256

      4ee4da0fe62d5fa1b5e80c6e6d88a4a2f8b3b140c35da51053d0d7b72a381d29

    • SHA512

      e94b077e054bd8992374d359f3adc4d1d78d42118d878556715d77182f7d03635850b2b2f06c012ccb7c410e2b3c124cf6508473efe150d3c51a51857ce1c6b0

    • SSDEEP

      49152:rqGRIgg2SirwkF9xdtb43lyGKCafpKkiwnaDahmPzpY4FPyaza:rxxLFfY/KCCpKk9aWMzZyau

    Score
    7/10
    persistenceprivilege_escalation

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral25behavioral26

    • Target

      Pack de Optimizacion by bask1ngg/14.Programas/Visual-C-Runtimes-All-in-One-Jul-2022/vcredist2008_x64.exe

    • Size

      5.0MB

    • MD5

      e2ada570911edaaae7d1b3c979345fce

    • SHA1

      a7c83077b8a28d409e36316d2d7321fa0ccdb7e8

    • SHA256

      b811f2c047a3e828517c234bd4aa4883e1ec591d88fad21289ae68a6915a6665

    • SHA512

      b890d83d36f3681a690828d8926139b4f13f8d2fcd258581542cf2fb7dce5d7e7e477731c9545a54a476ed5c2aaac44ce12d2c3d9b99c2c1c04a5ab4ee20c4b8

    • SSDEEP

      98304:98I8/pCVmdbx2rU/xFnTBU8UeNeagEXtIgvjyGFDdo85qyKYr5NM62dNKViClWPg:9Avx2rw5Th8XeNyGtW0DJr5uDdQdWPet

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral27behavioral28

    • Target

      Pack de Optimizacion by bask1ngg/14.Programas/Visual-C-Runtimes-All-in-One-Jul-2022/vcredist2008_x86.exe

    • Size

      4.3MB

    • MD5

      35da2bf2befd998980a495b6f4f55e60

    • SHA1

      470640aa4bb7db8e69196b5edb0010933569e98d

    • SHA256

      6b3e4c51c6c0e5f68c8a72b497445af3dbf976394cbb62aa23569065c28deeb6

    • SHA512

      bf630667c87b8f10ef85b61f2f379d7ce24124618b999babfec8e2df424eb494b8f1bf0977580810dff5124d4dbdec9539ff53e0dc14625c076fa34dfe44e3f2

    • SSDEEP

      98304:vT4tlQ0aeY51XNURYxaA6qjEb9tRuPmBmWBDLTMTtbslyzRt9cuISY6Qa:vKlhE9U6476itR+mLPw6lyZY61

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral29behavioral30

    • Target

      Pack de Optimizacion by bask1ngg/14.Programas/Visual-C-Runtimes-All-in-One-Jul-2022/vcredist2010_x64.exe

    • Size

      9.8MB

    • MD5

      c9d9eebccef20d637f193490cec05e79

    • SHA1

      15d032d669078aa6f0f7fd1cbf4115a070bd034d

    • SHA256

      cc7ec044218c72a9a15fca2363baed8fc51095ee3b2a7593476771f9eba3d223

    • SHA512

      24b56b5d9b48d75baf53a98e007ace3e7d68fbd5fa55b75ae1a2c08dd466d20b13041f80e84fdb64b825f070843f9247daba681eff16baf99a4b14ea99f5cfd6

    • SSDEEP

      196608:n9A3D5MBD0vwqMKgL29M2JWMWiKV/nPlnqIaAAVINqsAsbPnpCxmz7dU8:23D5MBwZMd0b4oSQ7VSrAs1gEdU8

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral31behavioral32

MITRE ATT&CK Matrix

Tasks

static1

Score
3/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
7/10

behavioral17

evasionexecutionpersistence
Score
10/10

behavioral18

evasionexecutionpersistence
Score
10/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

discoverypersistenceprivilege_escalation
Score
7/10

behavioral22

discoverypersistenceprivilege_escalation
Score
7/10

behavioral23

persistenceprivilege_escalation
Score
7/10

behavioral24

persistenceprivilege_escalation
Score
7/10

behavioral25

persistenceprivilege_escalation
Score
7/10

behavioral26

persistenceprivilege_escalation
Score
7/10

behavioral27

Score
7/10

behavioral28

Score
7/10

behavioral29

Score
7/10

behavioral30

Score
7/10

behavioral31

Score
7/10

behavioral32

Score
7/10