General
-
Target
cmlauncher.zip
-
Size
5.4MB
-
Sample
240701-efyx2svhme
-
MD5
4bafdeafd9dcfb5fdf156cd7bcf60ed8
-
SHA1
08a4cf8357422a02193293b5f372c6e3e1ba8810
-
SHA256
398ebc3476435e57bdfffbd414a1f19feb68e38cbbded7130bf8c4f5c6036e13
-
SHA512
44df7a2b8c1bf320691030bf1fcab8f553aff35cae93214600b0505170f766270ffea3b637733cfaa1e8e914d6fc8f61c59221b66471d893596aa2fcc2a1b059
-
SSDEEP
98304:PbzXenum2GtQL/zeyTo96Tc0I/UKkulf3u11xsTvIKD1voBhUiVuuxxCTH:PbyumFKzeyToMTW/3Vf3u1/SvtxoUi7O
Static task
static1
Behavioral task
behavioral1
Sample
cmlauncher.zip
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
cmlauncher.zip
Resource
win10v2004-20240611-en
Behavioral task
behavioral3
Sample
Instructions.txt
Resource
win7-20240419-en
Behavioral task
behavioral4
Sample
Instructions.txt
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
installer.rar
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
installer.rar
Resource
win10v2004-20240508-en
Behavioral task
behavioral7
Sample
winrar-x64.exe
Resource
win7-20240220-en
Behavioral task
behavioral8
Sample
winrar-x64.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
cmlauncher.zip
-
Size
5.4MB
-
MD5
4bafdeafd9dcfb5fdf156cd7bcf60ed8
-
SHA1
08a4cf8357422a02193293b5f372c6e3e1ba8810
-
SHA256
398ebc3476435e57bdfffbd414a1f19feb68e38cbbded7130bf8c4f5c6036e13
-
SHA512
44df7a2b8c1bf320691030bf1fcab8f553aff35cae93214600b0505170f766270ffea3b637733cfaa1e8e914d6fc8f61c59221b66471d893596aa2fcc2a1b059
-
SSDEEP
98304:PbzXenum2GtQL/zeyTo96Tc0I/UKkulf3u11xsTvIKD1voBhUiVuuxxCTH:PbyumFKzeyToMTW/3Vf3u1/SvtxoUi7O
Score1/10 -
-
-
Target
Instructions.txt
-
Size
234B
-
MD5
822e06e7ebb15b30f187620faed10b9c
-
SHA1
4c9190df3a63aab645e17d966cc3a41470d39b46
-
SHA256
1abbdf36f1994ae5930f27c417f16db742d05b6647cc1941a30b8c0a9628c87c
-
SHA512
90a9f18af7865735102e6d83b00cb387d32c58dbf61b4804e8776d377c54d60f28d6495c7d69507a113849c0af89d13e30ae76f010cda272feb2b20a3679f754
Score1/10 -
-
-
Target
installer.rar
-
Size
2.2MB
-
MD5
932e1521933cb130a32417ebefcd7f65
-
SHA1
6498a4ef4a5aa03a4a244a4e1786f89fcc135a18
-
SHA256
fc9b9cc6bc5073977a2b4f50f6e0c7583106019a8e642514aa9dc11666013366
-
SHA512
2d56ea1b910972957fe0aa0e0457f7328392b723c88f36af873278383fa19d1c802a07bc42ab5d642cfbb257886c29df271c15980ea2c077fbf27bb3e9c49a73
-
SSDEEP
49152:WkiX7fzXIPeyum2UJCUle2JtQn7X/CI8pycA9QU3aB/F6UIS:IbzXenum2GtQL/zeyTo96TS
Score3/10 -
-
-
Target
winrar-x64.exe
-
Size
3.3MB
-
MD5
8a6217d94e1bcbabdd1dfcdcaa83d1b3
-
SHA1
99b81b01f277540f38ea3e96c9c6dc2a57dfeb92
-
SHA256
3023edb4fc3f7c2ebad157b182b62848423f6fa20d180b0df689cbb503a49684
-
SHA512
a8f6f6fdfa9d754a577b7dd885a938fb9149f113baa2afb6352df622cdb73242175a06cd567e971fd3de93a126ba05b78178d5d512720d8fdb87ececce2cbf54
-
SSDEEP
98304:mZjOBfKqY3fhMBexKTvsCHBviBh2GB8y0mb5:mZZ7fhMB2ovFNiKGhJ
Score5/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-