General
-
Target
cmlauncher.zip
-
Size
5.4MB
-
Sample
240701-eja1dsyfkq
-
MD5
4bafdeafd9dcfb5fdf156cd7bcf60ed8
-
SHA1
08a4cf8357422a02193293b5f372c6e3e1ba8810
-
SHA256
398ebc3476435e57bdfffbd414a1f19feb68e38cbbded7130bf8c4f5c6036e13
-
SHA512
44df7a2b8c1bf320691030bf1fcab8f553aff35cae93214600b0505170f766270ffea3b637733cfaa1e8e914d6fc8f61c59221b66471d893596aa2fcc2a1b059
-
SSDEEP
98304:PbzXenum2GtQL/zeyTo96Tc0I/UKkulf3u11xsTvIKD1voBhUiVuuxxCTH:PbyumFKzeyToMTW/3Vf3u1/SvtxoUi7O
Static task
static1
Behavioral task
behavioral1
Sample
cmlauncher.zip
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
cmlauncher.zip
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
installer.rar
Resource
win7-20240508-en
Behavioral task
behavioral4
Sample
installer.rar
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
winrar-x64.exe
Resource
win7-20240611-en
Behavioral task
behavioral6
Sample
winrar-x64.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
cmlauncher.zip
-
Size
5.4MB
-
MD5
4bafdeafd9dcfb5fdf156cd7bcf60ed8
-
SHA1
08a4cf8357422a02193293b5f372c6e3e1ba8810
-
SHA256
398ebc3476435e57bdfffbd414a1f19feb68e38cbbded7130bf8c4f5c6036e13
-
SHA512
44df7a2b8c1bf320691030bf1fcab8f553aff35cae93214600b0505170f766270ffea3b637733cfaa1e8e914d6fc8f61c59221b66471d893596aa2fcc2a1b059
-
SSDEEP
98304:PbzXenum2GtQL/zeyTo96Tc0I/UKkulf3u11xsTvIKD1voBhUiVuuxxCTH:PbyumFKzeyToMTW/3Vf3u1/SvtxoUi7O
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
-
-
Target
installer.rar
-
Size
2.2MB
-
MD5
932e1521933cb130a32417ebefcd7f65
-
SHA1
6498a4ef4a5aa03a4a244a4e1786f89fcc135a18
-
SHA256
fc9b9cc6bc5073977a2b4f50f6e0c7583106019a8e642514aa9dc11666013366
-
SHA512
2d56ea1b910972957fe0aa0e0457f7328392b723c88f36af873278383fa19d1c802a07bc42ab5d642cfbb257886c29df271c15980ea2c077fbf27bb3e9c49a73
-
SSDEEP
49152:WkiX7fzXIPeyum2UJCUle2JtQn7X/CI8pycA9QU3aB/F6UIS:IbzXenum2GtQL/zeyTo96TS
Score3/10 -
-
-
Target
winrar-x64.exe
-
Size
3.3MB
-
MD5
8a6217d94e1bcbabdd1dfcdcaa83d1b3
-
SHA1
99b81b01f277540f38ea3e96c9c6dc2a57dfeb92
-
SHA256
3023edb4fc3f7c2ebad157b182b62848423f6fa20d180b0df689cbb503a49684
-
SHA512
a8f6f6fdfa9d754a577b7dd885a938fb9149f113baa2afb6352df622cdb73242175a06cd567e971fd3de93a126ba05b78178d5d512720d8fdb87ececce2cbf54
-
SSDEEP
98304:mZjOBfKqY3fhMBexKTvsCHBviBh2GB8y0mb5:mZZ7fhMB2ovFNiKGhJ
Score5/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Active Setup
1Event Triggered Execution
2Change Default File Association
1Component Object Model Hijacking
1