General

  • Target

    Marfrig.7z

  • Size

    6.4MB

  • Sample

    240708-wcxz1s1arj

  • MD5

    a30477cb5bfa27a9122332bec8843312

  • SHA1

    b54bd5cb86c6fa091d0cd2c0d0e79cd1b93b5cfc

  • SHA256

    c06b7bae0279b2f76f50724c18f6744d4190bbd1f51de28ec865ea19e57bbebc

  • SHA512

    b6f792f5866f2b86a3c25d0f12c66b8afb179f93244ea9dfc3a48ac839bc0c65121c665066b5f994f5b400ece4ac61fd5e54adb90484ee0410b7760138e47aca

  • SSDEEP

    98304:ZF85VR35/zzyNhLL5dobAh5w/QQu1ueVO4vYhsOJp3ygN1jF9I2nBfCdjtrwaKL8:ZeJtHWdPh8u1ueVO4wRJBjRNCV5LK8Ce

Score
7/10

Malware Config

Targets

    • Target

      Marfrig/CP210x_VCP_Windows/CP210xVCPInstaller_x64.exe

    • Size

      655KB

    • MD5

      b3766c35b387ae1a624fc5e83a01e224

    • SHA1

      764c64bc23c7700dd07daebd968ce73154860964

    • SHA256

      cdd0b13eefadc1ad1fd815d188c377671c46a6822ee95590aca19f83b112c5f5

    • SHA512

      a2e3027513a90f9a9c6f42ab2a077b06e19b5d3ffe8cf1a09baedf9acd98651658a1daffbce56681f97b51048df8dfa2a92ee8c13f0666128fb2e777b7e473eb

    • SSDEEP

      6144:ssW7OzpPId26dQcEaUrPvwgwkRVagRoOQTiHaQsVIhVLpHf2mmP:YIId79EaUTvwieMowXzZ2tP

    Score
    6/10
    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops file in System32 directory

    • Target

      Marfrig/CP210x_VCP_Windows/CP210xVCPInstaller_x86.exe

    • Size

      532KB

    • MD5

      3eb8b4c4a92c590d538bf5d6cdca64c0

    • SHA1

      7082a5ae7b806196db536bd482f390144b64adaa

    • SHA256

      cf2910e87e064c5b1beec56c6603750bbb579548bafe8b30095920de2f9b4a30

    • SHA512

      f27025d8991d207ba454397eb705787a02caa537450c947ea173480bdec418a8abf86c404869753eb763378f07ec5f96ddacd83a43788162f7ddf0672db775a2

    • SSDEEP

      6144:2ZQaKSpwmx5ATm/LC3fwf3OoU9xkYSr/mdBTRhKWIUmPkr+LyIQj:2ZqSpwmxvL/f3vCNkPkrAyIQj

    Score
    4/10
    • Target

      Marfrig/CP210x_VCP_Windows/x64/WdfCoInstaller01009.dll

    • Size

      1.6MB

    • MD5

      4da5da193e0e4f86f6f8fd43ef25329a

    • SHA1

      68a44d37ff535a2c454f2440e1429833a1c6d810

    • SHA256

      18487b4ff94edccc98ed59d9fca662d4a1331c5f1e14df8db3093256dd9f1c3e

    • SHA512

      b3d73ed5e45d6f2908b2f3086390dd28c1631e298756cee9bdf26b185f0b77d1b8c03ad55e0495dba982c5bed4a03337b130c76f7112f3e19821127d2cf36853

    • SSDEEP

      24576:oU4MsColC6Je/ZgY7OOfcEpiRLH87SyVXGe38uKUj+NFVov1PJLfVKZ8F5mEeZWF:BFCsfZRZA6Xn388avVovfLd+Mo4iEF

    Score
    1/10
    • Target

      Marfrig/CP210x_VCP_Windows/x64/silabenm.sys

    • Size

      26KB

    • MD5

      7799106fee728b907a86d9c9751e02d5

    • SHA1

      f35320e535159d43b598c7c11684db05be4196a6

    • SHA256

      ee85e8d3cf3819db28221bfc103de8df0e14e1878cecf54e8cd8c161b0e0af3c

    • SHA512

      f91af958adf1b808fc6c30aa7fe9c6cf8c5c2a041327693403d9a12a06e7c5084d203433ba2d0917a3fc1a064626bce89526c5fb4b951f0a4aa07e84d237a99c

    • SSDEEP

      384:n6oIhnyUR2OZRy0m1KOd/V3nL7fVRQlQeddvuVyxxTWBU/TJ1mTbCemE:fIZygU31Kw/V3L7f4esv2+/TbobCM

    Score
    1/10
    • Target

      Marfrig/CP210x_VCP_Windows/x64/silabser.sys

    • Size

      71KB

    • MD5

      447209c314e6e0d26e01962075802b18

    • SHA1

      dd8af2e3aa38d2d6971568ebf2cf41848e0091f5

    • SHA256

      ab1ac5854eb0edf66025609cf9cb5639014c264327f4dee1223bf7f6e1bd2d15

    • SHA512

      e2f8470c31496d1547cf930dd32805407722f81f6846e4257bf28ce37bf635f8eda07a19e99fcbe10aad939e7912fed4aba098b58cccc66217f2965bf4d10c73

    • SSDEEP

      1536:0ZsxDp0cAS3xTZDPU+dlLxAoO4lx/CGxMP4TNYyTPfBi3ItZRmU2Eo+u:/xDScAGTFcWQGx/CGxMP4TNYyTPfBi4g

    Score
    1/10
    • Target

      Marfrig/CP210x_VCP_Windows/x86/WdfCoInstaller01009.dll

    • Size

      1.4MB

    • MD5

      a9970042be512c7981b36e689c5f3f9f

    • SHA1

      b0ba0de22ade0ee5324eaa82e179f41d2c67b63e

    • SHA256

      7a6bf1f950684381205c717a51af2d9c81b203cb1f3db0006a4602e2df675c77

    • SHA512

      8377049f0aaef7ffcb86d40e22ce8aa16e24cad78da1fb9b24edfbc7561e3d4fd220d19414fa06964692c54e5cbc47ec87b1f3e2e63440c6986cb985a65ce27d

    • SSDEEP

      24576:GjG90oN2lj11mk/22yYzGrarZRm4X5Uh6rVh5LdfBwOyCSQM1fFhSWRA2+:iGtN2h1120R7m4XShYVxfBwrC21fXSz

    Score
    1/10
    • Target

      Marfrig/CP210x_VCP_Windows/x86/silabenm.sys

    • Size

      46KB

    • MD5

      3ead8e1668ce42a0afe41d56e7157bcf

    • SHA1

      c164ee1014a9d64befcdb46ab4b1c67c1f23e47b

    • SHA256

      90a1aa6372356046b28c079954458f42849779ffc48c93af0549a7673b276eb3

    • SHA512

      5e4e844d809e0d344ec3aae456f9c0c0dfc89f7ba1d328afc42fe474fdd57a8f156cce8b269a125d113e3eea660a693406bdd15eb1b0c00e3abb20a192fa73f0

    • SSDEEP

      768:43jIG9nfU9USVPRaQT78wiYwMSxidYBb3obCv:YjIonWVPAvYzQx3cCv

    Score
    1/10
    • Target

      Marfrig/CP210x_VCP_Windows/x86/silabser.sys

    • Size

      61KB

    • MD5

      688f8d8a147f04169139a681a1aa0035

    • SHA1

      5d05647ebd0052433cb4574f5ec614e404f71314

    • SHA256

      4857a353d5a3a390a134999268cf05f09c82e5e881822a43984f8bc74e7d00b1

    • SHA512

      dd22ab8f0a5ad168f281df8fe80e25e9f827b8ab8a5071e1568bb788f36a25488ff9e2839e4e1adc28b9aff181d1ae1a3b1d95448d289851d75efb25f2512dd6

    • SSDEEP

      1536:4CVK1U5FkvcfL+MexwdFzTRIkwbzNQfqahBv6E5uzAZFzad4:4CIu5tfLfFzTRIkwbzNQfqahBv6E5VD

    Score
    1/10
    • Target

      Marfrig/Centaurus_V2-55-0_ParshallDisplay.jar

    • Size

      2.6MB

    • MD5

      b53d869bc34f8f35c6c43f260d1e47bf

    • SHA1

      8be010645d2f1e2081689f464c4737a1b9991bb5

    • SHA256

      9eb31561a555f7f727df1c42a68d1e1804c59062fdded01cc586320c8a490552

    • SHA512

      2416d7cbf5e8230f432b5e0bd8ac5e277806faa35d165415b74269a51109a6191e865993c72685e25f30860136d7344a5f9a649e682925042376b9d59fe3baeb

    • SSDEEP

      49152:hnY4kAoFG3s+mpUOIRelwM6vMwAoGnQMWQyqjj/BU1U62j69ewJVg2hJyCX0ydaZ:hYtfFG9mp29vLAoGnFZn964aVfhJWyIb

    Score
    7/10
    • Loads dropped DLL

    • Drops file in System32 directory

    • Target

      Marfrig/putty.exe

    • Size

      1.2MB

    • MD5

      b3bb91ad96f2d4c041861ce59ba6ac73

    • SHA1

      e18c6fd6a0d0d5c124c9ef6972a76c47c28c80a3

    • SHA256

      0581160998be30f79bd9a0925a01b0ebc4cb94265dfa7f8da1e2839bf0f1e426

    • SHA512

      e3a8426d202a8aad79aad5d75549753cf70b9c2c0fa4c9468f03d089eca8e529b56cd8fa16b7be3a4cfc019d43ff458b9dc8a1cae44b6ed75e27f21489a2cbdd

    • SSDEEP

      24576:+wIEES7sjMc3EQVdEDvLJPjraFLR5ROwwC:+rE/7MMc3Xajrkp/

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks