General
-
Target
application.zip
-
Size
199.1MB
-
Sample
240709-hgkzcs1bjl
-
MD5
3ff2cfb0d40a8d203dbc8e7e213abfd1
-
SHA1
51e29901a0e5f7e7c93b22ef07f9ecbcf038fcea
-
SHA256
9df41ebe1a2c61bbc382a85a7788e127e4dafada4955a1b6c3dfcaf460bd714f
-
SHA512
a8ca689dce70cad02d3a438fab918b143699eb27c22f7fa40418ea26b154f93db4f99b4611a597720bc0c72933f458c98e3793af800e991ecc783a21da4c466a
-
SSDEEP
6291456:UOriWJ0ns9w5OrSTi87nm1o/h6aXXRhevjJiEmRA:UOri2qnmwHhhXilixK
Malware Config
Targets
-
-
Target
colorcpl.exe
-
Size
104KB
-
MD5
367938448e0e07b183761a1c915ed88b
-
SHA1
b81c222add4b507606f365bab8cf356af252b8f7
-
SHA256
0144dcec75946e5b4e2d7b8ce4faea1e3f12b2663b80a72bf7691441819a629a
-
SHA512
0585899a28ea9d2f903fb987cfed7624d4c6a56271a4fe5e5f6cba4302bc10d00e83f12b6b7a342ed408a233415033d0dbf89ae9549e928eed5888bbea6598fe
-
SSDEEP
1536:6l7IPfSbS9vMBN7rQOJ7CFToTCzhcRguhwxTyPCb3lZpdym4dy7p:CkXlvq7jSP1cR2prbpdCY9
Score1/10 -
-
-
Target
comp.exe
-
Size
44KB
-
MD5
ac09ce859407d3e28634fe861156d789
-
SHA1
d492909cfa04b8367b830fb5769b0ed2780a8b27
-
SHA256
afdec0bd08978adbfd01cbb403b8b1bc161f6021e92512887978284c276864a4
-
SHA512
98bf72f1e1ef38463601e23cdec2b7c66d865d628acea63713573de4517737e6a2ab7731e6622467cd814b91a0e64b24783a285de5e6ea9307b8864782c5c408
-
SSDEEP
384:oXYWZvemEJ5lem3RyqWbo1CmXacfWkjOwC+mzNDWMcWu:oIHJAm3Ry33vcf9jAzh
Score1/10 -
-
-
Target
compact.exe
-
Size
68KB
-
MD5
4ca0d26479ebbd42c672a99c7203d6b2
-
SHA1
f16df253e9876a9976161e7660bd519ed875fd09
-
SHA256
c94ae23e37aa37ca8327efef1f7c2a07789c083aaf343afcd0bde77d9453b013
-
SHA512
d38f68a52fdf6f323a02fdd42efc2d0e508247581d57d1b5a43baed7e2eafd3f02eed17173bcd1c71fe5612e5a2083b666c5d7f392c7ab3dfc8d7531d435c4c6
-
SSDEEP
1536:je59/XyRd4fU9TpZhITJQcTlpHpXe3r11vJ:jer0ddp7MJQcTlpHpur/h
Score1/10 -
-
-
Target
conhost.exe
-
Size
1016KB
-
MD5
9698384842da735d80d278a427a229ab
-
SHA1
0027bb9f956056b469b1dfd7cebd23c53b8f6f79
-
SHA256
f801e65f937827635eb462caf8cacbd473b9fc5ca428a9216a60c686f45802c1
-
SHA512
7641437b354c8ec6ac2a272a8d9471eecc0c6f9115ebd42f154e9d079f8372885724884cc8930a5054a2d13d1f7df9274445c05236e8fd044fd28cfc9a824fc6
-
SSDEEP
24576:u0RjIPm4iPgr2YiEVlhJA8PuK7ywmUxJa6PUk+APjKj5lcBNgm0NX:rR+ior2gC2uK7ywmUxJa6PUk+APjKX0k
Score1/10 -
-
-
Target
consent.exe
-
Size
221KB
-
MD5
d7d5a4513ef1b450124231d8e77e3c49
-
SHA1
62bdce4b9b6a93960e9bf873e3f6b3adc647cbbe
-
SHA256
8b486a989699fd1492ab6eed681021f1ced6454c6346086fb2af0a5eb8f16fa7
-
SHA512
590b747db6223e49865b7719d3fe6359fde7f1c79852e568c99fe7b2a98d3efb5d8b530e79ca9e5746674087dfdd6e280951bc89d5f2270d917ed2c7749dd6c6
-
SSDEEP
6144:sdHkVbtxEn8DqEk98Jprm6wJwcLcWrKzb/:8HkVbtxsSqEXmK0S
Score1/10 -
-
-
Target
control.exe
-
Size
132KB
-
MD5
79b6117b440b0b580156e9fb0a475108
-
SHA1
544c902698bb7acf356fb8fc101dfeb433032dc1
-
SHA256
2a1dfe6e7a7a3083e5aab487846a6f111f21a9f12104b84d363191aa09095064
-
SHA512
f480eb8c1a328311fd2e24ea6aff5723f11b9be1017b5d84edb848c09ef5201c35ac7d873073da7bec2e036cc89c8de26ae7608b2f7052970d516e23768a9964
-
SSDEEP
1536:fmQH/y76759US4Msae/qzSpZ3r1q6QkjfkQUk8+k6kawM1x8Dkf8dani25imK:vV9U1la7Sp5+1k12b/Af885RK
Score1/10 -
-
-
Target
convert.exe
-
Size
40KB
-
MD5
854c2e472961c99db9353dfe2016de49
-
SHA1
95781ac5d65a01bb7857bad0f5bedb4a5321a3ae
-
SHA256
63e2fe63c589db6343d9f731fc3ce86e1089b4d474a0cc2f473dfcf7aad76133
-
SHA512
821334468a56fbe59e4bc4ae8cf1633433c40f7730fb1dd464bad2c9ca7d2ce535f8405368c0db72b67998e1684c542bf1f4c3711ee0cfb14045b9506b81e8ec
-
SSDEEP
384:AEXVbgoaIo01ptg+KCll8tU/G+GeWPtlnWjwKQLNDWiqW:AkGo5tg+KCEC/DGH6aLz
Score1/10 -
-
-
Target
convertvhd.exe
-
Size
233KB
-
MD5
40c2f5e9e94b5bafb65c2b3358b763fd
-
SHA1
a72439e39c7522997f087a094616f169c02f8854
-
SHA256
ec9b2fdc69580579ab5f502de8964eb6bf4f16c26e69b979a58c27f96be63301
-
SHA512
a0516e4e2f3e492e210ea30a18bdecc37062b9d15cb7899a08e5bb42f3608031ed93dd110a4d04f531d293f0ff2b35466ec836d277b9885d42460172b81bb3a4
-
SSDEEP
6144:iblS82pOesKPUNIYY2APfNTonczSYR/m7sY1:klS82puNdnczFZm7X1
Score1/10 -
-
-
Target
coredpussvr.exe
-
Size
76KB
-
MD5
2a311b0b43d632800876c1644bc003f0
-
SHA1
fab8642a9e941aeb5a7efa66fb40353c26ac76e1
-
SHA256
f7679e96f5b9fa75d0ec012dd119992f402757e043cc8974efe85175be9c005f
-
SHA512
745518a9546a5486d46f1cae0213bdff56c93b5a93a7aae7a5f5bc8bb9122f4153e070c4d2dc9d9e51dcdb18cb996619c63108bfc385e1d91d0db0dc236174eb
-
SSDEEP
1536:DZujNpRZzUdjR+R2nuMeDMQZXUr7OaL0VuQomHq:NGNpiR+RDdZXUn70VuvmK
Score1/10 -
-
-
Target
credwiz.exe
-
Size
100KB
-
MD5
6b3dcdb5b80e861f2043cedcc6fcdc19
-
SHA1
c08b39897dccc80b8179df725ee5f62dbcc2580a
-
SHA256
592e4c587227de2299dad0a295e7903c7138afdc107690c90c47dbfc77ccd08c
-
SHA512
0bef40326b687bf28754913ab0661dac5c733658695395b4bebf0f6c04bf40f31fb4dc6ec610bdaa09282755393ce6183bc4eb2bc17ffc7d2021a6990aa6b7ed
-
SSDEEP
1536:8iL2SokZNyPNXYjCh8nNFORFw48vFV5JQgU5yLApW:8SNyPVWFeYJmA0Y
Score1/10 -
-
-
Target
cscript.exe
-
Size
184KB
-
MD5
50b90941e617e8a3f5dd4cf781fbf221
-
SHA1
e924fa0814080d9a709f9ce7d91906100a519747
-
SHA256
ad390c072299a68d528e5738cffac99fb2f36d49d2b069da75c49945912aeccf
-
SHA512
f5ae8ef057cf568bdc7493c17e83f64aba9f8f800f8c6802035fafb0d85afb27ed0390a8ad55bf3200c5c448d701b9e55f184c46e316a904f4e24318f64b4012
-
SSDEEP
3072:JtT5ZLGF9Y+qpO6sAbnBfUN2aual9nfcqBG6MwvdqNfZlg7L/S3SQQ3B7oz0OBuM:JtT3LGBqwVAbnBfWzualhfxBG6Mwvdq5
Score1/10 -
-
-
Target
ctfmon.exe
-
Size
28KB
-
MD5
4d6add8b85f8e33937b8483bf5d040c1
-
SHA1
69efb7fed6fe1f3edb557f839e806a72f1628368
-
SHA256
7e067b7da5da60458b5f7d5a99bc7c7c1f41999cd2559985f09267b1ec2e56ec
-
SHA512
43169be6234e1c6a03622a1ae544a456325f9e3f5035feab2e05ca64122dc68e7bbb74e94b3b56a8e5176b86e0ab0e1236c69ca38d7c1b26ae2fcb9471af75ef
-
SSDEEP
192:/LQ+daAb5DcsPXflKTG5jCTpcEnYnbCsWxgW:/clAVc6X9+GZ2pcd/WxgW
Score1/10 -
-
-
Target
cttune.exe
-
Size
112KB
-
MD5
f2b088ec7a15211928ff24e26a6ab029
-
SHA1
68c589bc4e7dc2923a68b97bb6021e6e7ea6ca64
-
SHA256
5ed3ef584ab77bdaf82c8f446b9aca61f9d39e815485fb0ebedeb098285790b2
-
SHA512
4eacb6ef21e0d9b6715874f8e5137d22635243a85f0d03652fd10bb22a70b3d945fdfa847e9b6912779920bd7df21d227c7444b5cf3b97396d5905973f2e3364
-
SSDEEP
1536://smTNfDsYE2JDSgRPVqh2xsLV6YPCBcOxkcEDhKABiNRxHhHR4s68zh+R66otjP:/nptR9qMU9ejuBiNRTJh97toyEE
Score1/10 -
-
-
Target
cttunesvr.exe
-
Size
64KB
-
MD5
48b114993a72768d0267a0138a2a00dc
-
SHA1
d862d2b759ba4bd46d4343597dbe5dd7b9fae970
-
SHA256
bcbf641825ea305b819a4189d7680700ccd01b9622e52c1db7466caad47946e0
-
SHA512
09075bf75886383947630a0c2d8739b279730077eb1591c73c2d40dfb40c7f07701b0ead13aba8db7e99b2b3d6207a026f61de7f56389fc82703df22baf8a32a
-
SSDEEP
1536:Qzqd4XyX+SzyQmEhbEXLEziF9YJw3OD8z0:Qzqd4XyX+Szlm5XLpO1
Score1/10 -
-
-
Target
curl.exe
-
Size
649KB
-
MD5
50679935a55f0805dc12a9188065dfae
-
SHA1
81c324ddc98578136dbe7d2a8d388a2ef52a86f6
-
SHA256
2bbad800bc5058cad5631dbffd39fb8a293616479250c47b38dc8e8eb61dc3da
-
SHA512
08f5ceeca4499ebc945547c1ae5742111426df36ab37f4848db32de23e4fad0a9fddb1e4e2e4f00887aeec667854b06d85b92115f0aa309e8eecce5410735f0d
-
SSDEEP
12288:/b2htB0sBsEtU61hU8whEZu2rKzoAbfYXJRQIQFuYfnv6:/6ZhT18EZuUKzTYMIQFNnv6
Score1/10 -
-
-
Target
dasHost.exe
-
Size
148KB
-
MD5
2eed576dafb496ba5a9704450d69a2d6
-
SHA1
f4f3e4a4195bacba6ae89297d099c3cf19f4de2f
-
SHA256
b484f5bf3f327532bac4543f70689f58e27a86ce38083893c3adc94fe3c51850
-
SHA512
c8ffb566025435775f9d86fcebd91736ced00ff3d2014744b305c4c9bb3935c0609542a3a5d0562c5884c28a96ce3b277724e5f8905892d5eecfc24727494441
-
SSDEEP
3072:mHvcI9nEeT3SHkPnUHMGqecvvS6XhzYZ+6od6T0/k:RI9n13SHkPnUHRqvS6xU8d6T
Score1/10 -
-
-
Target
dccw.exe
-
Size
120KB
-
MD5
b9f6784a6eb07daa6dfd654452dde43d
-
SHA1
c0036f885eb07d02ff72c18e92ba299687753324
-
SHA256
36d9a0ed11640a87cf75d8c14ad1a703ffa7d1d3ea9181a78ec2d23808470a5c
-
SHA512
f91403072e1ec4d3f5d94b3e8a02e1102ea364428dfe6f0fae3db18019b663430d00d48f494bfe1bd826e885539a3ec8f99105d79922f5328475f43df37fee33
-
SSDEEP
3072:nVksA9p1V1TkHwInpyePEcNu0VfuqR28X90R0Id:sp104knVuqzX2
Score1/10 -
-
-
Target
dcomcnfg.exe
-
Size
28KB
-
MD5
dfa0d5bcde97e541aae197b791b0bf77
-
SHA1
602883cd4308964a2e0fc74a561861908400144f
-
SHA256
893a6c696459fe6f44c5e71dba1f792df37ba765095548d125ba43aca4f47b18
-
SHA512
bf78cf1c20941f4735549c427a8295b7b2ea5756d1246b7530c0e1e55a9c1f28574d93a0de4faf2392df07940f2733208451130718150357efc390a09b75087c
-
SSDEEP
192:XJTPYfus5uLG27WxL3uX8E4+7L5Eyf9CseWEFCpt2cjIfWJfsW0EW:ZTAWsYcL3fEP7LGj7FCp6fWyW0EW
Score5/10-
Drops file in System32 directory
-
-
-
Target
ddodiag.exe
-
Size
68KB
-
MD5
0581dbc3715ec547372261e95caae080
-
SHA1
f6838fec32d75aa564bd56561c8b24683c9658be
-
SHA256
48bb5bdf5436a2545528d9f6a50c154865b556cbbccdbc5969cf62ec2a7e362b
-
SHA512
a933092c9903b4342f20e2f61c5b5cd34b2ae58e212bf1fa929a4fe20cb6e2b4e45fa0954ca92529f07dc6863c01975998f9d3e778f18422fa2ccab0c900c516
-
SSDEEP
1536:vs2brg7S1DqJBGK/hc3aZkLmMgMaouZl6iTOJtt1UI:vrXUasm
Score1/10 -
-
-
Target
deploymentcsphelper.exe
-
Size
56KB
-
MD5
7a488ab4c0e6852610b6841e6f8452e3
-
SHA1
351a0e973c42009d5a8f29438b3a569546005c67
-
SHA256
fe85af963288dbb292408a000243dadfc21690d58439373227230cfd111b6090
-
SHA512
186fa8ce38d990e593652505d22b1c2f1c727a7266121b6537112a58af208f50191a29be0dd13ec0ffeba894aa87017f150ab6b77a968811f51ab5186e65197b
-
SSDEEP
768:et9w6pFX8/ceuw6Aqjcwbml07Bw+9x9z:QHFXlF6+myxt
Score1/10 -
-
-
Target
desktopimgdownldr.exe
-
Size
152KB
-
MD5
70255e8c8bbb5f01d9354f111f6dfe8c
-
SHA1
56d529030718c43b3c4415737820fc36d17fccd4
-
SHA256
59c4e7f6a92ce1ff5c5660dd91a20de67a5dc10ec25d58b6cd5f3f73d04fd324
-
SHA512
80c9440fa479235235d59b48a606ef4cbaa0bfa6d6b8239bf49f296e9a8ffa1e49971162efa485f71f5243e2beae52df2cbea34371a4d2c1244768626434acc1
-
SSDEEP
3072:Vdps+1ZBrJWwfKVAeUgr2EIKPdnJKFMyyrrunXSTJL1ruDAAf5T:Vd2Mn8IKFn9VKsGAAf5
Score1/10 -
-
-
Target
dfrgui.exe
-
Size
136KB
-
MD5
87db68334feab8038a7e147296bc56c6
-
SHA1
6a471bbf0fc60c1e3e4c9055c55c37a5bf50a78a
-
SHA256
59c2107664e7ea21ce9f90bfcc2ac498ed8d1c87b2959069924c1eb8d4d42955
-
SHA512
0713797ab96c357b9487d12a7f736c1729d882f01345c5170078aa87711f563cf20010c9e8352c61d625bf30c5ccf5845b268ee7ec0e249d86db1cf93c0454f8
-
SSDEEP
3072:+3XdbBN9PSgedIahbz2nxihBX4Nq1u+BsmnLkJKk/UEAZC7x:odbBN9PSgedIahbzrTX481uIs2O
Score1/10 -
-
-
Target
dialer.exe
-
Size
56KB
-
MD5
d6bb90ef02bedae431eddd5f06cbefe1
-
SHA1
cea31fc0122e4aef4a6991322c643c2317574794
-
SHA256
a8a147051824b7839176f109d15dd033f1765f6d0f3f4d4149aa14e5aa5b0da3
-
SHA512
80acf5e76666cd0123b99a0e8d20b862a4ea37971627bbca14a855829f0630852ac35e8ccfb9a5208885ff58555bcfcee9a3135c2f3ed728bb13df446dd26f4b
-
SSDEEP
768:qr44yI9nX8Wk5kXkK9qEsXtc+Ih0FMlGQSYpuNeolWOm4Jg5tSd:qr4pcX8Wk5kkEsXt0V1pydm4mSd
Score1/10 -
-
-
Target
directxdatabaseupdater.exe
-
Size
172KB
-
MD5
02e79e6dcfd28c1b07a96229ee3a6f1d
-
SHA1
a04c5ac233fa0a47d717722e8bce8d0a9e0fadbb
-
SHA256
b1c43c8cec143039044cf52232279eab95bd1a076cf9971eab2b36d1efdcb654
-
SHA512
606275dd29f32634232969a25bfd3434fa0e1386d277507489b9998984641de6d029432c920e311286aa07af4e6047e1da91e0ee6dce2d1708915808dc21b51c
-
SSDEEP
3072:nQddDCArvsgXWeuUgrfEguBbwtzwTHhH5IexK:kCADu/zXuBbQuBH5
Score1/10 -
-
-
Target
diskpart.exe
-
Size
176KB
-
MD5
0676bc64eb3a629d312c12101ee8ef27
-
SHA1
0bc158701353a8102bf941ad04f0d9294ce8c1d3
-
SHA256
8263f9e3aa799c961174e876236d5e49de77efa9ad7497768887d35671692566
-
SHA512
f9d8abd1fe06e11ae795c62269776926167bbb517a163cd6121d3117b17239ccc9d2adbc893fc04b4e47b302c22d3366107f9ad17caac55168f9fba28665f01e
-
SSDEEP
3072:lAYoKaV0g1QS7gwjGB89G2mb3hYXtC87UyikdWgZB7GVx1+bdMy++Zfo9p9YyC5U:lJoKaVr1QS7gwjGB8o2+hYXtC87Uyikl
Score1/10 -
-
-
Target
diskperf.exe
-
Size
44KB
-
MD5
e65f4cc956468eac72d56d45310ba7e3
-
SHA1
90e828a7fc3dde88e7ee66c1aa143f350df8763b
-
SHA256
ae27b4847fe79b06177996a671a2e7a964f390af1bc60decbf73347d846869a8
-
SHA512
930d738161c7a455f72f088f7d7f6f329be27b1b2a92b20e48d933e62d87d3bf31b9d88cd6786ae4e66e352339fd04b0a8c2f2192ebfd26138e303364dc526a3
-
SSDEEP
384:aaieOJdmrYv5ZDKh4FXexG8kI5dixvVVDhTl58wRiOMkW495bEZeufZZhCdlWjJx:pO1nDI4oJkVX8wRiOMyQZ1ZZhCWX
Score1/10 -
-
-
Target
diskraid.exe
-
Size
360KB
-
MD5
229592d7c7778f5126ce353802dde17f
-
SHA1
bf9af419f584302ed1c8f8e8781c1ede66ca5c60
-
SHA256
03b0bb59daed6362d651e5f983ff7d57aa63d06ffee7c195610909434081994f
-
SHA512
1b96815039a3b43c618b94bcb81338c01ea06916abbbae1bbf7bb856e162dfee500069b7c62f2126f52227c4d69c53dafc4c5d82c4f8ea3d6fcdd7ce27fbfa2c
-
SSDEEP
6144:pUz4megqUW83RSHVrhSYgApvq1Evfnt9V+ujbr32YyBasLpTwUZPmaEsMUUsU1p5:pUz4megqUW83RSHVrhSYgApv4Ennt9V7
Score1/10 -
-
-
Target
diskusage.exe
-
Size
68KB
-
MD5
49dce1a7c1d54a82ba6d87b62f264974
-
SHA1
29ac10778cfe5b27e827d46cb218e0798ac827f7
-
SHA256
ace15e1e96bb34f2ec4ab93d70a0efd28a1d3f2fcb6d361895e6c341014e5118
-
SHA512
11a0e67c51dbec588a4e433852e04627ef0eb46acd29fd2a7c70685379ea61784d98828953e969959a84b34118bdd6a3005028dc78a5618432f835d34f20149c
-
SSDEEP
768:otM29TpcVFHfOdZNdVwhcFHiucUic/USnSIlbOjQnwrUcfkBJaZM9:F17HDyVcNQxflqCYdfjZM9
Score1/10 -
-
-
Target
dispdiag.exe
-
Size
136KB
-
MD5
14fb9f8b35a8486d05af9a41bed05480
-
SHA1
f04b78fb94745d071b693fb996d5bc7edc15dc08
-
SHA256
b2365f5817e826489bdab47fd77e0751335f12b68e4fc2bc77971ff54b804ada
-
SHA512
e11f9e2ba3e138b7b846ac7424bc0c160e15b4f6f46e59765868a3b4e91f8c53fd2eb7fec42f063be3938cfc545d3af64771ac580306566b138fdd56064f08c0
-
SSDEEP
3072:1keRaCBlUyGlxu6gLW/N21V+lbYM4kghsI:C+hBlUyGlxuTLdjmYrkghs
Score5/10-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-
-
-
Target
djoin.exe
-
Size
100KB
-
MD5
963ec75c3ef1a9b6422ba4cc79156459
-
SHA1
f11984013497685683ac889ed1e818243d12099f
-
SHA256
05d576742a3d4c092a7d1f2c586b37e3236052bed0492c4604e5370d3436db89
-
SHA512
c797d4d3eb7f5f795305862188d1e8e4c4aa26ac1ade739228df0647b0d3bf26e0de87aaf5031013915a9e1dab6604754e7419d59ec932b9a41bb25c211f4fa4
-
SSDEEP
768:OAtclOjsn26el00E75FNARwApEYa8bPPP976+AIj8FGdDMoG18Y3arb0CPRRQJ6J:1d3LEMtp1p7LGaSF3aXdRRQJ
Score1/10 -
-
-
Target
dllhost.exe
-
Size
45KB
-
MD5
144fa51a15e98d84d28eeab815bc9a8b
-
SHA1
c521025c55687c1f29b1f3a3c69b3d152ce84981
-
SHA256
fdfad08eadd54a431e431febe60e87b574ce90e5502ed0be2f026a1828120fc6
-
SHA512
f0913ebc532d85362ee3192139bcd8ebb20bc1ec6a98c6cefa84797dd9656fea7fd6c32b60f72d6a43bef5400312e326197bc7c76c06ad7d93f35dec32a24f24
-
SSDEEP
384:S/V4tpd7kYktwVVt6cPa/WA5WIDBRJBjK61x85zR9ztSxY:k47kt6wcCrX1PBH109zYy
Score1/10 -