Overview

overview

7

Static

static

3

Paint-Tool....0.zip

windows10-2004-x64

1

Paint Tool...ge.bmp

windows10-2004-x64

7

Paint Tool...um.bmp

windows10-2004-x64

7

Paint Tool...la.bmp

windows10-2004-x64

7

Paint Tool...se.bmp

windows10-2004-x64

7

Paint Tool...ts.bmp

windows10-2004-x64

7

Paint Tool...es.bmp

windows10-2004-x64

7

Paint Tool...es.bmp

windows10-2004-x64

7

Paint Tool...py.bmp

windows10-2004-x64

7

Paint Tool...es.bmp

windows10-2004-x64

7

Paint Tool...ts.bmp

windows10-2004-x64

7

Paint Tool...st.bmp

windows10-2004-x64

7

Paint Tool...os.bmp

windows10-2004-x64

7

Paint Tool...es.bmp

windows10-2004-x64

7

Paint Tool...rk.bmp

windows10-2004-x64

7

Paint Tool...es.bmp

windows10-2004-x64

7

Paint Tool...sh.bmp

windows10-2004-x64

7

Paint Tool...ro.bmp

windows10-2004-x64

7

Paint Tool...er.bmp

windows10-2004-x64

7

Paint Tool...es.bmp

windows10-2004-x64

7

Paint Tool...ic.bmp

windows10-2004-x64

7

Paint Tool...er.bmp

windows10-2004-x64

7

Paint Tool...ny.ps1

windows10-2004-x64

3

Paint Tool...ng.bmp

windows10-2004-x64

7

Paint Tool...ds.bmp

windows10-2004-x64

7

Paint Tool...al.bmp

windows10-2004-x64

7

Paint Tool...ir.bmp

windows10-2004-x64

7

Paint Tool...ce.bmp

windows10-2004-x64

7

Paint Tool...ge.bmp

windows10-2004-x64

7

Paint Tool...i2.exe

windows10-2004-x64

1

Paint Tool...i2.exe

windows10-2004-x64

1

Paint Tool...i2.ini

windows10-2004-x64

1

Resubmissions

11/07/2024, 08:08

240711-j1h5jsxcjl 7

11/07/2024, 08:04

240711-jysafaxbln 3

Sharing

Copy URL Twitter E-mail

General

  • Target

    Paint-Tool-SAI 2.0.zip

  • Size

    14.6MB

  • Sample

    240711-j1h5jsxcjl

  • MD5

    d01ae8cc50038f82cbd4de7f313c5396

  • SHA1

    d1b225a73879ab660be147719d2ec1a6e5a0d149

  • SHA256

    fd8f8d2dffe33e9d31f059016bb18f5fc54df4bbbfab09b04227e149c99376aa

  • SHA512

    d8d152df1a12eb17a21343672d817a3058a1ba3905c84ffa43fc68681d83fc71a4f1e3da93b41d765681dfd3fadb4ad5b6c9e7d443a4e8732fb46257af38b4b1

  • SSDEEP

    393216:gxDNrRRwjqlLtEqhQzQdpwYMhizgNq/2ukdxEkrre:gxJrRRwj4LqGbwBhdS+re

Score
7/10
execution

Malware Config

Targets

    • Target

      Paint-Tool-SAI 2.0.zip

    • Size

      14.6MB

    • MD5

      d01ae8cc50038f82cbd4de7f313c5396

    • SHA1

      d1b225a73879ab660be147719d2ec1a6e5a0d149

    • SHA256

      fd8f8d2dffe33e9d31f059016bb18f5fc54df4bbbfab09b04227e149c99376aa

    • SHA512

      d8d152df1a12eb17a21343672d817a3058a1ba3905c84ffa43fc68681d83fc71a4f1e3da93b41d765681dfd3fadb4ad5b6c9e7d443a4e8732fb46257af38b4b1

    • SSDEEP

      393216:gxDNrRRwjqlLtEqhQzQdpwYMhizgNq/2ukdxEkrre:gxJrRRwj4LqGbwBhdS+re

    Score
    1/10
    behavioral1

    • Target

      Paint Tool SAI 2.0 (64bit)/blotmap/Action Lines Large.bmp

    • Size

      257KB

    • MD5

      7943485b9d656f794e6462448c805caf

    • SHA1

      d7587f051f55e944938c39936523c3d2679efda8

    • SHA256

      564c8ef4616034e251b8bd9f5acb10c83014b81a3e89b899c3b54bfffa985dfe

    • SHA512

      84c2df7daf0afff0f27d696be069cf840cddd7f3b8c9eff0334479626849c9a4f5a7b2df2c9956d46196672b82c1a3e371613bc108dc7cd39c2234b5d7f6d1a3

    • SSDEEP

      3072:QsEuNNpb8NWTHMS5GneihFnFaIe/+huox7c8GkJHakseQx:QJuNNpb8NWTQnFngIe/+huox7jasQx

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral2

    • Target

      Paint Tool SAI 2.0 (64bit)/blotmap/Action Lines Medium.bmp

    • Size

      257KB

    • MD5

      b6920533c047305f17d39f5d56d6f996

    • SHA1

      789777a6370c9a8d858ed4990b12a9749d9a8f7b

    • SHA256

      f5f32df1ffc006f42ca6c5613e4e636984d4611f8bfad62aac39faed7bb717b8

    • SHA512

      44353cca624e873951f0b4d254fb4e54326c3b3fcfd8495fd463ca1010cf97a2cc73bbc9c7efa89719a56a3d85d0206e423f17c8d6a461dc9e0d64b64356c363

    • SSDEEP

      6144:uJ6LA/mhCe/9Jf5TahynCKZS//nyXx/Zc+rrVYY+Qv:uJ6LA/mhCe/9J5FCKZS//nyXx/Zc+VNv

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral3

    • Target

      Paint Tool SAI 2.0 (64bit)/blotmap/Acuarela.bmp

    • Size

      257KB

    • MD5

      202c1c1f3cbea3e77b5de3e4206b7510

    • SHA1

      ca8982d9959af7ad19096fe53ba0a8ee1eb28e68

    • SHA256

      f63db5a153389db98ba24b193c82e933a82410c6f605e438816f98f728700369

    • SHA512

      310366c57b44a172fadea947d2bef1e79db31b1536afc8ad223983cb5638e17b62d48a7c0d79896508c2e37d68ff311e439aff4282b33d762fcc684fead70bc6

    • SSDEEP

      6144:C7seTtALimvGE5VkMApke3KDEGMRjUl0Ymoi00MquYgAlNPmun:C7YLzOEY5boE5jU6YiMUblNPvn

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral4

    • Target

      Paint Tool SAI 2.0 (64bit)/blotmap/Blots&Noise.bmp

    • Size

      65KB

    • MD5

      7e313e2d7a64656ef7101d180efc2da8

    • SHA1

      db826e9474a163042679c667b6f51d382b09d9e8

    • SHA256

      75b412bc911f85b71ab0f74648fca9d8a7b0f88bd2eb65cd9f941cc1ca87fa42

    • SHA512

      e6b01b1d0b2b2209ca58129b72936086aa7ca1de5a000ea645d82aab02e07c69581f4493c5c66c6e4904b94111c494d31290768ec6427de7f00ebdf787bdca38

    • SSDEEP

      1536:HvOYAaAJWndc6tmZQ4ynFVZV+NrVclruBVRV7LbWETwwhSa:OfJWnDtJ4CnQOlSj7LiETwwhSa

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral5

    • Target

      Paint Tool SAI 2.0 (64bit)/blotmap/Blots.bmp

    • Size

      65KB

    • MD5

      b953210f80206d395f79bdfc480b08ba

    • SHA1

      f7ca426380a6c30c1bc1d75dd4b448298d64023f

    • SHA256

      3a50c1123d38839112e6efdba622098138f895eeca65a13923eaa00ef5903fb1

    • SHA512

      fc0d6e82d492009253f906b7de82859319725d843d984ad468967703c26adc0e8bd2054f696fcc53fdccb3c74266658584f08d039605097aec5837fd233c9fdf

    • SSDEEP

      1536:Hqwi74oFET4vYtJ9rsQ/dVk0OAAJMneZCWk72O5w:K5RE7zs4CAAuW

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral6

    • Target

      Paint Tool SAI 2.0 (64bit)/blotmap/Branches.bmp

    • Size

      65KB

    • MD5

      bba616faea4f2c6911e7bf9aa309f482

    • SHA1

      d39caefef32b9a269f947284c0b4dd5659af3e10

    • SHA256

      66015e15b03d771e88a45f5b20a97865c289ba189507604aea04bc4a79a57049

    • SHA512

      e5d4c26660fddee49d14b4743d663ba6910b05fb547afcc86d467c68d280c496d9b3bc932ae70c3c4b5d34348bcaa6cea7e489f2bfcd04e768fca26ab96beb84

    • SSDEEP

      1536:r1LQvzk8Jkp7afTtjSHvBK9eLy0PnoQGEOaVJbjAsRP+Xi:KvSwTtj4BK9v0KcJbXRP+Xi

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral7

    • Target

      Paint Tool SAI 2.0 (64bit)/blotmap/Bubbles.bmp

    • Size

      257KB

    • MD5

      0e3704e3fa4bef2ae17d7084e908d727

    • SHA1

      fcd77c0d1659c4cbe2406ce6de012b20264e3287

    • SHA256

      8e21a25178beea531ee068cea932d0df579fea3b9c97942b29a4f6c705fef5c7

    • SHA512

      45ff6e658574e8fb736bdd9429a290985059355f7ab8799ba6c370f03b9d9d6aac46c06d05fe041b09d9e3b1c7f2d395f5773965305ad5a52f56178529cfdcf2

    • SSDEEP

      1536:NDHdPySzESB/ecsNQjEKs663kqN8ICig6o5VKEPrR/+mbgz/5g1XnMOfKbYzob2Z:p1/uqjVE3kqfgxVKEVdgo3MOAk7hp

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral8

    • Target

      Paint Tool SAI 2.0 (64bit)/blotmap/Bumpy.bmp

    • Size

      257KB

    • MD5

      3197f8ec3e4b8e3039560086c9dd9d54

    • SHA1

      b83d291a7c64f2e64be3d26b9a7e22eb651c367d

    • SHA256

      b15f4194190d91251cf4df7c552505ed003326580384ccbb48164bcc28048dad

    • SHA512

      86f332d78d8750ea661aa6f8d32579776311bb5a5f3c70b13b0089549f5b746c1695ae4626840f992c19fc9e4dc58d3e5df070b43688687be0eddc8f0e3b1e40

    • SSDEEP

      6144:HYwsdpawpvQRjGFWh/K/csKqko1B/mMF3gVZIKCJxrPNWSzkJ:I3hM/783RvrYJ

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral9

    • Target

      Paint Tool SAI 2.0 (64bit)/blotmap/Butterflies.bmp

    • Size

      65KB

    • MD5

      9ca0cf6dfbc6784163be7653c5295fb3

    • SHA1

      e4837b8c9e89d22e45b1a0aa034231024a8664c2

    • SHA256

      71e043e0229fc4338c64ccef97f40741813771a61e3082c2c9d574230d68f685

    • SHA512

      8abb653269846c2fd6c8e61abbe8d6b0fa80f8f8c0ecef7a1fdbadc9f816673694b572393fdad597fe3239862aae773ce818beb0e4a2265ca7851bb2daebb052

    • SSDEEP

      768:bGUH5ULDcIDiAv9Rusg0Am4b4O5x9+t55:bGUZiDsEZ65P+tr

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral10

    • Target

      Paint Tool SAI 2.0 (64bit)/blotmap/Circuits.bmp

    • Size

      65KB

    • MD5

      ae42257c0692b5888833508a27d72056

    • SHA1

      47270a0d5ec17f6bf5c59acf325829fb30901461

    • SHA256

      548d14cab985054ae3ede050a2eddc2f73862f0ceea495a3862fd96d2f0256a7

    • SHA512

      e4e621ff5601376392509814a5f90e3c0f0a6235ef20f7614105735f2a894fb2c81d046d6d20fbed65bfc12e41fbd30740c32a2af0829dd0e43d5b95bcfbd850

    • SSDEEP

      192:r5nHU6nnnnnnnaoNUB1ouDDDDDDD+LYt/nTnTnTnTnTnTnTnBG9737777777cBt1:r7N9Mt4uzeqrjXf

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral11

    • Target

      Paint Tool SAI 2.0 (64bit)/blotmap/Crust.bmp

    • Size

      257KB

    • MD5

      93b6558865ea40e4a2e77c3f094da456

    • SHA1

      3d22872b11e4331393ef4fb4361850b36c2b142e

    • SHA256

      1f9bdcdcdf3ea598729c3e220603f122aa6e78968c6384af256c2828a6cb6aed

    • SHA512

      7817343343afab2dedd6e9b4adab889ea97479e31a27fe37453a1334cc6c417fce3b13cc8913926ce10183d78f0792f22d0be393a908d2f7c23d10bfb8394afb

    • SSDEEP

      6144:14xzjzA+R0PjiZqfXBSHV+icvj6sftlhSiUQ25tI0047/Kmn2:14BjYPeZq5IaOotDSiLII87/v2

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral12

    • Target

      Paint Tool SAI 2.0 (64bit)/blotmap/Cuadros.bmp

    • Size

      65KB

    • MD5

      71a6aaab419e0baf9c1dd89cb1b0a9d0

    • SHA1

      b32e25849a3a950c89ad7d2a88237993f5eb2550

    • SHA256

      bc4feaf755f0dd4ca47f00750ad42ea3782817a4618a524dcda150466ee5d852

    • SHA512

      c221b72bc87a4b96915566178b34f1fc2cd171d1af61cfe4a45281c81d3d6bca6c26c9976fbf1080bae2f6c4d705aa135f071ef8df5f0dacfae393804bed29e9

    • SSDEEP

      12:8/RVHHplT/PD7tl3bDP/Blrn/FJvn5VHv9B/HRNnfVZvnnJlzfvjbNlX7jvfhlLB:8JhJZn3ZHXpJZn3ZXX53nJZpn

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral13

    • Target

      Paint Tool SAI 2.0 (64bit)/blotmap/Cubes.bmp

    • Size

      257KB

    • MD5

      7ad46e8ca67de285cf9e997cc7b8fac3

    • SHA1

      7368ee109abdc4464832b46dfa7461172f9a0d42

    • SHA256

      e340c228e171b2a2b7a6903fd135d7597676d4a84eb271ff82e4f7939250ea6e

    • SHA512

      7142a30ddb4359eb903d620396438c391b5b772390dd8dc9fde4f4213d69371b66e0bca760cb6b2805da1a5ed47203c8c801cf4975e4cf476e34d0aa0c0f4c17

    • SSDEEP

      6144:IlHA2m+UNsEnpZZ640nx0dP6VtR2yI6o50yXq+2OdpwnV1V4INk:qA2JVQt6B0dPoGyITkody1V46k

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral14

    • Target

      Paint Tool SAI 2.0 (64bit)/blotmap/Dark.bmp

    • Size

      65KB

    • MD5

      0211ad20c58c88ec7de960b297e6d80f

    • SHA1

      d3a545399c91ea82be771f709400eea75233ab94

    • SHA256

      0a5c45467c889b27288e04a0ec02543bdeb1cf6bc7d4ec0bd6cbbecfa6f8879f

    • SHA512

      b6b22d29013bc58df2641f3aaf086122390395c0de8b1e9ebb46fc709627508537f0a3c8188a8bfb849069875abbcee9bf26d4f352094704fdb9fa25bd02835c

    • SSDEEP

      1536:rITNgqnntELu94vCvvQTOtKEy3bG+KhiXO30Qu9RQ:0TyqnnuiyC3RtK5OBEQ

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral15

    • Target

      Paint Tool SAI 2.0 (64bit)/blotmap/Diagonal Scanlines.bmp

    • Size

      257KB

    • MD5

      32ca75b40917e48a46ec47fc2cfb4cda

    • SHA1

      57a4c6c567903e3d08c28fc59f12aba8d99441e6

    • SHA256

      396af03e96456dba7827f4a08a98f923e51004bdc848e6bc5cf402e919706fe4

    • SHA512

      a6f92bf6a7abd2cf370471d1b522cd596748b1de814bcdff3248e3982695331b7ea938633b45962cfbab1566b4c3dd011482f6dbb02ac3b7637a6a1bdf3e29fa

    • SSDEEP

      24:7JZn3ZHXpJZn3ZXX53nJZpn9HHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHC:dZ353Z3p5JZJc

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral16

    • Target

      Paint Tool SAI 2.0 (64bit)/blotmap/Dry Brush.bmp

    • Size

      256KB

    • MD5

      359567a2a605bc12b244df7e2596d8cf

    • SHA1

      0e2199c9522a061a6426c3df78060e826d3f17b1

    • SHA256

      eff44ae73c88220cd2e5b1132ea47969392038a5b561d105f37da481cced9987

    • SHA512

      c41551211d55ea085ba3235927fdd11f650e17ef0a8eb9a802ec3d688d923f76347ad5b7234406d8941b9a29328ca21dd477d4f4e5467b9a563e3263aea7225c

    • SSDEEP

      6144:dU7ZXlP++NswhR3f9vCGvjfPrQKvHbgq3Nqyc:uxheG+4c

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral17

    • Target

      Paint Tool SAI 2.0 (64bit)/blotmap/Electro.bmp

    • Size

      257KB

    • MD5

      b0a0d1d4af23e78fddbb932259339330

    • SHA1

      94b9a1bd1579556750404ff4007ad3b0307e505e

    • SHA256

      1594b974e87afd7d175e4b6466173fa6c461d6ae32cf8c82b7ebb9f1274336a3

    • SHA512

      1a9ccb2448f26b162c50e65d72ed651f58c2546a6d2772f79c132246a7dcdf9150c34e37bed93bb63c1380d36652de85594067fd32f269566223ed28d0208d60

    • SSDEEP

      6:dQ8nkIlt4pLlBOzyPhlAv9zbGs6AAXjrmMelRltgXlklcN46I5f44444cl00000v:dQGkIlt0JB4uhlAVwmMylglklE46epls

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral18

    • Target

      Paint Tool SAI 2.0 (64bit)/blotmap/Flower.bmp

    • Size

      65KB

    • MD5

      7ee7ec276b6ff8bb30e929242bada217

    • SHA1

      cba34299d1be3f37368926215fb3a3607f20ccb8

    • SHA256

      594f2fb9ad80ecf48bca2c3c05d37b1cda292815978a4e9c4326988a509f48c1

    • SHA512

      2c1b7190f92c72d4bf2ccbd7cfa4f320a2b108bc793062f023c3e8118cb4994a4066aa0bdb5424627505d969ccb011f2bcf69dddffabd413e7d13ddf017ccc91

    • SSDEEP

      1536:rEJqZNFViCYzf1mAxiFLfyqz4s/7ueMKW3S7jqnBM90d/D:kGFViCY5mLFKqzp/fMrS9W

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral19

    • Target

      Paint Tool SAI 2.0 (64bit)/blotmap/Fun Squares.bmp

    • Size

      257KB

    • MD5

      750f4aebf14298d73c3d5373371a2ee7

    • SHA1

      604d637d52010aa4d3c231e4a080d4d1c88d82d0

    • SHA256

      114f85f949dc03b6d2142d67cc9b5cfc34fc1af9898a5436e6e8fd536920ae91

    • SHA512

      e161d53973210692a3165262cfeffe43c6d43be28fe101e55c0ccb31ad690cb99fc681210ba3060aa759ba288dda585ddbb1ecce126168726100a1f90ae72840

    • SSDEEP

      3072:zzev+lftQS6ZDi2MFnd6RvML8loeo3SESdPxeSKJ5zE6O+pguD1dcFd0204KnQU9:/ev1w6R/no3S1xe+6cFKTQUfV

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral20

    • Target

      Paint Tool SAI 2.0 (64bit)/blotmap/Fuzystatic.bmp

    • Size

      65KB

    • MD5

      3c66321a69262fb03fe41f8e1d85cfa9

    • SHA1

      a927e331219dda6fafc3ff369d57dded9e114a20

    • SHA256

      69d721ec8bf39a5ee8a375c21655a4ff5447415216c711fe3045b81ba011b62a

    • SHA512

      b6e2d2185ebcd4572719e630ece96e7a6e25525fcec8fdcc85b919fa9311bacdb3c37bbde553825e3a6402c48a77c89b3e1af76a7bb23dad8a9bfd031e73bc7e

    • SSDEEP

      1536:HJ9m8PArzktwTE4X5CbypqL4C4VlU3W+2YzFBvR:p88nWXo+IFPR

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral21

    • Target

      Paint Tool SAI 2.0 (64bit)/blotmap/Glitter.bmp

    • Size

      65KB

    • MD5

      17a56c8db31514e2d2f28362d1e80e26

    • SHA1

      bd06e170feeb2209f9f23f745a33a4652674d069

    • SHA256

      51f8afafe7674fa67145ff6c33f82ca992b1a1bd7e69c97af331cc090ca9e4d4

    • SHA512

      9caf48db7e2bd1f9798c3d63737f2a9bf204a5c55b492105ee71061fd6fa998ff8ea9b27ad055ecafaaf79fd157684baac889174d781700a1fc83f585b0004ee

    • SSDEEP

      192:c2I7+aDi3cz9yeW4wpQwM/xe/YvgYQcMe:c2I7JDo49zOrM/4/Yvqcj

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral22

    • Target

      Paint Tool SAI 2.0 (64bit)/blotmap/Grainy.bmp

    • Size

      65KB

    • MD5

      8d441cf210ceb15e85bfd2444898962f

    • SHA1

      a8e30c48e1f87268e0290bc1011f97aedd482bb0

    • SHA256

      58f80a5b55e3da89a0ed704e13b3232039073a252c167e01ebc9d7b93f4d2f45

    • SHA512

      456dae6b410828d9eeea102386a2e23663773af0235e55f59999c19f5c9e8fb29a94561ba5806b1b69c3a9cfca4607f92a10544eb04832a5dc375bf0956a949e

    • SSDEEP

      1536:rQDsSM4JLdE7oY+/H3ll5imLNMuFK1lOis3kpydxoPDifgep:sISMIpNY+f3lDnL7FalOis3ddxualp

    Score
    3/10
    execution
    behavioral23

    • Target

      Paint Tool SAI 2.0 (64bit)/blotmap/Grating.bmp

    • Size

      256KB

    • MD5

      49405e2a995c8aa1efa6ae24840655d5

    • SHA1

      6acb07e2a670c3c202161ba1ad0fea64e9ebf7fb

    • SHA256

      3dcb02a6d570ba06577986cbcbaee0f3b9ea85e2c5742051a2f779831a1c49da

    • SHA512

      bbcaca47c4553fe70e3bbe03cc71173a607e2f553c21c746df6f2945781dd6c77999fe5c51cfbadc1f1c642aa779a1a66d6742187e9a48aa28dd1e3796bf318b

    • SSDEEP

      6144:AyTUMw+UhLZQ1G6dM/DuBr5dbXHCU/EbcO:s3uk+DTbXLO

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral24

    • Target

      Paint Tool SAI 2.0 (64bit)/blotmap/Grunge Clouds.bmp

    • Size

      257KB

    • MD5

      6794843bc7146888fd5f1791ba63767e

    • SHA1

      f9156f29f0919bc8cc33b3c4b8ae6dadd5c1a93d

    • SHA256

      836615b2210cfcdc90fbf517e70488ca8c06ffb88e9efd62551144a0c24fddbd

    • SHA512

      95a6285a3e2932db04f695564de453f87942459c6b0bdcbdcab5195bf369b0bd2897bb7be0a9fcd6cfe2afc062ea046e0f5e04b527cfe581acd103f6b8678e4e

    • SSDEEP

      6144:r+dBz7av27iXm/DksXoN1ZegFYzEJPPvGk8Z3s0UdaWKorlvx:rWB3av6iUhYNtiERPvZ8DxWKm

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral25

    • Target

      Paint Tool SAI 2.0 (64bit)/blotmap/Horizontal.bmp

    • Size

      65KB

    • MD5

      ba0ada0316b617f4bdacf3fb9e626d60

    • SHA1

      3fdc3666913309661148a4aad670099458b2eabc

    • SHA256

      5053ce6689e3a4b174be4fc5c8cc2c9471b224bc1022f1e88e657b90c9d7376f

    • SHA512

      2d1d87dac7554b14fad006c77cc8f490d28b38963dfcb8014cf0b2a7581f0d594a904f78adb6ca71bd933b7797330f3aee4ecc1455f51770ed2caa14007739ca

    • SSDEEP

      12:8/RVHHplT/PD7tl3bDP/Blrn/FJvn5VHv9B/HRNnfVZvnnJlzfvjbNlX7jvfhlLB:8JhJZn3ZHXpJZn3ZXX53nJZpn

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral26

    • Target

      Paint Tool SAI 2.0 (64bit)/blotmap/Horsehair.bmp

    • Size

      65KB

    • MD5

      3c4d836b59474ad345e9b19c0a9cd5e3

    • SHA1

      8afa909ac58c4c8e8ef21831b7dc77fdfc3fef03

    • SHA256

      caec145f1f6d0db0fa700b78ab2af234048a16218997ea0f2e00ef2b68c2eeb1

    • SHA512

      3ccf2d56e0fa7a5caea04e61c03211fa0f1234c7142ffe6ffdb070f985397990210a2c43a622aaa2a3e2cd3cfbae370b4c935025da474401f5d4d281c00ccdea

    • SSDEEP

      1536:ry4Edp86ZD6FqNToKa+Jr+cb/2Es7TwjhLQN:hSp3h64ZJKcSE5UN

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral27

    • Target

      Paint Tool SAI 2.0 (64bit)/blotmap/Lace.bmp

    • Size

      257KB

    • MD5

      00bff3c5f7d30f1f3c7de89913e17047

    • SHA1

      e9c12e6232faf4680a5bf0e7a6b827534483ef3f

    • SHA256

      c5cbc5e0cbc475f226ad278b48cc0b726fd0b8eefe53f1be117e1c11d57f21eb

    • SHA512

      06949397a062f369dd320ea79ef8d381bc3eb830222dd01f47f704498bfbe896bc794632399f0fb7df9c0275ab283faaf19e9f2b34d5358158a200cb5d4738a8

    • SSDEEP

      48:dZ353Z3p5JZJlQljfscRFSBMZoqly1rhJFeMNNWsaCP+ZmxFvWMiqBDwAYS7NkUp:r5ZZZ3

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral28

    • Target

      Paint Tool SAI 2.0 (64bit)/blotmap/Newsprint Large.bmp

    • Size

      257KB

    • MD5

      6f1eb810f581159a4aa21a0bb1dd5fcc

    • SHA1

      52783d3cd9f260495dabf3181081ef08c4ae1b96

    • SHA256

      4a0d30ac7cc134b68a61211e3b5988e9b48fc45bffacff10458d27e195613e7b

    • SHA512

      71e06ba3a69ed9c177a89dca698d01bbc012f8098d1f51534bcf8310dc1656b212bb9ac4159ba32e4efdf4061ac8e2cbc7062b42b30b6e92c4d01cc51af27c28

    • SSDEEP

      768:rrfiU5cb3mNLbHbPpURB14r5MqxlG+EZxumIVt4:rrfi4vN/ur1/qxBrxq

    Score
    7/10

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral29

    • Target

      Paint Tool SAI 2.0 (64bit)/sai2.bak

    • Size

      5.0MB

    • MD5

      456fffc27c16c75f4f418f21e623c72f

    • SHA1

      027d4d7823f7cd1c99cf2d45376bfa2826439f3b

    • SHA256

      089602190aab0ed17809ea09aed6edc681560fba73aaedb2f2b085cc26a2584f

    • SHA512

      9351cb62a45c1ef516ec6902ea80ee1de0ae4bb603c0ea25f1ad1bf4273f39f9591d6e6ecb12be85179a64c185229bd06752ab2e11670fdb817416780170846c

    • SSDEEP

      49152:gyAnaNojdMnadvoa1JJ5Npu88s/wQAYToX6NU+TbSwx:2ua1PKwx

    Score
    1/10
    behavioral30

    • Target

      Paint Tool SAI 2.0 (64bit)/sai2.exe

    • Size

      5.1MB

    • MD5

      6c8d18373a759082e388a4c8b8f5f904

    • SHA1

      24cc65eda681c5320b7b14522b8d7f5ac4cd0877

    • SHA256

      098b464cdf6b77fbd9f7157148cbe104d31d1b99c62950d93d104f6f072bcd2e

    • SHA512

      7bc23050fb1f1720edb8a76b9ffbfc20d75f557e8fef6e1f7989ef96d18d30c87f5826a0dda09b3a008a59c39c159b0f733c2a4afb411b631c473215f6f3cb8b

    • SSDEEP

      49152:2yAnaNojdMnapvoa1JJ5Npu88s/wQAYToF6NUHTbSw6c:cua5RRw

    Score
    1/10
    behavioral31

    • Target

      Paint Tool SAI 2.0 (64bit)/sai2.ini

    • Size

      2KB

    • MD5

      2c6ee56adfe84de006f6bede0330ffcc

    • SHA1

      c50e30e101cd6b05c108a705d76f9d04626c0fe6

    • SHA256

      5143f0ac719c625f3b6e60b972d1de47b33e0238c4344c558f3d9a12a3fd0212

    • SHA512

      e9400b33e5f9d0f40f534ca17ff0fdc3971cf3c305000f28593b891a3e06e89dae3f647cf7251162f33b658851af8c5754477468c8dc80d210a97ce0745795cd

    Score
    1/10
    behavioral32

MITRE ATT&CK Enterprise v15

Tasks