General
-
Target
94ea34e3b65d8b428ead7edeb3a92a2f28086d0df93bdf008e3bb8dee1f7e94c
-
Size
9.4MB
-
Sample
240714-rykjlavamk
-
MD5
9157eaf5c4a23a6ddce9b9b7af281c75
-
SHA1
201424e38d4d6508784cb6951d96f0b675a88311
-
SHA256
94ea34e3b65d8b428ead7edeb3a92a2f28086d0df93bdf008e3bb8dee1f7e94c
-
SHA512
25c9a1962b160de780963965e4b95742b999dd5dffd2f80cef264d65e93a13dd1dbb361cd4db0b666d368bb06be00a613d6e1c40678c7f676004450b8b4bc89d
-
SSDEEP
196608:4lbpclwaBhwUTEqV/1JUHstDjTokraBfmpRtOxQ40:ibe6aBeUTEqVNJ3l5a4prOxQ40
Malware Config
Targets
-
-
Target
V17 Sorunsuz Çalışan/COMRDR2/data/ui/rdr2tr.01
-
Size
38KB
-
MD5
736976afde81bbdc202fa2bb48d9ce50
-
SHA1
46b5a06cf5c23e8dcb1d9ab6f10a70e1da565c9b
-
SHA256
a3e5eb1c8c36a152a5fc5e929e6a38a1be43e17b2e7c61c67c9bc31ca2caa12d
-
SHA512
aaa9ec07ecf3c18cf5abf328db8fcd6e58ee71dac877c4d8b5661ce6a09abc372c9111e0a4d4887883c4dec88ba3cf655c8798b900b938a75c3142655657c653
-
SSDEEP
384:3PNNHXbLlsTrbY/sVwGpgqGgVvDjLcFfGsq3CqpdwOIRlNTUKFOmQo/zvIRCp/sb:r3bUafm31iHRzz6VlIZJHEt6
Score1/10 -
-
-
Target
V17 Sorunsuz Çalışan/ScriptHookRDR2.dll
-
Size
176KB
-
MD5
987feafad74a8cae87641dbc04108497
-
SHA1
6feb5cf8e2aacc502fba436d05f43693e0f6f75e
-
SHA256
e5f31256ea9157fdc9b49f47aa40b071f6e6cdd979addaca919140845dcd3e8d
-
SHA512
bfd1c68f6f814dfb98561c5957b85f9627b149b0f14e3aa0f9c042f401579f6ef9ab42150927166cfe4896e8a88bd025c4987a6f483b83b8a9ed1fe206128b1e
-
SSDEEP
3072:4phBtOofPJfl3ESd2V8qMN+TCloV+YrfXy0vc0ZwcZuyKj+KKOgx4IY6FKFc:ShBtOMRln8V8qMEToonfiVYxkFj1gxiJ
Score1/10 -
-
-
Target
V17 Sorunsuz Çalışan/dinput8.dll
-
Size
128KB
-
MD5
f66b293ad5afa49c2bd8b58bdc18d453
-
SHA1
a64ba484761f06adc1494863949589a6e552fe4b
-
SHA256
956fb3765572d00f6c08bcae11e9856a00a68107464a87b6ccc6c1ffed46b88a
-
SHA512
09874fbdc37a34ce5cbcead9f89ff7273b671ad042ba15cdf120e5fdee9d597fe8908ca4f6670f487be223786698a2fd8513dbacdce00fcbbb8c4d4729e13105
-
SSDEEP
3072:uHcpVMabeR0iujTE/yhSWbAJgUSJYt9c+eJ+VPa2s:WcpVM7lQTE/ygWUmXysDJ+a2
Score7/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
-
-
Target
V17 Sorunsuz Çalışan/fontfix.asi
-
Size
10KB
-
MD5
0fa5efd92129358430f351a5d6f33762
-
SHA1
d889650bc4512470731d26b0a0c65f2118086f23
-
SHA256
407e583165217d18f3cc4179ad754c8e7f38b27057316a382151dd32f258cc82
-
SHA512
bf651aa682d402338b123769a0b1594ab84df5bbaa2157ccc4ae1fb434de0293179191abd5c6b1df2faa5bee59142c3f0e18b0a46d686374da01bf84c08e87ed
-
SSDEEP
96:inUFVvgAc5BxvDBbyPA1dAGbec0JWU+u9skIPp6EJBaA3ye45Lpx1N+T:inggdBVDNyPAvF5tuKp6EfajLpx1k
Score1/10 -
-
-
Target
V17 Sorunsuz Çalışan/rdr2-translator.asi
-
Size
38KB
-
MD5
79c7e5923b363c26aa96676ad43ba03c
-
SHA1
d6c15e457b6d9e6c9b3cf6358725d95f8f8b859e
-
SHA256
32124f529234210f53393844a0f035dbf0a3d7e8a2449b9c1e7ec0d0515f942a
-
SHA512
4ddeca5440af94315f0f0fe601f0195115be1b945209de7b84a4dc2eb0a0433ee4781843af54422e62a20b39f41319109f87ff296138d3e359265f506536a840
-
SSDEEP
384:3PNNHXbLlsTrbY/sVwGpgqGgVvDjLcFfGsq3CqpdwOIRlNTUKFOmQo/zvIRCp/si:r3bUafm31iHRzz6VlIZJHbt6
Score1/10 -