79d746ef667014e9232dc4bc41db2e8a040262bef2935f854ba4ba7314a52d4d

Resubmissions

19/07/2024, 21:15

240719-z4cpyazfpp 8

19/07/2024, 21:09

240719-zznawatdqf 3

Sharing

Copy URL Twitter E-mail

General

Target

The-Binding-of-Isaac-Rebirth-SteamRIP.com.rar
Size

361.3MB
Sample

240719-z4cpyazfpp
MD5

b912be10f63dfa34655e78634835bc57
SHA1

cdd1782d08306dffc3f7ae1d0c2bc7bcb9f4a62d
SHA256

79d746ef667014e9232dc4bc41db2e8a040262bef2935f854ba4ba7314a52d4d
SHA512

797312a2d3f5f1893b0019df0c65705155a5a8a0cc6c0ae6a8f11391fcdb6f7c1d8729904044a8cd0203cdba0624305417e55f9a9e1a39bc479e78b665b55f34
SSDEEP

6291456:cB5fnkk8kjADoWctMKBaYe7IGHPoF2y4swHthygedUZ0E0mylWx+UFhLIa3U/EZE:cBtz8kjADSbBai2yrwHteE9yAfFlxE/h

Score

8^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  The-Binding-of-Isaac-Rebirth-SteamRIP.com.rar
- Size
  
  361.3MB
- MD5
  
  b912be10f63dfa34655e78634835bc57
- SHA1
  
  cdd1782d08306dffc3f7ae1d0c2bc7bcb9f4a62d
- SHA256
  
  79d746ef667014e9232dc4bc41db2e8a040262bef2935f854ba4ba7314a52d4d
- SHA512
  
  797312a2d3f5f1893b0019df0c65705155a5a8a0cc6c0ae6a8f11391fcdb6f7c1d8729904044a8cd0203cdba0624305417e55f9a9e1a39bc479e78b665b55f34
- SSDEEP
  
  6291456:cB5fnkk8kjADoWctMKBaYe7IGHPoF2y4swHthygedUZ0E0mylWx+UFhLIa3U/EZE:cBtz8kjADSbBai2yrwHteE9yAfFlxE/h
Score

8^/10
- Downloads MZ/PE file
- Executes dropped EXE
behavioral1
- Target
  
  Read_Me_Instructions.txt
- Size
  
  1KB
- MD5
  
  27b923d4ff2ea0a7616231b34e60beef
- SHA1
  
  8141053a1472795ad199f397363bb1c71a326af6
- SHA256
  
  3772c26ca52f08d197868ccc9f9e3c56307b018b648983948b40ddf74aaf949a
- SHA512
  
  5cc09fad674c99c2b10ae4dce96021e6c511ccc708f48325a5f59b15aae5e9329d39b77a96174a1a4ba0844055276cc250444ba38a8c10ef3d17f783f5ed376f
Score

1^/10
behavioral2
- Target
  
  STEAMRIP » Free Pre-installed Steam Games.url
- Size
  
  121B
- MD5
  
  2c50d64e61fd60b0071ca34e7f2c21a0
- SHA1
  
  f7eb323fa0a8634535678b072dc1247a679cd0f2
- SHA256
  
  83b3dea5feeb0e8b98b33b647634264abeb7a069801833bf3d80836405921786
- SHA512
  
  ceee0f559b04b85951e2e52b4db05b8e6ffabf7fc0692be19787b0dadb247ffb667550ba0dd052facdc4f4b9b0ff97bfdd2497fbf2ece37dffe09eb67abe9186
Score

1^/10
behavioral3
- Target
  
  TheBindinofIsaaRebirth.v1.05/3DMGAME.ini
- Size
  
  1KB
- MD5
  
  178b6a5b3e0a64128d9cb3a3201db379
- SHA1
  
  9449f6c4da110febea0b090746ad70c5525e3a04
- SHA256
  
  33389cbafaad7ae2376d05511e820f81c916989474792f14683a95b30402c60f
- SHA512
  
  d2734fe02fda4e61ee24426f042d1f1d5c47bd4d103c9591d41328e71f2bfb919a76e72380fb661c73ff5a1afc77d5b4e9799b594e81dc61c5758555191c3a41
Score

1^/10
behavioral4
- Target
  
  TheBindinofIsaaRebirth.v1.05/OpenAL32.dll
- Size
  
  688KB
- MD5
  
  eb6d3a54c9d8ad689311f58a28582bf0
- SHA1
  
  ebbba61fd88c2e61a2e9d02a05532dc3b359dd44
- SHA256
  
  a22b03451246bdbb4a136b838f7a301651999dd0e1f979c09c27017337b64b60
- SHA512
  
  fdee08beaa86bce313d9747db6796e24cbd878ad9dee04b277a4c6a4d88e50799e6c4f2c93ceaa0b8270ff632f74f2ec783de35cb43889c55278df85ecce3515
- SSDEEP
  
  12288:R+zcxi8mKyKs2WfN9gWzzkZz5fQoDtL+qyy8FOsY:R+uiYO2sNCWzzkZz5XPCOp
Score

1^/10
behavioral5
- Target
  
  TheBindinofIsaaRebirth.v1.05/dbghelp.dll
- Size
  
  1.2MB
- MD5
  
  b4f1c646ae9244ffcd01557f6742983f
- SHA1
  
  46e4bba9e9afa6ec4a23cc057cecc2eb62fe9619
- SHA256
  
  27c3b426fb7b259be4466b10d80bc8aa0d61b19529bf1949420c8fcc920f7e09
- SHA512
  
  b8878164bc41de350189b8a1cb3796479dafba2bff1238de6a5d6bc4c6a24abc3a9699c9586001e2491a35c8a0564590356af1dfdbb4b0dde27d2bb54d714ad2
- SSDEEP
  
  12288:vJpPriy6xVDK69gTN1U0zmJGB6eHfecwoxIMrOOPoOzmhETVo2Qm9H3RgwHRhL4G:Rpi/DK69YN1UIWeHasn1DJ32aRhLay5
Score

1^/10
behavioral6
- Target
  
  TheBindinofIsaaRebirth.v1.05/isaac-ng.exe
- Size
  
  2.6MB
- MD5
  
  abb297b2f727e9aa870f6216e693c706
- SHA1
  
  67a4530a84b5ea48752280f0488ff71dc34989f9
- SHA256
  
  527a575957b20371bb1a03d5983f1c5417728fc554649069131b3b72f3764597
- SHA512
  
  e9a3ef3154f6410bf7b39c8901479f9d57af14ebf78f4e0e8db31adc1c721b3f5cbb332209c6a201c26718427ea5b56c6f3862f40258eff8cec094b84cbdcbec
- SSDEEP
  
  49152:naHc6A4qN7IhwI8mEI4vJyY8uDiqBJBhz91sGWMfYDINd7wOR9vun4DqgOSPwabv:nTSggL8tIkyuf1WcY8TEORFuzgOSPDHJ
Score

5^/10
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral7
- Target
  
  TheBindinofIsaaRebirth.v1.05/libogg.dll
- Size
  
  17KB
- MD5
  
  297b935de91396e48bd8378bb9fa80e2
- SHA1
  
  fdd319e99272df45a04b4a87a9340064896d7118
- SHA256
  
  178e1585b0589512045a4f56ba06055f74f6bd42bd9bf72fdd756f05289cfcae
- SHA512
  
  5153074fca8f4fffcabe6cbbea502eab3cbae584843558a165c30387b394748cffeb5191ca922e9f4986e78e05128ebfe0ab62d73c9c61ce8f6da8ce8df2a4bc
- SSDEEP
  
  384:vnaY0795FLYP9zZMT7FVZiR9HrPVlO4X:vaYWncuFVZinrdw4X
Score

3^/10
behavioral8
- Target
  
  TheBindinofIsaaRebirth.v1.05/libtheora.dll
- Size
  
  170KB
- MD5
  
  c6018d83ea9077e26812acc25ef933ef
- SHA1
  
  b9c6b91112ab849feab40372945d8090a6038be4
- SHA256
  
  cb9a9eba0aa0de4f0e5675e3a1d7eca17fcfe0610aed0f946f574c5b63ca4030
- SHA512
  
  c6e35c2ba30c101655fbd314a8c1bbd795873452ce6e1916e6fc02094de882c87ac77d5f27e58bfe3cb9562a55d9142a83dd6d9ed1b4f8328081c8ed5f771cbb
- SSDEEP
  
  3072:XF/0QZz0d2I3xxz1N01cgVRX5OYnZNxVhN2NXQN+8vLK5892Z:1JZz0dlx50igtZN5s5QEsLG
Score

3^/10
behavioral9
- Target
  
  TheBindinofIsaaRebirth.v1.05/libtheoraplayer.dll
- Size
  
  73KB
- MD5
  
  a1cf1cc9c569841054938311b3729df6
- SHA1
  
  2a082a82872f4065bad55427c1aaa0111307282b
- SHA256
  
  b3a7b467260282b274170f52f4d1eb734753d23fa7f6c3b03a4847fb319fd359
- SHA512
  
  09183f6bf189bb8d6480202228a68245a7b127abf35442fe74c4d4d7aa92988dbac7eceb707f17a1c077ff9279583b5cf0f76a375ad7609c8064329de264d160
- SSDEEP
  
  1536:MBoQsJACrs9io0CYLzVyLpUxetIMBtcgpdWhHxOfQBHH0GbpNnwfIqv9rqpNV4hR:jQEls9ipHzVESyIMHcgpdWhROf4h+
Score

3^/10
behavioral10
- Target
  
  TheBindinofIsaaRebirth.v1.05/libvorbis.dll
- Size
  
  146KB
- MD5
  
  790edb6463c795c4be58bb8e4c2e838f
- SHA1
  
  fb35adf7fdf28cf923d194dd1089959edbf22a80
- SHA256
  
  4cc4757c8cbcaef46978c5d9e9cc836997616204cffc1c1da928ce8d7b7a5ef4
- SHA512
  
  7d01dad810b4dce774279f336887c1c615580c17faf56b370265c273c77df71e7475c69af0df175184dfa527044b112a74d28f98ec25d008f3e39b25e762e675
- SSDEEP
  
  1536:pr0YhhZdSC3MKPxgMJW83Y12F0sF9Em55zYrAsSBe92e/1Xks/SIiRaEUsXxTTl/:6+S0MKzw8Ih8x5EsEJn/MR0Ij/
Score

3^/10
behavioral11
- Target
  
  TheBindinofIsaaRebirth.v1.05/msvcp100.dll
- Size
  
  411KB
- MD5
  
  e3c817f7fe44cc870ecdbcbc3ea36132
- SHA1
  
  2ada702a0c143a7ae39b7de16a4b5cc994d2548b
- SHA256
  
  d769fafa2b3232de9fa7153212ba287f68e745257f1c00fafb511e7a02de7adf
- SHA512
  
  4fcf3fcdd27c97a714e173aa221f53df6c152636d77dea49e256a9788f2d3f2c2d7315dd0b4d72ecefc553082f9149b8580779abb39891a88907f16ec9e13cbe
- SSDEEP
  
  12288:zNb8zxr1aWPaHX7dGP57rhUgiW6QR7t5qv3Ooc8UHkC2ejGH:zNb8Fpa6aHX7dGP5Kv3Ooc8UHkC2eKH
Score

3^/10
behavioral12
- Target
  
  TheBindinofIsaaRebirth.v1.05/msvcr100.dll
- Size
  
  755KB
- MD5
  
  bf38660a9125935658cfa3e53fdc7d65
- SHA1
  
  0b51fb415ec89848f339f8989d323bea722bfd70
- SHA256
  
  60c06e0fa4449314da3a0a87c1a9d9577df99226f943637e06f61188e5862efa
- SHA512
  
  25f521ffe25a950d0f1a4de63b04cb62e2a3b0e72e7405799586913208bf8f8fa52aa34e96a9cc6ee47afcd41870f3aa0cd8289c53461d1b6e792d19b750c9a1
- SSDEEP
  
  12288:yMmCy3nAgPAxN9ueqix/HEmxsvGrif8ZSy+rdQw2QRAtd74/vmYK6H3BV0eAI:dmCy3KxW3ixPEmxsvGrm8Z6r+JQPzV4I
Score

3^/10
behavioral13
- Target
  
  TheBindinofIsaaRebirth.v1.05/resources/packed/animations.a
- Size
  
  644KB
- MD5
  
  77127a623a3db1954dcbed5d3e3fe3ea
- SHA1
  
  93f338f0f9c93fc82cf89d4f484d2d58d240271e
- SHA256
  
  182e071934fc2d4600506bb326bb8d3946861bfa7ce3c4404d524d68ada8abf5
- SHA512
  
  18f293d81592a925e29b08a306931556462ea332bcf65c8fabb32f50fdd14dce3b7384c7835a3d3f7a5f823c7230d13d1c4b4b0212d5bf93dc4f1d2c0fd326cd
- SSDEEP
  
  12288:gzvBvDQbMfe/PjBXd4glYDGqBW08w+3IuQhgmwSoAFWjLWHClSsgOuC:2BbQxLBa5Bowayh0AwLWHCIVC
Score

3^/10
behavioral14
- Target
  
  TheBindinofIsaaRebirth.v1.05/resources/packed/config.a
- Size
  
  127KB
- MD5
  
  dbcc96f65da34e98c33ad4ea40906138
- SHA1
  
  e42f1cc2bfad909561ecf23f7f374ac1291ddb80
- SHA256
  
  618ff65ed855381f7e7184dcc0ce8f8b1473334cc7da94bd4f4db42b362e4479
- SHA512
  
  457846c690dc7e9633b17e2ef75d373d24e444dde475db97ba545433f1b3bff9da4337e741068eb5c8b460478857f518281ca79ebbd08081d0654b6e8095dabe
- SSDEEP
  
  3072:axLx2kRcw9ge7Gc12S10CHIUOwHwpkCc4JqsEMTTMcykHCZGjXU7+:cFthgeNaxkZZ4JyCvykHNUS
Score

3^/10
behavioral15
- Target
  
  TheBindinofIsaaRebirth.v1.05/resources/packed/fonts.a
- Size
  
  14KB
- MD5
  
  295969a026b6ac49614c2f552bf791ad
- SHA1
  
  74e86a9aee952913ec57233a7f33018dbc546151
- SHA256
  
  f6f0a9280b0c066cafddc0e9ab6b59522ac4401d9168a6be81ae978d075f6f6f
- SHA512
  
  64b7d28113060ebdea8209f21ef800dfc235051eda2ceb038c11216f88002d35ae259bd04e3131fc7fa809fa62bfacf010be7a708c4ab0f3f21cea126a837adb
- SSDEEP
  
  384:OJTj8qyr1aJW9gpVUB7yEgAK9Oa+y2iB9fJ8dv5D3:uTj8qA1aJW9gppEuFl2iZJ8jD
Score

3^/10
behavioral16
- Target
  
  TheBindinofIsaaRebirth.v1.05/resources/packed/graphics.a
- Size
  
  16.7MB
- MD5
  
  288d0a98e0ff83afa4a0987d4912945a
- SHA1
  
  1fed21081fe3afed1ad7113b429f9e1c4fd3ac56
- SHA256
  
  b1286fcfc4f3dd899cd225d46db9132a787352b4169b9de56a5d2c65e43ee23e
- SHA512
  
  083ad4730d269e1a9d5ad9f75fd637d287653696390b1695d75d36643d26e2ed2cccbb84960c324b59176216ca8738928c5bfd51d1b3bed57971c6a85633936d
- SSDEEP
  
  393216:yRjZagjz/y/FHr32ourgshixzei3vtahFiyBZeVQmqr8:ybBqVbvurgsUk8tareK8
Score

3^/10
behavioral17
- Target
  
  TheBindinofIsaaRebirth.v1.05/resources/packed/music.a
- Size
  
  174.3MB
- MD5
  
  72ad7ab396e2a641c02e9a45a837ebea
- SHA1
  
  705454bd368d3fc9441d5ada9e86bcb53f401c90
- SHA256
  
  0e8288bf503246e0c57b6a37d6d9d87ba5a07680cc120e926b3327371f305bec
- SHA512
  
  196c3bd48a78daa21ce320dc45e9ef208367efa007630ca393d6504dbc453bcc4cde84992d21b6515c9281bc38ae8015c3daefecf25d91c638aae46e50502bed
- SSDEEP
  
  3145728:DADoWctGKS3Kg8fl5xM794NeHqi37EGHh9s/yoF2rNE4bNSwqE7DiQvJ+NjHma:DADoWctMKBaYe7IGHPoF2y4swHthm
Score

1^/10
behavioral18
- Target
  
  TheBindinofIsaaRebirth.v1.05/resources/packed/readme.txt
- Size
  
  1KB
- MD5
  
  4ac156d5679a86e5396225bed3c9e966
- SHA1
  
  241138bb351f522641e2741a79efbe10882d3fbe
- SHA256
  
  5816f59298d1894ded363a1eca0f4ad293e7f3005e1dcb78b8113e5ffa8f6f0c
- SHA512
  
  82ca1ba9922a5809d9bab76799e9b5e7766e76ec1e3e43c4d6c15ff016bcb759af837bedde6d1c62fb3cab8cdea19ec7930dc383087194f20da57cedbb78cbf1
Score

1^/10
behavioral19
- Target
  
  TheBindinofIsaaRebirth.v1.05/resources/packed/rooms.a
- Size
  
  640KB
- MD5
  
  42e255704f700f0120bf55a382ec0a7f
- SHA1
  
  c9c91000c06ebf94b17f403dd2a351998a2dcd2f
- SHA256
  
  c6e4495b77a4ceb6742d7efeaf60a205844c08d739bcea7a95cda0d10428634e
- SHA512
  
  72e88fdd38d8347161035d15ee0e627ab50e19061638016f35aa6ca2d4c7921cf5b1a9068692ed6961a5b16fc4da1055aa47641b3a14fa7a1bfcf91314d9ac45
- SSDEEP
  
  12288:KdiZH+AnDjnvkhksFLbyMHP2JXWZId6EodPMq+YN8W2Zha:KAjXnvUksFyMOX8Q6EoFR+YN8j2
Score

3^/10
behavioral20
- Target
  
  TheBindinofIsaaRebirth.v1.05/resources/packed/sfx.a
- Size
  
  24.2MB
- MD5
  
  d3a198e22a36c579374ae40ad4546001
- SHA1
  
  e1345947df1cef0ebf076e69427adf9ae7cd3a7c
- SHA256
  
  1f66a8e6695edd332ab7b94378b0c9625deae2e04f4c95539ad5682d52a44273
- SHA512
  
  f608d01a7030f51ecb203b2318baa7fac724ba766bd3a52924730bb9df504114c1eefa92f6d21a38af61546eae3a1f50c1e44ba08c0c35dd4761a94b01afc223
- SSDEEP
  
  786432:U+ouzTj/gsLddOnPMYsao7bta8VwNjq/Qshc09:U+ouzT0edUnPabtaWwNG/xhc09
Score

3^/10
behavioral21
- Target
  
  TheBindinofIsaaRebirth.v1.05/resources/packed/videos.a
- Size
  
  88.7MB
- MD5
  
  d6158bbeb38e335148807d9ef3ad8437
- SHA1
  
  94120930a60e1953f6978fc2c3f152ea1b3b6bbc
- SHA256
  
  e7a025789a2c0b3f5de974e701039d46867e469e9b20cf68fa15fda3c41e9400
- SHA512
  
  d75d230102ad568a3904f5af3aab76bc8185b61a525485c8f5549dac567b7f4efb2f01b6845794bc9ae02ff0932a22973e5e26ea1a7f0bce727c9c581419286d
- SSDEEP
  
  1572864:TyDdkdIcnROylWumpbVl7q8wjm+Zk1gwOshLISrDOa4ZaMS26sUmOP9:2DG7ROylWu2z7Ram+ZrwFhL5+af1gfC9
Score

3^/10
behavioral22
- Target
  
  TheBindinofIsaaRebirth.v1.05/steam_api.dll
- Size
  
  252KB
- MD5
  
  e175b929de9c5a6c219fbcb0add842a9
- SHA1
  
  2081dda77d3addbd1484a889c35338713083e163
- SHA256
  
  3252ee2a0f6e9f476c059f9903c424265158acd983322e28eb21228a93804cb9
- SHA512
  
  b5555891224d617d2c0f25bbfd213a74a7228c0bd6cba2c1caaba60de145f66a92cc2f52169ab4e9a2065e9bf949a063230f6688f9774c7b59b26517121024ec
- SSDEEP
  
  6144:n53jYQNpTBT0cTS/JV6JdcgYkGii5ynWa5hZ:n53jjnT0cTQJVOCkGii5ynWavZ
Score

1^/10
behavioral23
- Target
  
  _CommonRedist/dxwebsetup.exe
- Size
  
  281KB
- MD5
  
  fd6057b33e15a553ddc5d9873723ce8f
- SHA1
  
  f90efb623b5abea70af63c470daa8674444fb1df
- SHA256
  
  111aeddc6a6dbf64b28cb565aa12af9ee3cc0a56ce31e4da0068cf6b474c3288
- SHA512
  
  d894630c9a4bdb767e9f16d1b701acbdf011e721768ba0dc7a24e6d82a4d062a7ca253b1b334edba38c06187104351203a92c017838bdd9f13905cde30f7d94d
- SSDEEP
  
  6144:pWK8EGMUjp5cGQ3Mek1B3B9h8Ins3i8AEYBSawz1YSc:JGvjp5cj35kDB9hrs3zARBSaJSc
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral24
- Target
  
  _CommonRedist/oalinst.exe
- Size
  
  790KB
- MD5
  
  694f54bd227916b89fc3eb1db53f0685
- SHA1
  
  21fdc367291bbef14dac27925cae698d3928eead
- SHA256
  
  b8f39714d41e009f75efb183c37100f2cbabb71784bbd243be881ac5b42d86fd
- SHA512
  
  55bc0de75a7f27f11eb8f4ee8c9934dfe1acd044d8b7b2151c506bdcbead3ab179df7023f699c9139c77541bbc4b1c0657e93c34a6bc4309b665c6cb7636a7e5
- SSDEEP
  
  12288:0s1yfEcpPzdv+t4cRIy3ze3SUN0PXGTjiqRy2p3kwzjGHTkV:NwfLrvi4cRIyDe3SUNaXy+WypoGHgV
Score

1^/10
behavioral25
- Target
  
  _CommonRedist/vcredist_2015-2019_x64.exe
- Size
  
  14.3MB
- MD5
  
  f0248d477e74687c5619ae16498b13d4
- SHA1
  
  9ed4b091148c9b53f66b3f2c69be7e60e74c486a
- SHA256
  
  b6c82087a2c443db859fdbeaae7f46244d06c3f2a7f71c35e50358066253de52
- SHA512
  
  0c373b06ffe84f3e803831e90f22d7d73304e47a47839db614f63399ff1b7fcf33153bf3d23998877c96d2a75e316291a219fdd12358ca48928526284b802591
- SSDEEP
  
  393216:q5lptVYmfr7yBG/4WoI+j6LTinXKSf0fzTDv8:q7pttD7yBG/uljIinXj0fQ
Score

1^/10
behavioral26
- Target
  
  _CommonRedist/vcredist_2015-2019_x86.exe
- Size
  
  13.7MB
- MD5
  
  de34b1c517e0463602624bbc8294c08d
- SHA1
  
  5ce7923ffea712468c05e7ac376dd9c29ea9f6be
- SHA256
  
  ac96016f1511ae3eb5ec9de04551146fe351b7f97858dcd67163912e2302f5d6
- SHA512
  
  114bca1ecd17e419ad617a1a4341e607250bcb02626cdc0670eb60be734bbad1f3c84e38f077af9a32a6b1607b8ce6e4b3641c0faefaa779c0fec0d3ac022dac
- SSDEEP
  
  393216:/d/FlptVYmfr7yBG/4JU4TRjtjUMy4i6kgsY7i:/1PpttD7yBG/QHTJtYMyke9
Score

1^/10
behavioral27
- Target
  
  _CommonRedist/vcredist_x64.exe
- Size
  
  5.5MB
- MD5
  
  630d75210b325a280c3352f879297ed5
- SHA1
  
  b330b760a8f16d5a31c2dc815627f5eb40861008
- SHA256
  
  b06546ddc8ca1e3d532f3f2593e88a6f49e81b66a9c2051d58508cc97b6a2023
- SHA512
  
  b6e107fa34764d336c9b59802c858845df9f8661a1beb41436fd638a044580557921e69883ed32737f853e203f0083358f642f3efe0a80fae7932c5e6137331f
- SSDEEP
  
  98304:EuLgywiNHBeSLxYK/bxE3q/BlZkWMGPQflVJ/EK1sLyzs2T2Q1mOjq4/:V7wqheSVYK/bua/BlWWnuVhsus8nm+qi
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral28
- Target
  
  _CommonRedist/vcredist_x86.exe
- Size
  
  4.8MB
- MD5
  
  b88228d5fef4b6dc019d69d4471f23ec
- SHA1
  
  372d9c1670343d3fb252209ba210d4dc4d67d358
- SHA256
  
  8162b2d665ca52884507ede19549e99939ce4ea4a638c537fa653539819138c8
- SHA512
  
  cdd218d211a687dde519719553748f3fb36d4ac618670986a6dadb4c45b34a9c6262ba7bab243a242f91d867b041721f22330170a74d4d0b2c354aec999dbff8
- SSDEEP
  
  98304:RuLgywiN1ah6HcG0UJrN7SDgndrHZDMeaNNjt0CKKBgY2r71pZ/APaOR72HgQo0z:I7wq1W6HqULS8djZDTaNNeCKVP5ORsg0
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral29
- Target
  
  _CommonRedist/xnafx40_redist.msi
- Size
  
  6.7MB
- MD5
  
  97c2eebb30c5a88c68c8f24f37183f1d
- SHA1
  
  49efdc29f65fc8263c196338552c7009fc96c5de
- SHA256
  
  e6c41d692ebcba854dad4b1c52bb7ddd05926bad3105595d6596b8bab01c25e7
- SHA512
  
  c9d1017b274ceb1b4ee624cf7e628787c32a727c64f715fbce1f1ae929d9114f8fe1291e34583cec615619b0128c01206b07efc878e7a5c57b792453f73fd0da
- SSDEEP
  
  98304:wynfL329J1XswfXO6wiBB+4RZg6aENaCZAU5PMO0MntfERyJGH2YPq/:wYD3C1XXfzH+4cLHU5PM/Mnt+YGlq
Score

3^/10

persistence privilege_escalation
behavioral30

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Event Triggered Execution

T1546

Installer Packages

T1546.016

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Event Triggered Execution

T1546

Installer Packages

T1546.016

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Downloads MZ/PE file

Executes dropped EXE

Suspicious use of NtSetInformationThreadHideFromDebugger

Executes dropped EXE

Loads dropped DLL

Adds Run key to start application

Drops file in System32 directory

Executes dropped EXE

Loads dropped DLL

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30