Overview

overview

8

Static

static

3

0day_Cheat_Engine.rar

windows10-2004-x64

8

commonmodulelist.txt

windows10-2004-x64

1

defines.lua

windows10-2004-x64

3

donottrace.txt

windows10-2004-x64

1

driver64.dat

windows10-2004-x64

3

include/_mingw.h

windows10-2004-x64

3

include/assert.h

windows10-2004-x64

3

include/celib.h

windows10-2004-x64

3

include/conio.h

windows10-2004-x64

3

include/ctype.h

windows10-2004-x64

5

include/dir.h

windows10-2004-x64

3

include/direct.h

windows10-2004-x64

3

include/dirent.h

windows10-2004-x64

3

languages/...64.pot

windows10-2004-x64

1

mrgg.sys

windows10-2004-x64

1

mytes0day0-x86_64.exe

windows10-2004-x64

6

mytes0day0-x86_64.exe

windows10-2004-x64

6

packfiles.bat

windows10-2004-x64

1

standalonephase1.exe

windows10-2004-x64

3

test1-x86_64.exe

windows10-2004-x64

tiny.exe

windows10-2004-x64

3

vmdisk.vbs

windows10-2004-x64

1

win32/dbghelp.dll

windows10-2004-x64

3

win32/sqlite3.dll

windows10-2004-x64

3

win32/symsrv.dll

windows10-2004-x64

3

win32/symsrv.yes

windows10-2004-x64

3

win64/dbghelp.dll

windows10-2004-x64

1

win64/old/dbghelp.dll

windows10-2004-x64

1

win64/old/symsrv.dll

windows10-2004-x64

1

win64/sqlite3.dll

windows10-2004-x64

1

win64/symsrv.dll

windows10-2004-x64

1

win64/symsrv.yes

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0day_Cheat_Engine.rar

  • Size

    161.4MB

  • Sample

    240802-t2vj3swdmh

  • MD5

    b3b1d4412d923522bf4ce8d1a8cc8d93

  • SHA1

    e1ba5cee983efbd93d3ec4e81cdc5445845c560e

  • SHA256

    b9cdc60586f0ba16468d7a4a62a30d4c745d283919ecc94b7a08eaa560def688

  • SHA512

    cec55f63034fe10fc887cb5bb665963e04e4be94c9af45ecc8bb4911df8d4a44dcfc14a2f9653250174305f4cef4b28e72162add70af1552ea2724ccb64da9a3

  • SSDEEP

    3145728:23pVse88p7sSMO3wssrCKvnNQ/g4BsS/7hV/JJHP4UDbgWpeJm:Kv5vwscCKvnzSDbRJHgYbgWp0m

Score
8/10
discovery

Malware Config

Targets

    • Target

      0day_Cheat_Engine.rar

    • Size

      161.4MB

    • MD5

      b3b1d4412d923522bf4ce8d1a8cc8d93

    • SHA1

      e1ba5cee983efbd93d3ec4e81cdc5445845c560e

    • SHA256

      b9cdc60586f0ba16468d7a4a62a30d4c745d283919ecc94b7a08eaa560def688

    • SHA512

      cec55f63034fe10fc887cb5bb665963e04e4be94c9af45ecc8bb4911df8d4a44dcfc14a2f9653250174305f4cef4b28e72162add70af1552ea2724ccb64da9a3

    • SSDEEP

      3145728:23pVse88p7sSMO3wssrCKvnNQ/g4BsS/7hV/JJHP4UDbgWpeJm:Kv5vwscCKvnzSDbRJHgYbgWp0m

    Score
    8/10
    discovery

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1

    • Target

      commonmodulelist.txt

    • Size

      1KB

    • MD5

      cc0f8b66bfedc67da8dbb2a7df2aa006

    • SHA1

      c6d86cc43a042581e389dc9a28affddf64294ac8

    • SHA256

      cddd0f35f7351e6f19486ccd7eee5d31f0134c5c3554a12c7d51131dde8e29cd

    • SHA512

      a4aec40ac6bea2adacf15829aeeebe66117473a542303024669a828710c6afd072c0f4890a6a334b35ac894a1a80a5bdd5e91a6ffcb7149540e304117a7e5800

    Score
    1/10
    behavioral2

    • Target

      defines.lua

    • Size

      12KB

    • MD5

      62e1fa241d417668f7c5da6e4009a5a6

    • SHA1

      f887409e3c204a87731f317a999dc7e4cc8d3fcd

    • SHA256

      82e8ef7df20a86791cef062f2dcacb1d91b4adc9f5dea2fd274886be8365b2f8

    • SHA512

      2283cbb9e1d5d53ad1ed9bc9db6034fb3c53c633b11001f373523640bbbba95da9a3a0866c7d5fa0620facab7d18c8577dfd69496fc7319e0a4a74d0b9e10c45

    • SSDEEP

      192:0egHuderGTd4G9mSZk/8fdtINfbLmJFcSC5xm+9qh07EBS5pekFrLUK80u9ETxst:AHuderlSZk/8FtIF4umMqEpDg3fT

    Score
    3/10
    behavioral3

    • Target

      donottrace.txt

    • Size

      104B

    • MD5

      a2e60a2f01f69d0da415c58f25c37e5b

    • SHA1

      fa1a0d6183fee10de5fa4c554370556217e3af26

    • SHA256

      dc9354ccf9667d1e5ca13d6468ba2c258256042d7c25e6d91ade7f8e2a2ff3bf

    • SHA512

      ce7f5f8365d2ef3da14d4123cc7ef053a7f99e8f98d47e6c5967f267b8ec7fdac2da993d0fc26df8eb2face176ba56b7359ba1f29f021e1dfdd561b15efe64af

    Score
    1/10
    behavioral4

    • Target

      driver64.dat

    • Size

      57B

    • MD5

      d2b89b028b4d9d5d8239dec7a10d6cae

    • SHA1

      c47977d0550920f1522e555c6a72badc385fde7f

    • SHA256

      f5b42d9961ec4211a43bacdd837960bd46770491a287a4d92b618341689ca02d

    • SHA512

      ef8ecaf758f1d84a1fb93422314ef5a8decb7dcceb6143a1dbe044eb1138c4cf9d54f1238ac55354e7d826518f1119a85f738df300ae9803667a58294466e8d8

    Score
    3/10
    behavioral5

    • Target

      include/_mingw.h

    • Size

      3KB

    • MD5

      dc2829239704cdd5a5109699666fa573

    • SHA1

      60c09e102f552444d59ed9ed474e667136c16dc0

    • SHA256

      ab4be7d34e7fa0e722f0948e0c90ad4d95b8a1ec649c2f186dfa387b57be7833

    • SHA512

      f3551aef2a0ffe42a16f1a8be26b2c2722e773a59d21b60b2454ab0b68b008402623f378d2afaa30feba87f560475a52d2899e6d062bd7f88e22119b25231f17

    Score
    3/10
    behavioral6

    • Target

      include/assert.h

    • Size

      1KB

    • MD5

      9c022d741996db6d32411bfef4eadb41

    • SHA1

      4ba93d77927eb8cfdcfe07f56d6edade180af1dd

    • SHA256

      3ab7edec5e55840c35be252bad52236955c3b4f9143810cdb1f09c34510eb8c4

    • SHA512

      e448608bfecb770a087cb19934a1b45a5c564ea10bdf5a40bbb250f472830ecee4990c669e90e495ecb5d4e48c3871cc2a33ce84f2d38524449fc9f5fd501da0

    Score
    3/10
    behavioral7

    • Target

      include/celib.h

    • Size

      154B

    • MD5

      797244d44de226d8f8e50aecbc49d1b4

    • SHA1

      853c89190e9250d7b2945846a69fb9945f54264c

    • SHA256

      527fcea932149c2724d60392c9367d026485f357c0bf29f94c86cf8b73ee0a4b

    • SHA512

      0fd9963b009d614bdbd017191376e239261cf781f288770bf1b1c9d59ca6a2a36aa07c7ee5b8d4dbe1e50d81850ef2a475590e022addebe642530655c9d0bd60

    Score
    3/10
    behavioral8

    • Target

      include/conio.h

    • Size

      10KB

    • MD5

      6a61e54ad2614ba528414c7b69147caf

    • SHA1

      242479133484e15a2af816d95ddb053835bf4c64

    • SHA256

      de7161f85835d98b38fe6a19ef8973dcaf58ec237b1c91cf05ac535b2ff3845f

    • SHA512

      468702a606e20ffa893054f676c56dfe6eb3d28a002bae143298422ab388a2f2f78e318714f5274bc9ebd243863f5228d5ebead5f31d892e96d8742c8e6846a1

    • SSDEEP

      192:R9IFnJJzpoJItwJ+Y31t1d1uF8sFX9B17lHLQWq4QcHyQA3sG1:XI4IJ2WzPw

    Score
    3/10
    behavioral9

    • Target

      include/ctype.h

    • Size

      9KB

    • MD5

      22e5a00491e32d15b40b196397ad01c1

    • SHA1

      b0db6fcbf4abd2f4fdea2771399c1e502d9f8106

    • SHA256

      4cfaaa43b3f7414984126e8b1cdf65f9dac0ef68d9a3396be0b8828376a74a6b

    • SHA512

      28839104776441738233334a20de6ce3ada51179fb50366c27ab60432949fc78e1ccf735d2e80216f8779d84328634005c322d0010875e8fe0ff33d699ecc114

    • SSDEEP

      192:aK0sBzLLoy8q3JHZDrs+UAt0g7WnBeaIlzjD:EALLb8ars+Flzf

    Score
    5/10

    • Drops file in System32 directory

    behavioral10

    • Target

      include/dir.h

    • Size

      952B

    • MD5

      ef5c7267df270272bfa8f8ebd1b516f2

    • SHA1

      1e3f8a9afd814efa8cf7c88dc480e9914a5bc570

    • SHA256

      84064b17e501d691c43d47e45b112c2884db467417910b5fa1482b72342badfb

    • SHA512

      8ca2b0e08b66eaa843fc7ad0f8f4063450a469914819a637aa3f8cac39dd38e32cc0403f2b04f767ae486934026585b56f93544c8a1f5d92cce32ce84a4506f4

    Score
    3/10
    behavioral11

    • Target

      include/direct.h

    • Size

      1KB

    • MD5

      83679da78aaf8f8352acb1883b9ef868

    • SHA1

      fd89079636571a93755120120ab4f03b91076478

    • SHA256

      179c3204312d7cf8032102773629bcb3e5fff792d1d808931cb6619a431d2435

    • SHA512

      13af1f2c118e898e6055ca61286c9766df75366ff4f30708f613193cd8f89afc4a4cc2fd31fc3ac6dce5d577ee83e203f79aca3b739d9d9e9e60b42cd9c7036e

    Score
    3/10
    behavioral12

    • Target

      include/dirent.h

    • Size

      3KB

    • MD5

      afbe32ee6ded8cbad33d6fe3fbbf077d

    • SHA1

      a7f0d3edee5f49e127575eb25e64e2747108e7c3

    • SHA256

      88c1f767fdcd6d51b991ee3234792da48c8576f5f8816f17a42344f9c8bbb1c1

    • SHA512

      f655a40f8c87a0cb43a34ae47612d5cef2cf7814fd2ae9ce1c8566f97f45e91470364bd87e8c12861cce44fb8cca54717546baacc6ccbdace51d0d15206304dd

    Score
    3/10
    behavioral13

    • Target

      languages/mytes0day0-x86_64.pot

    • Size

      273KB

    • MD5

      291b986a6ef09333c630e6dfbd0a10eb

    • SHA1

      3539c99d58ea5e2a3643792a37a9e490f0fc96a9

    • SHA256

      6472d5740d16de970e271f8a4c3893da6751dd43f114a08e16a8919767f68572

    • SHA512

      464faab65bdcd2a869d81ef93b7d24aad1be88ab8a6e75d26f736fd3ef2957bb280dba9457ab7fa363421ff50d63ad56ea0f2e1cf86137ac8239b7731b829531

    • SSDEEP

      3072:wK44rWDl4OprY6qgih6XiV4+IIm1bZCEL1LY9jWN2S/jME8ECXW:wK4456qg2V4jJLY9OnrME8ECXW

    Score
    1/10
    behavioral14

    • Target

      mrgg.sys

    • Size

      90KB

    • MD5

      affac0ee7610b0059d44cf7066d6a7f8

    • SHA1

      388cf31d958dbc69ca4da3700c5d3bc1b5e66ea8

    • SHA256

      7fe0840358695f7b80c9322ae92e6b0972613f78ec54e5171aed046ab1613cc9

    • SHA512

      95e63904837999c40960f17c6295bc95fbd7cf900e91c555a44cb8995280e6a1421a26de477f4dd61bcb5a2a2c2b86ece10552564696ea5832d76f5eda51e5aa

    • SSDEEP

      1536:gKA+C2vZUoiLMnTRgCC4J7VB7iFrp2oLyokh2aI8:pOLiiCC4J7bmFIlo7aI8

    Score
    1/10
    behavioral15

    • Target

      mytes0day0-x86_64.dbg

    • Size

      142.0MB

    • MD5

      08cb33e525a2253ae59fec269c2f0d9c

    • SHA1

      bd7ac817a7bf60214e2aa52c2a018436fab3470e

    • SHA256

      a0a6f4578659074b7be51289664a3195006ad1d4282ba0896d210cb91c012bc5

    • SHA512

      86166c03f1dc193179676c5cd3541ace56ff1a0700f455153c0769f40cf6cbae65d4e137ee45a0be67eb2d3b11b974668c4dd6200772f2338e20f806c1a00fab

    • SSDEEP

      196608:CqUwzcptcpa2B9CmPy6SaqgPqrvPShawfDQHumRAKUuVf0gP:CgzcpwaoRPwPSIAKUuVfH

    Score
    6/10
    discovery

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

    behavioral16

    • Target

      mytes0day0-x86_64.exe

    • Size

      16.2MB

    • MD5

      8b2b4f868dc2654750a53c3219c340e1

    • SHA1

      5f6675d85b934331e609190e81c733bc974b46ff

    • SHA256

      9501b55e5702e70a75471d87204f487c1a3655b9f5c0114d8b3c3be0bb2da22d

    • SHA512

      43f2d7499344419a29905516594f7af4b2e5c43e2c50eb70d07637623781c3f6c4d25f8c68bddc049691d1b4d6465eb9321fe7cc77e59e59b091a27799491e41

    • SSDEEP

      393216:h3z43TvbXUunE3zxqqi2b1k6TNPa5Lg88:Jdzxqqiqg5Ub

    Score
    6/10
    discovery

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

    behavioral17

    • Target

      packfiles.bat

    • Size

      257B

    • MD5

      76515d7229e5e892557c9a8c92fd7809

    • SHA1

      c9ad9da49f58b9bc099d8c54a799010fc9085b28

    • SHA256

      767fc9fad0242f452eba9545cf73a4ff2d4675e9c4a9eb0812cbac72e99db3f9

    • SHA512

      7460c4f728af4eaa5691f2cc1c601563c33b643b9163c5f753451984c9052650c84ea160ef268d003d5affc7ae0dfd0dd5220f5b1a8afd251c66040638a10e75

    Score
    1/10
    behavioral18

    • Target

      standalonephase1.dat

    • Size

      54KB

    • MD5

      eb339eecec8aa8c0fd3b08d39799d4d8

    • SHA1

      860efd5893e4dd4e820227b7dead144f974456ac

    • SHA256

      88bb94c3ce727db13b77abdbdb75a4c878e91d651692f3618178dec5bbb7080c

    • SHA512

      bc29778386853f2340eb2e58be9ae3c64e2f8a1df5f7301fdd06c42e3ef2463bea9c8e854d58d912d444f2c2e24f9541fb3715f0cb5f50fa89eafcec6bba87fa

    • SSDEEP

      768:IlSyUIeWkNgcT1+z/9ADX38J8u46Z09XPe+vpgEGfk6rAlpdej5fe6di:0Jdu+D9Ar38f46ZcPe+vpgE6AC5fe

    Score
    3/10
    discovery
    behavioral19

    • Target

      test1-x86_64.dbg

    • Size

      142.0MB

    • MD5

      7021ba872996118ddea1bec1a53a37bf

    • SHA1

      6fa6305f08930aad5fd6360ed217df9bc7ccf441

    • SHA256

      2eaa1a93e3daec0da422bf99f09e0fb84d237a678b2f0af991fcaf1e59f0faca

    • SHA512

      68574ce0d696d3223e8ea4db8253ffbf478668a56762ca27487691116dbddd4a751de58db24e0ba65c954507b9a44dd81702ab80fc6bf50e7695970c6acad694

    • SSDEEP

      196608:E8sMBcp3aT57B9XFan0SWWL6XjLfmS4m0XDQHlmeAKUuVf1tP:EKBcpe54ghXXmS/AKUuVfj

    Score
    1/10
    behavioral20

    • Target

      tiny.dat

    • Size

      65KB

    • MD5

      419bfebb2f430bc8a246515bd55e024e

    • SHA1

      af3d6d7b21b88445b0d243eb2d7c340e9b9494f9

    • SHA256

      d1a3add2a0fa8e8c8e18c2831342746f3059d9e886e6c44d3074967b1217d9c5

    • SHA512

      dfa6dbf8eca0d628554a40daf48c0648254efd25c6c7f365bf6e7ced7ed3adc56fd4174a12f1bf90f640af0b6e9cfd45f7d29d9c87dbb798b56ad7497901f472

    • SSDEEP

      1536:bxPJqQwzwa2S21C+HhJ4GwDgJtx+j9wCFmgkxI5fF:zwzwtoy4GXV+JrFmgkxI5

    Score
    3/10
    discovery
    behavioral21

    • Target

      vmdisk.img

    • Size

      466KB

    • MD5

      036b059f8c1cc9aff3d010e5446bb16c

    • SHA1

      450842b84e2face167e2d138e4f96317cb255bb3

    • SHA256

      248f3d48664482090d2c8c01b98518777ded1d900e17acbc077efe17258411a6

    • SHA512

      4ba5e167a2e3bfe92d43759642af7bcdb6f4c9efa30c0f9de85d6e9758b62fc7ed89fafde48910e4e059080e457e3556d23cb1d59b3062c75f81db9c59b75657

    • SSDEEP

      12288:JEgIgQUO3gqHm5DHLj7S0/Y9kwRofaqcEL5jw/ayKImdyoO:Gg/hEm5DrHE9kwRofaqcEL5jw/ayKImD

    Score
    1/10
    behavioral22

    • Target

      win32/dbghelp.dll

    • Size

      1.7MB

    • MD5

      238c1c3286a94184fae2c47cb7fb9db8

    • SHA1

      ec4c96dbb342617afcb728c4d58bde4edc0939dc

    • SHA256

      74ccb6f5334248ba7020b9cddc7d581fc6a3ac5a034489324a1fc134cf21de6c

    • SHA512

      0042efb8df5dd2d6cde098dfd1a15217c55e8b68776856e354ced3b943c646c77a8a0132eb2a6332d76704f71a475e29f7330177cbfb4c2c4a26ffc4ba004d0e

    • SSDEEP

      24576:/ETCUSw5C7fKrz3PRAarqzUH3Wj7Bnn6KB2m4JMfGPYTuLycEaU2vWUonrMLIAXg:MTj15CD0RHep6KJ4KqzEl2vWrYIA/W

    Score
    3/10
    discovery
    behavioral23

    • Target

      win32/sqlite3.dll

    • Size

      556KB

    • MD5

      aef51484c41c348e6eca26eaf36b5e00

    • SHA1

      01a37c222bc8eafdf250953bfd5d0593ceb7ab5a

    • SHA256

      f3e9e0df553d9df6650981a0758ede142a33a889786bbeb586fe7edc7f9e27eb

    • SHA512

      e7b29e38f516d934617e0c46bc0db33390e28890867427ada0989cbb1f1debaae962b3b39d0749bc5273eff6545b967346d5f72a460d1c07b0fd451afd58ab65

    • SSDEEP

      12288:09zpo7FKqmQEPmmo6G1SbhXIBQ22wnEKNy6ZfpTh2jK23L:eUANZPmjR1SbhYBT2wEKN3pmb

    Score
    3/10
    discovery
    behavioral24

    • Target

      win32/symsrv.dll

    • Size

      262KB

    • MD5

      b3ea90ea6e9c99965389662f8db9dc8e

    • SHA1

      412685767347f0cb4360787214b28038b1f38278

    • SHA256

      254609ec81013a878306c710acfd258907e338c32eeb5fdddb561116dfa65d40

    • SHA512

      b963d9dfe09db9c8e10ca91cf9504238f478f83bba5b9b5bc4910725fbf917a1af791e5fa8407d07e55589c8388c73cd0377405d03c88eeb5ba94a90dc5df827

    • SSDEEP

      3072:mK+Zk16lasjUumChoTtckp/Ec3SYiAdCksr5CsHLz0hQTplZBXo8PrF5T681kO2y:Rbrdr3S/AdCkA57ghmlZ68rj6euk+hU

    Score
    3/10
    discovery
    behavioral25

    • Target

      win32/symsrv.yes

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    3/10
    behavioral26

    • Target

      win64/dbghelp.dll

    • Size

      2.0MB

    • MD5

      7a7a9cd081ab016f84249ef4f06493ad

    • SHA1

      8dc1bebfae34c118fe3810dc9131cbf8ccbd9edc

    • SHA256

      009681092f6a13c5c28bb3b08ea14bb03ba959f9ce1a53730d069550da376c48

    • SHA512

      d2b3f302f653741298fb62d237bfc61e1555792aad73c14395b4dd4b97fe37f745e916b9f586945042b1eded19c2bc0e9efd4be57e44610d465296bd0c544e84

    • SSDEEP

      49152:21CydAIdaqDwWXf6J6eFyIfbIwDLk2A/R1UTwyIuZ:21fd7dxinRDLkF/R1zuZ

    Score
    1/10
    behavioral27

    • Target

      win64/old/dbghelp.dll

    • Size

      1.4MB

    • MD5

      893ec728b6fa9d7277963847bd408f4f

    • SHA1

      99d461999f631457b38df82d849d81b8fad946aa

    • SHA256

      21c398a2292f04652795c7d4ee7890bb62ac7039e58ac04ece91ff05ee0801ee

    • SHA512

      44d6b3073e2363e0cf8a8aec7384a5a386d2a8eb21716640569a2eb00ad5dd75d1b6d159aa59cea9e60d5b4305573f206a85e54b40d2160d2d2416d2882b6a76

    • SSDEEP

      24576:8p8iMrylctFcscX1ZxgCf0a+hGxSUwqK6Zq3OUkcgp0OT:C8UzHXT0a+hGxSUs3OUVy1

    Score
    1/10
    behavioral28

    • Target

      win64/old/symsrv.dll

    • Size

      139KB

    • MD5

      896ab17393ec4956d4dfded6a769bbbc

    • SHA1

      4d32d29ff4c90c1607b4210875cbb8f91f3a4de8

    • SHA256

      62e6e7efba96592e2e13af4c7f3ec7aaa0750f10e63984c26c7f26e11a0e528e

    • SHA512

      96a10f0f3253f39e6424f80b0331984c1b1c380768ae67cfec96d7a1a8b862d25482aa5032ca826ee475a8d81bb8fa0f40876240c1edc2545417c75b2668455b

    • SSDEEP

      3072:UUfirZpKkcwzutOkwCVQHSt6S6g7OZ9LI+G:2rjcOutJboq6S65q

    Score
    1/10
    behavioral29

    • Target

      win64/sqlite3.dll

    • Size

      1.3MB

    • MD5

      c11138204609ea63a3e88b4c8c09b035

    • SHA1

      b0829124f7e275b0f341c6af0fdd3dd5f65667a4

    • SHA256

      60c16c2fab14b344b8343778dcd6bbfdee3dfe5f83d1ac8d2e50c6877419eee4

    • SHA512

      28d9e92498433c1f6ec41893fc17db76d6cb7a1c565461eb6e67eebc2b924dd4aa65486c29874caa9ac5c78f804a8799c7ce1c641dd9f080bf1bf94b58ca208c

    • SSDEEP

      12288:aHnKY5WcmiyfogSknJbjhrbXBbrxaLsBDJbVQAjXwcasznMbDz43X6dmM:aqY5Wcmi4FJbXdsLsBNRQAjgH

    Score
    1/10
    behavioral30

    • Target

      win64/symsrv.dll

    • Size

      336KB

    • MD5

      1473a9ccb67526d4010f1b0f9e6b2977

    • SHA1

      7fe8c168e976200cf1562b8e8991245226b16b9a

    • SHA256

      f118fd9d6ba4c36db3556d1035efe90e99c00bf879a22abebe1dadfdbb3074d7

    • SHA512

      3f459a8c9536b615bbd3b8bfec9970f432cc72bd3287937f9f915fcbe9b2a13fcb4c45946a1722018f89db505b418957bd513bd32a64580484d4ac7d3896a551

    • SSDEEP

      6144:yT/zGgy2HzkCwmkfCl00EiwtHgadXIezwnzx7I91DR9J2:y3GL2HzkCwmkfClHbghpINzZmBRa

    Score
    1/10
    behavioral31

    • Target

      win64/symsrv.yes

    • Size

      1B

    • MD5

      7215ee9c7d9dc229d2921a40e899ec5f

    • SHA1

      b858cb282617fb0956d960215c8e84d1ccf909c6

    • SHA256

      36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

    • SHA512

      f90ddd77e400dfe6a3fcf479b00b1ee29e7015c5bb8cd70f5f15b4886cc339275ff553fc8a053f8ddc7324f45168cffaf81f8c3ac93996f6536eef38e5e40768

    Score
    3/10
    behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

3
T1217

System Information Discovery

22
T1082

Query Registry

7
T1012

Peripheral Device Discovery

1
T1120

System Location Discovery

5
T1614

System Language Discovery

5
T1614.001

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

2
T1102

Impact

Resource Development

Reconnaissance

Tasks

static1

Score
3/10

behavioral1

discovery
Score
8/10

behavioral2

Score
1/10

behavioral3

Score
3/10

behavioral4

Score
1/10

behavioral5

Score
3/10

behavioral6

Score
3/10

behavioral7

Score
3/10

behavioral8

Score
3/10

behavioral9

Score
3/10

behavioral10

Score
5/10

behavioral11

Score
3/10

behavioral12

Score
3/10

behavioral13

Score
3/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

discovery
Score
6/10

behavioral17

discovery
Score
6/10

behavioral18

Score
1/10

behavioral19

discovery
Score
3/10

behavioral20

Score
1/10

behavioral21

discovery
Score
3/10

behavioral22

Score
1/10

behavioral23

discovery
Score
3/10

behavioral24

discovery
Score
3/10

behavioral25

discovery
Score
3/10

behavioral26

Score
3/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10

behavioral32

Score
3/10