Resubmissions

02-08-2024 20:01

240802-yrmtpsshrc 3

02-08-2024 19:57

240802-ypr1msxgkr 8

General

  • Target

    goodbyedpi-0.2.2.zip

  • Size

    620KB

  • Sample

    240802-ypr1msxgkr

  • MD5

    6d4ebf84f120505d335b95e7e234a43f

  • SHA1

    61b3541f3c342fd8d709e8b0a781a395a8c41b6a

  • SHA256

    00a2f8b99cd817f8c7fc4c449033015f039d18af213de78cb66bf202277c0628

  • SHA512

    42bd5fe30de433148383d7d9aaf573baaff8d9f3eb14aab3a4f2f4ad19c395d0b54ff9762f05cc5e39abf7c4f555bfe43ec91f6e1b5cf9fe49c6a481431da6df

  • SSDEEP

    12288:A+oTmZ/AUfOtC5/Ajf/2TmUGi0Tywa/cLNcWH1UE0/wnqQkA8VmdXqAz7IehA9nX:ATmZ8aw+Tm9iGclEFqQkBu6G7RA9nxGs

Score
8/10

Malware Config

Targets

    • Target

      goodbyedpi-0.2.2.zip

    • Size

      620KB

    • MD5

      6d4ebf84f120505d335b95e7e234a43f

    • SHA1

      61b3541f3c342fd8d709e8b0a781a395a8c41b6a

    • SHA256

      00a2f8b99cd817f8c7fc4c449033015f039d18af213de78cb66bf202277c0628

    • SHA512

      42bd5fe30de433148383d7d9aaf573baaff8d9f3eb14aab3a4f2f4ad19c395d0b54ff9762f05cc5e39abf7c4f555bfe43ec91f6e1b5cf9fe49c6a481431da6df

    • SSDEEP

      12288:A+oTmZ/AUfOtC5/Ajf/2TmUGi0Tywa/cLNcWH1UE0/wnqQkA8VmdXqAz7IehA9nX:ATmZ8aw+Tm9iGclEFqQkBu6G7RA9nxGs

    Score
    3/10
    • Target

      goodbyedpi-0.2.2/0_russia_update_blacklist_file.cmd

    • Size

      139B

    • MD5

      0d689231a9c73bdd03f25e8ec57a3dab

    • SHA1

      4e0a03d846c1dca08f5f1c0ad86229eb5144b0c3

    • SHA256

      b9c8d691b2c1140455be35b15873944896b46c29f12ed0332274432a1c45a021

    • SHA512

      47b0b717c39ba219155271859ea95bba07f87de65c4c5168d8e7372d09700c842e4402030ed02307a421c2d16e6ce9c3d0c7f3f65aeab81488b3ee300e1a9e98

    Score
    8/10
    • Target

      goodbyedpi-0.2.2/1_russia_blacklist.cmd

    • Size

      240B

    • MD5

      10812f31ef70edc954eaf63650336212

    • SHA1

      1daef3d49e40067a1d77bd18c0c87e557b0aeb40

    • SHA256

      e155b6eadd37942f9bfc8d6d00aca4f518a056fc81ac8666a6532ba90f77fd93

    • SHA512

      c749e95a7fbf7ca55656da08259e26924d89c129f1ed6a2f435bc26393f3b1bcc90613abf71e1753d6e77591622a7494835889dc1cb198fb3aed19ff97bd2932

    Score
    1/10
    • Target

      goodbyedpi-0.2.2/1_russia_blacklist_dnsredir.cmd

    • Size

      327B

    • MD5

      f73c24aa2a64a897d88fee8787a48847

    • SHA1

      96b91f1ea3322111617a52dfff5bbf7e5f2ebbe2

    • SHA256

      cebffbb31125a1ac8abd68012bb413bac6da56258f0d4fa95dcb2f23e94b4779

    • SHA512

      2b2bc84c284a86769e0a703f5548b463f70aedbfce2f05421d630bfbeeb12d67991c01f91184e45ed5e5681d45aeb209798f459ed68a776c77976ffaa44724b5

    Score
    1/10
    • Target

      goodbyedpi-0.2.2/2_any_country.cmd

    • Size

      204B

    • MD5

      2e479250a2d20c6d2d5fc5171528694b

    • SHA1

      e72055aaabf6ae076d45bc6ade3a9aa8c8da33c3

    • SHA256

      8f432fb6710d0d2d36d89ab4125157766722928afe2e70077cd921f27579ad5a

    • SHA512

      7550871629ce9f72a72fb9e2b17093505c036737cfd0e21722ae9eaad4c8ed99916937c3e73637af63a1d24e392863fe79c6606dc29afc31129fcd6bfb71d67e

    Score
    1/10
    • Target

      goodbyedpi-0.2.2/2_any_country_dnsredir.cmd

    • Size

      291B

    • MD5

      48de91946fd423515b182a622842adc5

    • SHA1

      4519a0bc87a0e0838f003d3e4e4904d5721abad7

    • SHA256

      a7762f252e434134245adee7398eabc7b96e4e83ee408ce63cc3f92b942c4b6b

    • SHA512

      43ef99d5f0ed8725cfad206d6d3bd0d393258872882f3c2fd8f974703dfb418652f9f1adae5b6e9ab769cf9a46192655c795c4ebc0adf4cd6a1b4e7cd20db745

    Score
    1/10
    • Target

      goodbyedpi-0.2.2/licenses/LICENSE-getline.txt

    • Size

      1KB

    • MD5

      3a7edebc3612bcea2306f73b92342a44

    • SHA1

      9b177bac083f79d4334373a8144899b60155ecc6

    • SHA256

      ec5f8e03fccb3842cc62ad79ea5f6f6058988e2721a3e6566e8fb72786d485c4

    • SHA512

      17e987e112d02b1afd430db553ba0826c4b2ae7cfeba9adc3b9d8cebc93bbb6f02024a6ef95adf623eab5331af718fd10bafbf20b2dc5e906c0d2381ca11ba8d

    Score
    1/10
    • Target

      goodbyedpi-0.2.2/licenses/LICENSE-goodbyedpi.txt

    • Size

      11KB

    • MD5

      c4082b6c254c9fb71136710391d9728b

    • SHA1

      ff426822972c8972e3e4e782baac6f5304fd458c

    • SHA256

      e03ba41d7fab20700769fe4118bab50d800cb74f990353a05d2f5fff1c228363

    • SHA512

      4c71355f37002b14cf072328fe42569405cac2dc13b8c6ae871a1a5e958411417b7d4238a49c60c9bf5d956c5488b8ec9f4af99a6a6f8e5d8508443e4ceed2fa

    • SSDEEP

      192:ff9qG4QSAVOSbwF1wOFXuFJyQtxmG3ep/7rlzKfHbxc+Xq0rhlkT8mjHfH2:9Ou9b01DY/rGBt+dc+aclkT8SH+

    Score
    1/10
    • Target

      goodbyedpi-0.2.2/licenses/LICENSE-uthash.txt

    • Size

      1KB

    • MD5

      5cc1f1e4c71f19f580458586756c02b4

    • SHA1

      08473f885bd0231790223311cc3a712faf8abded

    • SHA256

      d3c6556e48104c31e3e0c62238c749c2a09ca79ee87da50b9cd29c6c9027d57d

    • SHA512

      d038952606c33cac0870b7018e8a33fc0e4d120363b392d9f5af36fd4e2519d95f51da1f87c30787db02d71208e40f806e8e0f6c9766791086150f98b3b8a489

    Score
    1/10
    • Target

      goodbyedpi-0.2.2/licenses/LICENSE-windivert.txt

    • Size

      39KB

    • MD5

      b864fbb188a7c3a11cef80f3ee902d77

    • SHA1

      7a3f0538f8fd2ee1c30fc1952cbf83b13b360b3f

    • SHA256

      e5453b2e71e4c4dcdb89a2539655add3a63202521cf3012b768e8bfeda199312

    • SHA512

      eb03bb26490535d98e270c89d70dfc9d1a0e2a22ad2bc09ed316e522fb52177b24bb6a2c023c9b010837b6b9a28dfe6492dc0b77f45883385a7e66dd00463c32

    • SSDEEP

      768:Qs57D0LVw7Y+tNdSz3ZlqXOWoInuzx3Y8N3Wib:QspD8VwVtNIq1uzZY1I

    Score
    1/10
    • Target

      goodbyedpi-0.2.2/russia-blacklist.txt

    • Size

      1.3MB

    • MD5

      8f2d338776b38f15d72cfffc9cc680e0

    • SHA1

      341db05705f885e2d2d0857df21617be4d8b7778

    • SHA256

      9a495e9cb16a4eb9585d3b8bdf22885e6156e9fd9094d0dbd05ade3390c6a2ee

    • SHA512

      dc7d37ca23b6dbb7ca9aa9373d24b81c8cbcc58cb6b623a257270b390c94eee94499e0f0ebb258a68cab12a93c578c57bee204e50ebcaae42cca893116263c14

    • SSDEEP

      24576:4gGuv5/xvIOVrz9jKHGV5jBurHpXMN9Uw88RhG5IWg2PbYzlfYN4ttNSem:4JuhxvnVrz9jKsjBmHFA9Uw88RhG5IWL

    Score
    1/10
    • Target

      goodbyedpi-0.2.2/service_install_russia_blacklist.cmd

    • Size

      620B

    • MD5

      982abd9ed7bf901b01d58d2b0feba050

    • SHA1

      dd37461aee977805cefe07da36dd9c1920f2a65d

    • SHA256

      d0ac6b990c2365f739f78ab76db855f39c29b2a3ad34fd332ef4f96a48a2ed65

    • SHA512

      68a4b48fb4ae1e5cda779d89d805f5603889809e110eafe2c00e1ea2244d6848dc03f160df5e78dd65a2d2efc601e7815ad2f8eab14618d87ad98e00ff1b6531

    Score
    1/10
    • Target

      goodbyedpi-0.2.2/service_install_russia_blacklist_dnsredir.cmd

    • Size

      707B

    • MD5

      9d572aca4605cd156a4302dbea9c5691

    • SHA1

      ffe3f3950e85624a9a0053d8ea95e4f6a863600b

    • SHA256

      73a593a11f3722b89a6bea5914d826c94cc034e4c506d1efc890c0fcfcb468e1

    • SHA512

      0bf753998a0003d6cf1a4788a8f89e82fce11ee68089f0f1641321a4fd7ef001b4b71a30fa6c0037575111f1a9d9a293a35e0174a8783ba04d93db8df66823ff

    Score
    1/10
    • Target

      goodbyedpi-0.2.2/service_remove.cmd

    • Size

      278B

    • MD5

      fe71b13c30cf0205ac5873d132e6a05f

    • SHA1

      d7303e7d62c3b64867e0dbc243682f7fcd5766da

    • SHA256

      678a065ca7ba3af4bc8cabd01aa91390a2aee839ca7094c03d6cda14475c9201

    • SHA512

      e8fb9d7e6849c9a9c571574af5cf13ce5000f9684bf1a020198805df7ef02cefbde1c8559416950af5b7fcfe7e6dfc3efe0dc44a35f32cb0e5507c0bcc798d29

    Score
    1/10
    • Target

      goodbyedpi-0.2.2/x86/WinDivert.dll

    • Size

      22KB

    • MD5

      c1946c67cf05fde59617eb65c35e0a86

    • SHA1

      1c0668c56bba3385b00ec62a3dbaab7b78f04278

    • SHA256

      ab3cdd99d4c710821070568995ca4cb58fb4273e9c0516a16e3335218438efcc

    • SHA512

      14d83e0996ba0f9e94d6b17f45d12cd026a0f86e507615918f91d442eef1ef6dd2da4e45765a7f6cff79ee41348be821ab6f5996d213bae8bfdd3d65286eb7a7

    • SSDEEP

      384:ywueRBGvxgKmhf+xwMuNq6w/AzydkxPOUyu/q8OJkL:KeRBGvPmZMayYDxPOx+FO6L

    Score
    3/10
    • Target

      goodbyedpi-0.2.2/x86/WinDivert32.sys

    • Size

      42KB

    • MD5

      067f9a24d630670f543d95a98cc199df

    • SHA1

      55695beff89f396679ac69cbf784a492d1b54e5d

    • SHA256

      b2ef49a10d07df6db483e86516d2dfaaaa2f30f4a93dd152fa85f09f891cd049

    • SHA512

      045de3d5ad262e34a42007c623f4f4b5dc0a9cf9d266a31095a274924e6b9f9165bdb5d96c95ca7107fee70b2a9f538b92e4d07faa88a94e2ef313e61eda9697

    • SSDEEP

      768:uph25O0qJS/ozwm+0l3qwO1XjtvD5dhl3yk:uph2I0eV1pl8Xx99Ck

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

discovery
Score
3/10

behavioral2

Score
1/10

behavioral3

dropper
Score
8/10

behavioral4

dropper
Score
8/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

Score
1/10

behavioral10

Score
1/10

behavioral11

Score
1/10

behavioral12

Score
1/10

behavioral13

Score
1/10

behavioral14

Score
1/10

behavioral15

Score
1/10

behavioral16

Score
1/10

behavioral17

Score
1/10

behavioral18

Score
1/10

behavioral19

Score
1/10

behavioral20

Score
1/10

behavioral21

Score
1/10

behavioral22

Score
1/10

behavioral23

Score
1/10

behavioral24

Score
1/10

behavioral25

Score
1/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

discovery
Score
3/10

behavioral30

discovery
Score
3/10

behavioral31

Score
1/10

behavioral32

Score
1/10