b16048a37c4e5e7cbe23a02ae21ac8140cbbb7575edfcd7de23b11664b9a507d

General

Target

release.rar
Size

97KB
Sample

240807-m69q8s1cqa
MD5

132c4a0a1efe997bbc33d3cf4ab1134d
SHA1

ead2f657eb32316f91a98f9891e530fa230583b1
SHA256

b16048a37c4e5e7cbe23a02ae21ac8140cbbb7575edfcd7de23b11664b9a507d
SHA512

c6a49295317a1a3be480fa0d8045095039caea9b01f13bc894e778579aff37cea18fd48f7a65e8d82f2a9b4ed0df8d76790faa0961f863fd9c684fa7c67da48f
SSDEEP

3072:X22DCuUeL09l9mNjsZQa5ifU0zYsAYqQ6I:X2o7M9mNjsZQaQc0kSqJI

Score

9^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  release/data/createuser.bat
- Size
  
  71B
- MD5
  
  a3fca2181219e47e252ad1e6c5901c86
- SHA1
  
  1b3ff050d9a5a2bec457228dd69db4bae7d550f3
- SHA256
  
  68a516c4b18ba7b28af6f27d7f461aa02f4c897d16e2bf73fc39567922546a2d
- SHA512
  
  279e6cd0d29d9cd8ed285238905cc1e905477c7f23ac44109d250549c6705c848b6edb970d64a0138f64c1bbe0328e8c484134f036e6160fefb92d148d85011a
Score

9^/10

discovery
- Grants admin privileges
  Uses net.exe to modify the user's privileges.
behavioral1
- Target
  
  release/data/deleteuser.bat
- Size
  
  42B
- MD5
  
  c5f2766582f3642b8332c31e105c9742
- SHA1
  
  43f937555e5f4616c66fc819446672de07387595
- SHA256
  
  162d02688b41c98db6054f6db888216c86a6cf73e565e55dd5f2d24662b25c38
- SHA512
  
  0652c578b2d7adab0781ac8c588ff4fdc919ef1f90adc0e6701b3641d52e4ad2eacae80ecb93a1148cac14bc96e56cc5521a675cccefef17beb0106d059ed4b9
Score

8^/10

defense_evasion
- Indicator Removal: Network Share Connection Removal
  Adversaries may remove share connections that are no longer useful in order to clean up traces of their operation.
  defense_evasion
behavioral2
- Target
  
  release/data/driver.sys
- Size
  
  6KB
- MD5
  
  a8a0baf6804f5b4e902319665e580a20
- SHA1
  
  34cd0be5714c68da630a5e766c8962af4a8dd48e
- SHA256
  
  ea455bc82de25f42e4e2daf24f341ff5eedffb1a1b62dccd36bb43004ac707ee
- SHA512
  
  8b25e3d18b18a16e1a9c05e57707a4fd09898edb77c7b55188e25c2f56de940d4279e109dd530a50205e0b2e345bbe70c904efb94d438bd59171e0e84989d413
- SSDEEP
  
  96:eA/w8VE6wC4NrkauyhWZ2JMQ4LI5aUZ1ZM2a3:v/f/skaCZAMTOA2a3
Score

1^/10
behavioral3
- Target
  
  release/data/macchanger.bat
- Size
  
  2KB
- MD5
  
  86630f471a1c7f40e8494347f9ab8249
- SHA1
  
  10a2139adfb884f01799de89bf9b9ccb2a8bb460
- SHA256
  
  c15faade0e71acd4abcb60a7e9f3f002a46d3d47bd294f7b12d811c871d1292c
- SHA512
  
  666fe7866c2bedc78aad081bddf7e4dc8a9038b173527dc9464dd9c0776314a8c3e1ec7f4d0f34aff0d946b94ed1178a5c665d79173d1bfe0a0a611f6af65369
Score

1^/10
behavioral4
- Target
  
  release/data/spoofer.bat
- Size
  
  58B
- MD5
  
  fbc09c6d998b476ba16c97b1aff5ca64
- SHA1
  
  ad8aeb2baab88d6773d170b31ff10021c2c15e88
- SHA256
  
  ff2e6633510b670e124ee4a533dab64e372a2896e9f4575d2591204fbcd85d7a
- SHA512
  
  8cfb1023b519f35a3ddadb312b199519793951921c037689ee7899bd5b836c18e20c58d212d7dc1ff327886693c3091be783312555fc57cc6541b9117d37b6bc
Score

1^/10
behavioral5
- Target
  
  release/data/spoofer.exe
- Size
  
  454KB
- MD5
  
  b954b605163a06bcd5ba4cf8f9cc4e03
- SHA1
  
  3cce640a2a71cb3b004256e23ad27eae63554498
- SHA256
  
  3b00d34ae7cd43fbd70d9bd8a15ffd7e432af77db6f76e8763573bbdda8f112b
- SHA512
  
  bfb4173de17e4fd6f843be18e7c799643883d6ea81e015e109da05f7c09709a8c0f8cb05ca4b0ffca8c448da947cc14a94f7acbd9b1d15e3a3c995cc806aaf39
- SSDEEP
  
  6144:W/HOdVi0dUkiLVyBBa+MTuWlCz7Hoc9VERc:W/HaVi0W4BBbMvYz7HJ
Score

1^/10
behavioral6
- Target
  
  release/run.bat
- Size
  
  10KB
- MD5
  
  8939639a847e160b2d3572be50533abc
- SHA1
  
  611cc2606a159fa7bd96b2a1eddd9dade4fed729
- SHA256
  
  6fdd1e8b0effaf4dcc91556eb8dd0408b487b9a5e53388d5cea3c766f2e1a8e0
- SHA512
  
  90c682377f460873854f57ee8cecb40d236a02a90e4523753a96968dfda2eb889ccfe422274ed4a8daa1555c205d66be14936c16abb4399ef7c1859d9928fb10
- SSDEEP
  
  96:cT8T9OB3dwnXnLcKrgsH0EB+yddAAalXlH45WdLBkUzCviv:cw2Wn3wigbEw0ilXlSuVkUGE
Score

1^/10
behavioral7