b4bb497039f2c1ca8c7eaf592bf32566b8fbb2f657f23555bb14c4d24db3c622

Resubmissions

09/08/2024, 21:36

240809-1f9kfatgrg 6

09/08/2024, 21:26

240809-1an2jstend 8

Sharing

Copy URL

Twitter E-mail

General

Target

KASU PACK V.3.rar
Size

173.7MB
Sample

240809-1an2jstend
MD5

efee2585fa91b2126e932891f773b5ce
SHA1

62a59832a80cf21a4812825dd2b0543254c98fce
SHA256

b4bb497039f2c1ca8c7eaf592bf32566b8fbb2f657f23555bb14c4d24db3c622
SHA512

f0b50fbb214d4256d3f539679e56c25107733cfc4b5572e3f318c89ec3cc01a5cc767f77fd382cc0abc79a53d452e8f9823344f24800d155252853b129e8fee3
SSDEEP

3145728:BkjSIGXTkVrOFNpm6gV124UHLAVaA0zFQq7i5nidMlGstmQyzW9odtUIVjcYJFa/:6jSVTkVrOY/GBFi5MXs0dXdCIhJP1I

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  KASU PACK V.3/Disable Telematry/OOSU10.exe
- Size
  
  1.8MB
- MD5
  
  3fe356ff0e52f84abddf53238eec0fe6
- SHA1
  
  874864626861a178f02116228e176f2a41620583
- SHA256
  
  7335914d30d8ede5431c4ba32f56a79a397a6f38bfd44e90f62324f63afeda65
- SHA512
  
  7dd811acc085c9dce88a3465b91c00057c4fc9f750c37fb37fb88f9a17fdbb2e3984b03938c7e7c6ab6fa8e9e39746aa5a542c23274b6724d056ea5c55d742be
- SSDEEP
  
  49152:sEublE2XwGw4JEJTJxJxOrOrY98Hanit8LsfeB/eR1xO:i9uWkKeR1w
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  KASU PACK V.3/Disable Telematry/WPD.exe
- Size
  
  576KB
- MD5
  
  65325f636ac238568a21f389387f0299
- SHA1
  
  acf8022648f3eab3b6da50e0f90301eefe64a3f7
- SHA256
  
  c21e9de5b28de8edfb6b2264b33846e842f7954ad70fa07b3c652feb5f0a09d7
- SHA512
  
  9580e5f040f7adb0cfd5dc8749ddc501c97c849fd7bde4b2d66af6beb5d4a2505546b053723d53009ece3014ee87723bbc23729e43c6aec0698ff514c2ac33a2
- SSDEEP
  
  6144:TRQucww8JJQLbRYX3XJ7Sjt52vljOwsxVDC5Mq7Zj2R7beOW2wmIyWk5QoBN6Z61:1cwoQkl2JI
Score

5^/10
- Drops file in System32 directory
behavioral3 behavioral4
- Target
  
  KASU PACK V.3/Input Reducer/KeyBoard_Revert_Optimization.reg
- Size
  
  2KB
- MD5
  
  009cd802166df1c40bfc07267d34d6e3
- SHA1
  
  fdb5a99333958e9b8da93da36c5b3c65b6fa07c6
- SHA256
  
  112c9e7894e0bb9bd0a9b66b1e21a213ff128c5ae0b93e80079902220a19727c
- SHA512
  
  99b27b2c1d6a6145adc33e1659bec6a59eaa2fb26012b5c00728e12b102ecd533265492d3a65a7140c2d907433edeccbb92a7831b56aa8306ab80ab5907bd3bf
Score

8^/10

persistence
- Sets service image path in registry
  persistence
behavioral5 behavioral6
- Target
  
  KASU PACK V.3/Input Reducer/Keyboard_Optimization.reg
- Size
  
  858B
- MD5
  
  2a3715c6db552047f82bb10cf18fc842
- SHA1
  
  0422a38dc11e6338e1cb9ee68f7839b2531b3bcf
- SHA256
  
  15a8184f9c803fdd194fd726610446364b63d37bc49251194612c5b74b6852fa
- SHA512
  
  66f4272c602b62dbc945903b079001e32f0c0418065b2cb5465a0da74d6be423343e92559038870c5a75a360f065e5f46c8985ba373d0a257abb3cc63fc4fef6
Score

1^/10
behavioral7 behavioral8
- Target
  
  KASU PACK V.3/Input Reducer/Mouse_Optimization.reg
- Size
  
  558B
- MD5
  
  a53498d8302b43aa5743f8e450ba4c76
- SHA1
  
  3f96dc1d2b51234de9d16d3f48782f23cc318daa
- SHA256
  
  1564dfaf3d7364bc471f22889278d43105c83d54eba33c52daf8dddb83f4713f
- SHA512
  
  38ec035e33e2189493ea759f26c37b1064801575a9421eaa3b93020a08419ea80c82b67b6fab502e6e2c45b19acc4e4d74521ecb64761913e25ca7fb8c980af4
Score

1^/10
behavioral10 behavioral9
- Target
  
  KASU PACK V.3/Input Reducer/Mouse_Revert_Optimization.reg
- Size
  
  1KB
- MD5
  
  011ca3be2d38ef015b4170dfdb79274c
- SHA1
  
  4ffd077294b565e4e049b7a3f18739fc049c70d9
- SHA256
  
  e441d771504d9989a02589adcb807b3a0c9603a7f7d4c96d7f462ed77d75605f
- SHA512
  
  4f91ecee1348815114116a7f12a0aa5b461f842764dc990ce8cddd26587f85e60ff1dadda92db4b483b41d033cabcb407cf1ee3b0d3af5138879ce29028f8190
Score

8^/10

persistence
- Sets service image path in registry
  persistence
behavioral11 behavioral12
- Target
  
  KASU PACK V.3/Ping Tweaker/Credits.txt
- Size
  
  823B
- MD5
  
  450b0e79f2bcf0eaac4b7382e290df5d
- SHA1
  
  fcc676b9bba5188c56ee5187e6952863c9a43e03
- SHA256
  
  59a946ee4978c9e333a854b3fe0f56ff4e6f80d9a6d10f70ede3692b15df9c44
- SHA512
  
  c157638b7cdf6a887325e89e89ab0969e02d395e792354adc08e65faa112149aed47c7ab52deb00ef42ef0c151c99e80bd4cd78c39621704b8eed490dc82e703
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  KASU PACK V.3/Ping Tweaker/DNS PING REDUCER.reg
- Size
  
  476B
- MD5
  
  f93ce6a3a9242f1e40bf795d0d1972b4
- SHA1
  
  7baa17bbbb41c1fbcfe3b2abde5db74caec16fdf
- SHA256
  
  3bd8bd5b7df9407a894df44ae66e5aa6d93a814a8735c453cde9689ccd89eacd
- SHA512
  
  4140af33e3e1f28429e039a8339de9969ac25f9d45596fca3b42a7a97ece8215cf952dd214f84846c3af87370b02e1b0f7ad77cc4b41f50eecacb42ec7313616
Score

1^/10
behavioral15 behavioral16
- Target
  
  KASU PACK V.3/Ping Tweaker/Ping_Optimization.reg
- Size
  
  746B
- MD5
  
  e85884fdc431c32cdc545c18457f2106
- SHA1
  
  a5e3f98e162a34cdcb0584ca7a1cf849735d4e48
- SHA256
  
  d9a163ef0f3d2b99100dcdaa14b644bf698e05bca65e29552f3a4a1fc587356f
- SHA512
  
  9672483d4a48d93133c6252eaa0d23e53763d5a5a4384c43dc825c2f970ca6354865710824382fc7d394de91f3418b40bf03dd27c7b2d124a6c5771d11c411dd
Score

1^/10
behavioral17 behavioral18
- Target
  
  KASU PACK V.3/Ping Tweaker/Tweaks_internet.reg
- Size
  
  947B
- MD5
  
  03335f697f34e444698a389400e851e9
- SHA1
  
  fb672dd2d69effe078b69ab796d5804951539c6e
- SHA256
  
  e8602243027b9a6ce8e7c6e18334d41ba66dbd6d829cbd78b63fad5a9d7cce2f
- SHA512
  
  276ad267d8d029b2e632e41ac3d71e5603428158838ca3b0458167bc1e0a1ad6d399dbad56ea99afff34c574cfde9acbe3ace71af229db94f03dabfd4ea3f926
Score

1^/10
behavioral19 behavioral20
- Target
  
  KASU PACK V.3/Ping Tweaker/low_ping_and_delay.reg
- Size
  
  319B
- MD5
  
  a33a770344437b9a6e7032734f0a2d9d
- SHA1
  
  16572654cea038e615c82490a9517c222394d86c
- SHA256
  
  230888c9d1bdabbf898e44aea761e5c747e472c12982b56d29edf35fab089a5e
- SHA512
  
  670f7fd00319272c191e04e434304b6f137e9d270fd749b15cc101f5a7eef578bf969617a5411adc80f7f6884a163a32f3b7d7c7c7dab583e9c84694f9ca06c9
Score

1^/10
behavioral21 behavioral22
- Target
  
  KASU PACK V.3/Power Plan/Max Performance (RUN AS ADMIN).bat
- Size
  
  471B
- MD5
  
  3955511f0b30a32f197f5a9084486581
- SHA1
  
  da0d23655d211fd83fd14cc12c6750baa4469b06
- SHA256
  
  937a072d2780b3249c12596dfa529dc9fae5f752d567f3e3b7122e8ea941cec1
- SHA512
  
  301030409d3106a9b5ae2c75a31853b4da305297003444297b59217c5b17ee262563be935797a5d0fe5fea6cd454b79a84f2ade2655c2a3916fc0669f5270b8e
Score

6^/10

persistence
- Power Settings
  powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.
  persistence
behavioral23 behavioral24
- Target
  
  KASU PACK V.3/Regedit Tweaks/HoverTime.reg
- Size
  
  106B
- MD5
  
  bbf53980c0369b1dfb6d7535b6dc24c8
- SHA1
  
  29ae9373bf8017c59beb048366f30fe64ec095a3
- SHA256
  
  99b86cd4e59662d53390aa64ad8c53367d4cc4d61b44e7491a2e867dcc199a2f
- SHA512
  
  4ef062a3b4925bd29b31a6adf65bf0a1d241e1046aaa8d05c4e21b6f7dffd20a91af53c9d6b1c6ac7f93d51161ea89445b3aab0204705f727d42ab182e3eda2c
Score

1^/10
behavioral25 behavioral26
- Target
  
  KASU PACK V.3/Regedit Tweaks/Ram Tweaks/10GB.reg
- Size
  
  165B
- MD5
  
  ebf66ea99358a0c31b1426f8a34752ee
- SHA1
  
  65fc28a791def06a70550b28bafc0ca37e82fac7
- SHA256
  
  033c65d9eec7efaa4967dccd7b631bd6554e5c39209475d5c550653cbed52b2b
- SHA512
  
  fbd8fc8137892cc2e69432769a3bcd429283849f84bd29e811770253b5ae58c2f94704d41ff8acee470fa372469e3b1f3c839d8a0ca3c592bededbf7e8e43c21
Score

1^/10
behavioral27 behavioral28
- Target
  
  KASU PACK V.3/Regedit Tweaks/Ram Tweaks/12GB.reg
- Size
  
  165B
- MD5
  
  08b029b52576e7ad345cfe49984c1fd5
- SHA1
  
  b8c7115d320e53ffd2d78b5bcf10089874bfe036
- SHA256
  
  3410817a68fecdeeaf50da29f57b0a416cdea77382763ca33be94830c6fc2451
- SHA512
  
  89e8271d2084c734f8d7ad5da524a840877cc149563bcb5fb7282aef09c04ef9953d2d7b81769c8381cf542fed554ddc345a4a050dcd1765ddbd83c0fecaea92
Score

1^/10
behavioral29 behavioral30
- Target
  
  KASU PACK V.3/Regedit Tweaks/Ram Tweaks/16GB.reg
- Size
  
  165B
- MD5
  
  59637f9cb6db57fa61f78a6faa60bf44
- SHA1
  
  1c2d97abddb2e10893ad143e13400088bd1fe493
- SHA256
  
  4e43785c2b68e48b0457e381da46c1fa72ba11404e9be3c43cdf4e68370a5800
- SHA512
  
  bc1d381ac3eb00df81fb415adb0a23aefa30d2f2b0157ce4741d2703dc5692e66490ac9920bca38cedb5112600bc2b12b96fca5d2c506690a07f33dedb3fca66
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Power Settings

T1653

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Network Configuration Discovery

T1016

Internet Connection Discovery

T1016.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Drops file in System32 directory

Sets service image path in registry

Sets service image path in registry

Power Settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32