ebdddbbb2a2db91ce6e5b5e170ab8e1fd5e2a39ef1a827f96efdb80de9f7fd11 | Triage

Sharing

General

Target

DDU v18.0.7.9_setup.exe
Size

1.5MB
Sample

240810-yy5yvszfpa
MD5

a2069f73c8c0e5acb7da7fda896949fb
SHA1

f1eba55ad421bea5746a87a2db37b856a6363eb2
SHA256

ebdddbbb2a2db91ce6e5b5e170ab8e1fd5e2a39ef1a827f96efdb80de9f7fd11
SHA512

084299dcfdb30bb10e7892ec4b439ee497b393fc7058227f9a3ef25206aa68459b600c949c3278967e4ef1dc93605a84c5271a57156e937aff724dc8bfd620c1
SSDEEP

24576:EfL4INRh9aqCGKS4WCam+yNmhkfq17D/noXTQ32v1OdKhTw9J:ekShQqCGKUm+yghki1Hn6TQ301OdKVwz

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  DDU v18.0.7.9_setup.exe
- Size
  
  1.5MB
- MD5
  
  a2069f73c8c0e5acb7da7fda896949fb
- SHA1
  
  f1eba55ad421bea5746a87a2db37b856a6363eb2
- SHA256
  
  ebdddbbb2a2db91ce6e5b5e170ab8e1fd5e2a39ef1a827f96efdb80de9f7fd11
- SHA512
  
  084299dcfdb30bb10e7892ec4b439ee497b393fc7058227f9a3ef25206aa68459b600c949c3278967e4ef1dc93605a84c5271a57156e937aff724dc8bfd620c1
- SSDEEP
  
  24576:EfL4INRh9aqCGKS4WCam+yNmhkfq17D/noXTQ32v1OdKhTw9J:ekShQqCGKUm+yghki1Hn6TQ301OdKVwz
Score

4^/10

discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/ioSpecial.ini
- Size
  
  211B
- MD5
  
  e2d5070bc28db1ac745613689ff86067
- SHA1
  
  282e080b4cf847174c5c11e4f9157b8c338ecb19
- SHA256
  
  d95aed234f932a1c48a2b1b0d98c60ca31f962310c03158e2884ab4ddd3ea1e0
- SHA512
  
  a50ca2014869629135b54e848f03cb4983ad8029cd811300d02b0fc54de0436185f418fea4d3db888eb0f3170e33a59d486aa885f024ab29e630e9bc0ae1a2de
Score

1^/10
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/modern-wizard.bmp
- Size
  
  25KB
- MD5
  
  cbe40fd2b1ec96daedc65da172d90022
- SHA1
  
  366c216220aa4329dff6c485fd0e9b0f4f0a7944
- SHA256
  
  3ad2dc318056d0a2024af1804ea741146cfc18cc404649a44610cbf8b2056cf2
- SHA512
  
  62990cb16e37b6b4eff6ab03571c3a82dcaa21a1d393c3cb01d81f62287777fb0b4b27f8852b5fa71bc975feab5baa486d33f2c58660210e115de7e2bd34ea63
- SSDEEP
  
  24:Qwika6aSaaDaVYoG6abuJsnZs5GhI11BayNXPcDrSsUWcSphsWwlEWqCl6aHAX2x:Qoi47a5G8SddzKFIcsOz3Xz
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral5 behavioral6
- Target
  
  Display Driver Uninstaller.pdb
- Size
  
  683KB
- MD5
  
  54e57cb06a1e0b6fbb7d06c079ed384d
- SHA1
  
  c0605d364f8d49988c11336f3e2d57237c3796bf
- SHA256
  
  2117ff4448f67633ae07bd5e5a6348bf839e77508a768260fc0d683536351b8f
- SHA512
  
  6c832d688f0f4c240db98477210dfe75509ac2d6ca9375f8242f0e82efd501884e12b97bf738374aa7ae02c040d15677ca009ba0d25cd24a01bf8d8c03c85f53
- SSDEEP
  
  6144:V8FIrY7wnCDbM+snE6ll0L8VtAjEOX0pE05iZkDoKDla/:VoenEQlsA
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  Issues and solutions.txt
- Size
  
  1KB
- MD5
  
  4d29ce16237fec3a3bace44eda19ab56
- SHA1
  
  3aa8aea61c2f9f12222e04cdc04b07fcdb5c3394
- SHA256
  
  cc03a870a2669ddcf43184b877b1795ed34963cffec2a13280483f3fd688d498
- SHA512
  
  cc3f85299debf96601caf2e0a4e67ce0fa25b62cb14d3c939997dcc2f4fa089ee5decc8d202191dafeb24bfb78777bcb85f7fb654ea48acd4252f54ba714f4a8
Score

1^/10
behavioral10 behavioral9
- Target
  
  Licence.txt
- Size
  
  10KB
- MD5
  
  68fe02ed8bbbe343151236896d037cb6
- SHA1
  
  f9c263026dfb9c0ee79b42c4d64806e94410aa70
- SHA256
  
  f0ba074b93fad29b17f2d0231f9c5152c0dfa418c5f0c37b0324c72b0e8a5728
- SHA512
  
  f12cf0e04fce6540f95a484c5af85e1329e2fe408db7416177823d7b101764ab632777286cc8093a328e948481e09feff866730e43738e29b215bfaf9872d32f
- SSDEEP
  
  192:hZ0uWqWqMMkAZ8opdc3f+nU49FMm0WR/qDSp2sUP6:hZ0w9rZZ8MUfAVMVWRym0sUP6
Score

1^/10
behavioral11 behavioral12
- Target
  
  Readme.txt
- Size
  
  1009B
- MD5
  
  b799724d8655de1ed86c7e45ac96c33b
- SHA1
  
  040706767aa9c4263429e0154f8c3eb61714f27f
- SHA256
  
  8f1885b7603d1e2cb6d231774b83c6ad622a7b7cf87de835a68951084833a517
- SHA512
  
  8538844bd03413a8837d37d63625ded67264c25d8ba221f0cc357f60924078bc339a35ad133f92daf056a9dcf730504af025479d176f8b13573d638cf082bc75
Score

1^/10
behavioral13 behavioral14
- Target
  
  Settings/AMD/classroot.cfg
- Size
  
  65B
- MD5
  
  7f92472092a396a1172e3d3cd081e944
- SHA1
  
  cd2e1c4d458e542ce8efbd62ba2fc04ff7f47025
- SHA256
  
  2192b61a950ae88041b6b40e754d74f7e41348b9264c9777eb401bb001f983e5
- SHA512
  
  c2c7f290e0dbb58d2a9738bb141eb79b95a1c1e19c67ecf3d45c3ad403ce03edae9eda383d865cb34cfa1f12cf26d66729f2645f9b84a20e390b8add5611a3e7
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  Settings/AMD/clsidleftover.cfg
- Size
  
  299B
- MD5
  
  79fa1eefc1f6529437462c2e03149643
- SHA1
  
  8002ebeec58c17ca67c7ed54d06e3cdae5835d60
- SHA256
  
  625f889d5c60a66aed4f9ab1f5556eae8a6ebbcf635b2148b05dbaf16b24e03e
- SHA512
  
  50539dfe3842cb53ca75882bcd7e86954208c9b90c032758776dc545cb7f77d0d78495387ac41ebf1510d27ed82f1c8065aca9d5544afcc001689c71587210d9
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  Settings/AMD/driverfiles.cfg
- Size
  
  4KB
- MD5
  
  3c046a20b0a07b2fc45dcaa51dd0e0c3
- SHA1
  
  40d0bcf33e8de9174bf3f830b9c93824a882e2c2
- SHA256
  
  c81d6bc452376791bdd26a5edd52cc75b164b8c6a69f49b255a6b825c13d8b0a
- SHA512
  
  821e6d5653db7fad1d224994b3c20feffbb8cf8c5621ea3eb7447c042c52aa2b8b0327f5e303dc2e5157f887c75d1fabf0603871ece9fd32ec391c12c4845eb7
- SSDEEP
  
  96:smioGj6UNIlJ3PASn657ahrXWMQyg/D+oxUmQjHBK0M+KKpSnIXzwoe+D3mx:eoGj6UNIlJ3PDnQuhrXWMQyg/D+oxOHw
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  Settings/AMD/driverfilesKMAFD.cfg
- Size
  
  73B
- MD5
  
  d70453f20b7bf4a2af60b7b5f79913c3
- SHA1
  
  6fae50fb29a9476bd7078396da03aa6d1b713a60
- SHA256
  
  361dc0f70d29b09ca5c245c7f4631aa6146d646df973a4c9e88e84d2cfb61898
- SHA512
  
  569bbf7ce579ea2d44f84fd6b571b5bc85f72f3c62dcd0b6e59b2331af5e20f9894cb296b81090a69383130f47dc0ceb69aed5745ece14b42a8b562617f69474
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  Settings/AMD/driverfilesKMPFD.cfg
- Size
  
  148B
- MD5
  
  7e80b69945687a2becded6b8439025b8
- SHA1
  
  9c5a767fe0dffc948645bb4e66f9459a7f7c1102
- SHA256
  
  9291812eb2703a405ba933b7f96b7908c1c3ab83f58b1497c2bbaabdca856b96
- SHA512
  
  d37acbcce955f204915a187ac2a3b4870d461ee39fede51c99be528acb17cef9cb46d66c6ed4942269e5efd706db3291a06a3030eeef8c9f6a453123064890e5
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  Settings/AMD/driverfilesKMPFD.cfg.bak
- Size
  
  133B
- MD5
  
  89155d0f824d7e89a4b22c7dd6ad08f1
- SHA1
  
  7cb7b1d82fcb7e5126445a38a5de60939d2bf790
- SHA256
  
  25b33c9f444b367751902d28c85348eeb8cb9b06e02fb7c2b10602fb59e998cc
- SHA512
  
  43a101b9e8ddcae22cb5384e5a0232c6fc7804d902ac6c856ceeca8feb646cad137929fbfe59b30558101148d05bdc033ec2251840fccf22782be09da271f318
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  Settings/AMD/interface.cfg
- Size
  
  189B
- MD5
  
  d26ff4c7bd788d176463bd1534d0d0b1
- SHA1
  
  65a3981f18636c584c954798d514023741cfdc0e
- SHA256
  
  6db0065fb28c9d16c90033127e9b2466db66051500dac74b7c9ccc9f8ee36836
- SHA512
  
  a55c35c2ff890498182f374df01e18a8f25acd19afeb916701d66c2fa9350be051ceb2646ae43a96c21ad6d0d4b2293f03f9e89e62003d0aec72e08b4c77da6d
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  Settings/AMD/packages.cfg
- Size
  
  582B
- MD5
  
  e0323af9edeeca54100c97cd1e165570
- SHA1
  
  50bac9043f89ecc8d7f95573a62f3054c92a485c
- SHA256
  
  3b585f3b654fa8751a5c9512358aecb3fa8b41dc2b3dbea6807e2522c6f1d018
- SHA512
  
  cca0e288c7e99b483ea8ac382d80e520ee7515da8620e6c38465e34a59cda70c18f32c6bee7530653b7949043bca75523baa70039262b16176267503ae619444
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  Settings/AMD/services.cfg
- Size
  
  457B
- MD5
  
  61b412f8d921bcfed4ce1f937b54537d
- SHA1
  
  c93586284934ef9c2f1ab943e38cf05f3be67cd1
- SHA256
  
  1377feda29d266dec25117d74493281202ab69127bb33429f9ba84ac8c28d296
- SHA512
  
  ec64fd3a95f4eae201a2e8bfaba3f9a963c9cdfa0a6429dddf21a16169dc28bbd470ef01c91bcb61493a56463acfe7542ba835147a228f820dd9ad6a6b29fa05
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32