5ff98fd3f993440fecc7fab2553f120d560568d385b9a005e591fbd2b5797842

Sharing

Copy URL Twitter E-mail

General

Target

5ff98fd3f993440fecc7fab2553f120d560568d385b9a005e591fbd2b5797842
Size

3.2MB
Sample

240811-z4zjpsydkm
MD5

83088f1fd0fa6b4a8cf82f0eecd21ab8
SHA1

b30d1d55bb070c9b920d1927cf866d43f757aa5e
SHA256

5ff98fd3f993440fecc7fab2553f120d560568d385b9a005e591fbd2b5797842
SHA512

4952c628d0b13c8c05d665c09c63d6a0d0bb501cef7327214404607b5bbd3ea0b9a87fcabedab3e7e30f5aa33f1b6d0e85be056b54e2d1b2bfda565c86de4416
SSDEEP

98304:rWtFMKXiSdadVSQ7Q+8CCY5vizmbIrJhLg:rWkDdVb7QPCD5vwrJK

Score

8^/10

discovery persistence

Malware Config

Targets

- Target
  
  5ff98fd3f993440fecc7fab2553f120d560568d385b9a005e591fbd2b5797842
- Size
  
  3.2MB
- MD5
  
  83088f1fd0fa6b4a8cf82f0eecd21ab8
- SHA1
  
  b30d1d55bb070c9b920d1927cf866d43f757aa5e
- SHA256
  
  5ff98fd3f993440fecc7fab2553f120d560568d385b9a005e591fbd2b5797842
- SHA512
  
  4952c628d0b13c8c05d665c09c63d6a0d0bb501cef7327214404607b5bbd3ea0b9a87fcabedab3e7e30f5aa33f1b6d0e85be056b54e2d1b2bfda565c86de4416
- SSDEEP
  
  98304:rWtFMKXiSdadVSQ7Q+8CCY5vizmbIrJhLg:rWkDdVb7QPCD5vwrJK
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/ApplicationID.dll
- Size
  
  196KB
- MD5
  
  a858c1a57e32485505b1977cf0a125be
- SHA1
  
  25d86c4b51f7cc10fc70e3a0493a39c4460cc350
- SHA256
  
  1462a072345e86318b981089b08b613a34027ddf527bfb66606c683f218fc3b4
- SHA512
  
  32b597fc2412a9407fd12ac77c556ff9740f1dd0d2055426d11a7baf21b09c536a84cfb97865b4e94168656514e7ce71eb2bc4122aa340100f4ce483bad1722d
- SSDEEP
  
  3072:2pBNN6AmU9cDlKd3P6V9nSm49WTgKg4Fa1V3FuXRAuAg0FubA9cVsL+73:2pzxmQ3yL+9MgKbxAOEXY
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  cff85c549d536f651d4fb8387f1976f2
- SHA1
  
  d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
- SHA256
  
  8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
- SHA512
  
  531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88
- SSDEEP
  
  192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  6c3f8c94d0727894d706940a8a980543
- SHA1
  
  0d1bcad901be377f38d579aafc0c41c0ef8dcefd
- SHA256
  
  56b96add1978b1abba286f7f8982b0efbe007d4a48b3ded6a4d408e01d753fe2
- SHA512
  
  2094f0e4bb7c806a5ff27f83a1d572a5512d979eefda3345baff27d2c89e828f68466d08c3ca250da11b01fc0407a21743037c25e94fbe688566dd7deaebd355
- SSDEEP
  
  96:o0svUu3Uy+sytcS8176b+XR8pCHFcMcxSgB5PKtAtgt+Nt+rnt3DVEB3YcNqkzfS:o0svWyNO81b8pCHFcM0PuAgkOyuIFc
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  7KB
- MD5
  
  675c4948e1efc929edcabfe67148eddd
- SHA1
  
  f5bdd2c4329ed2732ecfe3423c3cc482606eb28e
- SHA256
  
  1076ca39c449ed1a968021b76ef31f22a5692dfafeea29460e8d970a63c59906
- SHA512
  
  61737021f86f54279d0a4e35db0d0808e9a55d89784a31d597f2e4b65b7bbeec99aa6c79d65258259130eeda2e5b2820f4f1247777a3010f2dc53e30c612a683
- SSDEEP
  
  96:J9zdzBzMDByZtr/HDQIUIq9m6v6vBckzu9wSBpLEgvElHlernNQaSGYuH2DQ:JykDr/HA5v6G2IElFernNQZGdHW
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  parsecd.exe
- Size
  
  454KB
- MD5
  
  59a8d343d447543da8ad98e9e314d756
- SHA1
  
  446abeafbbc31323a5394784b557ebc1442d3e22
- SHA256
  
  621c2d7f2291c685a670f7fcea510d47c644981679fe91e70a508bc4a298cc5f
- SHA512
  
  929f6437eeaf0b8bc90f4c49bb164fe33bcdf2e2d5dd6616fbe0c04951705d259d4a4579e6742ca83dc9eb5789786f72501d1163f69ff8751737a03ff6e92c7b
- SSDEEP
  
  6144:rMnPtd70lSqWFIzPJ94KU2AW/vx+8K0sSjvujvGms7X5cgz:rMld70lSqWFGPJaKxAWc8K1Io+msjagz
Score

1^/10
behavioral11 behavioral12
- Target
  
  pservice.exe
- Size
  
  406KB
- MD5
  
  e2c143ea07596857aefe2499f22ad400
- SHA1
  
  0dcc27100be26c6a43590aa9a1be1d21f266cd3a
- SHA256
  
  4c875900211b3e5de2438e5df94421bf56c256628b255bbbf37f8c919bae1936
- SHA512
  
  baa49cbaf976a1dcb7059390eed65f70db73d2e883a09e46291a26873df9b0809ba50c407554c79d1215e57b6446cf1e0853e5d367467871d008d6b53e92f160
- SSDEEP
  
  6144:M9GdSHbzTCXSnaQq1zArZDzWA5jvGms7X5uw:aGdSHbzTDa9GrtzP9+msjL
Score

1^/10
behavioral13 behavioral14
- Target
  
  skel/parsecd-150-88a.dll
- Size
  
  3.1MB
- MD5
  
  79a21200b1e09b09d058684d7042e171
- SHA1
  
  f87c6bf16a5f61401bef46936141787d323da359
- SHA256
  
  4881297a2c04159953fc0c85d449e34a9363a2515877254cc7077d8b1fd33e60
- SHA512
  
  3ee3b8c986af3e41a9703108c7cf1264f9d15fa3ee40c7f94e67dbb33337caec4e36b35cadffa2041614c2cbbc639eb344c1e45582cdaf18c6d7f43128ccd707
- SSDEEP
  
  49152:J4T+ajvePpitq0haap6lWvK+97EqJ7uR1cFqMFWFVm7H+sSuta9o31kU+C2tv5nI:JkoBF+Sa6U+C2tvZJtrfj8
Score

1^/10
behavioral15 behavioral16
- Target
  
  teams.exe
- Size
  
  342KB
- MD5
  
  faa24223985abfbf64e4ddcd43f062d3
- SHA1
  
  e1374dc7c98405efc5a44aa3229b97eabdd69bb2
- SHA256
  
  6dc71b2e92b770dcfeca4a32c8f1787210311f731f1124754df193ec22d5d13e
- SHA512
  
  23324afcb51508f5ea3f120a5787b150a8226d677c5a55fef219674b4d619fd0d7300d2b4cad917864d5f54788b9c8546db2a77aa4f0d666a956014169c4a6c9
- SSDEEP
  
  6144:GAR9duE83BYjyEbU1SDgFg8EwkSdbAxD22y6jvGmp:H9gp3WjyEbU1SDAgJw40c+mp
Score

1^/10
behavioral17 behavioral18
- Target
  
  uninstall.exe
- Size
  
  148KB
- MD5
  
  cac9c2148d4dfa410da810b425d17a64
- SHA1
  
  2e420f661e5761adbf2c6a7fb47567d84acc23f8
- SHA256
  
  231db3a2853c5eae9074b9da6b8d1912ed3a953faaa7cc6e807586f740b7d077
- SHA512
  
  c09ad3060b63c82dff2a0a1933425a018ecdc50f6d433e28b7aa7825d178871d60f8f572b16a9fb80dd080d0f959554419a1b97ecbe516fb27b72fcbe96b4ad3
- SSDEEP
  
  1536:3/T2X/jN2vxZz0DTHUpoum9pbZ3yFu1/s+ZLGmRTQ3Y:3bG7N2kDTHUpoumTi+hGmRL
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  vdd/devcon.exe
- Size
  
  80KB
- MD5
  
  a9b2b49cc4457ad9d63b10c4fd6c9748
- SHA1
  
  358179dc6acaca3101c3b6f8af4d471267576d63
- SHA256
  
  270836795917367e22d843df92a535004143515e9ea9bbdeb056a27c82ad6daa
- SHA512
  
  8b958943667d73d479e3943f752248bdf13f3c7f242d2ca7ac13ca81a7318e737b78e3172a726c7de040c9ae442ee9fb53245153f6f3d965562070c6f097f34a
- SSDEEP
  
  1536:Loy+W1WjEMnRJod1WoIkOFc5V62nFMqO7WM:LhePRKWpkecC2FM3W
Score

1^/10
behavioral21
- Target
  
  vdd/mm.dll
- Size
  
  153KB
- MD5
  
  5f8fcc7684c70bca36cdcb943498e257
- SHA1
  
  0839d177b5d9b61bf621d92ecfd71847c1e6061f
- SHA256
  
  7f2e8860d56461ea5eb2d2d54a63fc934f3694b32eda72170e069797d846d6c7
- SHA512
  
  f99b33feb34aef30a1365652f1834e842e0fc66829fd40a7dec030f685ff998184dcfc9cd78d213d52722b1b7935f5e46e57db63dda69894f099e1bea39ebbd7
- SSDEEP
  
  1536:26C/s7abVFJc6JPnezrHzucwJpjTwEZdHrilfcz19xNH5lv1yhl3d0NNaEvEde0/:cmabVFJTEPnwJHHrEiNzY0NNaIUR
Score

1^/10
behavioral22
- Target
  
  vusb/parsec-vud.exe
- Size
  
  677KB
- MD5
  
  563b76a686309756d913fd36d54394d2
- SHA1
  
  a9b1f11e91ae7ccfcb2abd6e6308bae404ce5f3d
- SHA256
  
  400540ae33428d45b901b22f6015575dfb204803342ea974310fb894124789af
- SHA512
  
  c1657ac1542b695064f4264cfeaab9521e432b0b1f9a5cf67d8f26ef25c057c300d90ed9f0d04bb4948591dabdd172af3694c58c07680c4a85ead47cacac6c7b
- SSDEEP
  
  12288:kbYI09O0wgIQp0RGkL7v+KF9usd1O7osH8m+znqeMK5GH9rFfW/Ho:kb4Jw9QaRG2zB9nU7PePMKkfO/Ho
Score

8^/10

discovery persistence
- Drops file in Drivers directory
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  cff85c549d536f651d4fb8387f1976f2
- SHA1
  
  d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
- SHA256
  
  8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
- SHA512
  
  531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88
- SSDEEP
  
  192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/UserInfo.dll
- Size
  
  4KB
- MD5
  
  2f69afa9d17a5245ec9b5bb03d56f63c
- SHA1
  
  e0a133222136b3d4783e965513a690c23826aec9
- SHA256
  
  e54989d2b83e7282d0bec56b098635146aab5d5a283f1f89486816851ef885a0
- SHA512
  
  bfd4af50e41ebc56e30355c722c2a55540a5bbddb68f1522ef7aabfe4f5f2a20e87fa9677ee3cdb3c0bf5bd3988b89d1224d32c9f23342a16e46c542d8dc0926
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  6c3f8c94d0727894d706940a8a980543
- SHA1
  
  0d1bcad901be377f38d579aafc0c41c0ef8dcefd
- SHA256
  
  56b96add1978b1abba286f7f8982b0efbe007d4a48b3ded6a4d408e01d753fe2
- SHA512
  
  2094f0e4bb7c806a5ff27f83a1d572a5512d979eefda3345baff27d2c89e828f68466d08c3ca250da11b01fc0407a21743037c25e94fbe688566dd7deaebd355
- SSDEEP
  
  96:o0svUu3Uy+sytcS8176b+XR8pCHFcMcxSgB5PKtAtgt+Nt+rnt3DVEB3YcNqkzfS:o0svWyNO81b8pCHFcM0PuAgkOyuIFc
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  7KB
- MD5
  
  675c4948e1efc929edcabfe67148eddd
- SHA1
  
  f5bdd2c4329ed2732ecfe3423c3cc482606eb28e
- SHA256
  
  1076ca39c449ed1a968021b76ef31f22a5692dfafeea29460e8d970a63c59906
- SHA512
  
  61737021f86f54279d0a4e35db0d0808e9a55d89784a31d597f2e4b65b7bbeec99aa6c79d65258259130eeda2e5b2820f4f1247777a3010f2dc53e30c612a683
- SSDEEP
  
  96:J9zdzBzMDByZtr/HDQIUIq9m6v6vBckzu9wSBpLEgvElHlernNQaSGYuH2DQ:JykDr/HA5v6G2IElFernNQZGdHW
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Registry Run Keys / Startup Folder

T1547.001

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Drops file in Drivers directory

Adds Run key to start application

Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32