70d58a06d5537d78434d74b5fc67d6a2284cd55c59d6a586116d079ddf4c5fef

Sharing

Copy URL

Twitter E-mail

General

Target

70d58a06d5537d78434d74b5fc67d6a2284cd55c59d6a586116d079ddf4c5fef
Size

962KB
Sample

240821-tnza4sybka
MD5

0cfa2dae6003b341b486a563c3d5a79e
SHA1

9404a55f9b83997f31dc55e71974061430fc1fb6
SHA256

70d58a06d5537d78434d74b5fc67d6a2284cd55c59d6a586116d079ddf4c5fef
SHA512

27341f81c316f8556c6a6ec7868617dce824226bb6f153542fd47e46ee824ff556c531539d5e0ae93a289d50883d5d2a7521368670348fcf4bd90fc46cea7147
SSDEEP

24576:3GsmDkT+NZSxxxyJROncnUWVQPMmGfSyzQnFpSpz29:3bmDCUSKR1nUWVQUmGqyzQnFpSpK9

Score

8^/10

discovery dropper

Malware Config

Targets

- Target
  
  goodbyedpi-0.2.3rc1/0_russia_update_blacklist_file.cmd
- Size
  
  130B
- MD5
  
  a6af4b081a4cbcd448759306b2366eac
- SHA1
  
  0d1d887413e074b0991b5be0ca296f18053502c0
- SHA256
  
  d9d7c57c7dedb3a4e6566ddd7623758f53986a2c34e0cd3784b84f7f881a01c4
- SHA512
  
  f406b865f4bbe08181f1c1f239f198bab03b5b681174323b78f0b3c1790a1e177473a89ee566dac906c08d044fb0eb9a48991cf773222d378f469bd4941af62f
Score

8^/10

dropper
- Download via BitsAdmin
  dropper
behavioral1 behavioral2
- Target
  
  goodbyedpi-0.2.3rc1/1_russia_blacklist.cmd
- Size
  
  274B
- MD5
  
  76763259e528cd27e998fb4c665c2b78
- SHA1
  
  f2b6e15dca04c54ace2aefc4bc72656dc7550cab
- SHA256
  
  69c8b67fafbca446ce5302e97f9947191ecb84d2a51eae61d4955dc3e2147da0
- SHA512
  
  69d35fb64ab4cee901b7ecc9baac437cd4dd5e3feb5b006a0fa8c3d52fce8ac9eea5ee68a6dcea01f5386966ac135e85bfba8fc8eecec5d8c70212e795d0dd76
Score

1^/10
behavioral3 behavioral4
- Target
  
  goodbyedpi-0.2.3rc1/1_russia_blacklist_dnsredir.cmd
- Size
  
  361B
- MD5
  
  06018c5958cddd1d0cf3135762aeb2eb
- SHA1
  
  42323a08fc5a9d9b600852cd587f0a7dd914858b
- SHA256
  
  472d9bd4f0366bb9478b6cd61302f12bf6cffbed038508a67087250bf610e355
- SHA512
  
  c49a4b90e08785401049dc374599404976d9a5e145ed0a034f18615d4b8a4c4cf8adc4b714ed7b68445e66546d9c59a5666846d71e70b7fba600659821f4a4f0
Score

1^/10
behavioral5 behavioral6
- Target
  
  goodbyedpi-0.2.3rc1/2_any_country.cmd
- Size
  
  204B
- MD5
  
  72103c58f2ed536ebc07e19fd00fa2f0
- SHA1
  
  cd37e3bfdc4dbeecfd945561b8538e328dcfe2f9
- SHA256
  
  17a3d7b8b1e1340f67d3687ce9162199c0a25025941d23954880808403487d07
- SHA512
  
  4270dfb825f03d41d5911db8cef7de43c58a0401d84bd72e047da6b9fc6753789c070c9fd61bb0145f70b47026ba70d9d18612fefd1314436998adb354de815b
Score

1^/10
behavioral7 behavioral8
- Target
  
  goodbyedpi-0.2.3rc1/2_any_country_dnsredir.cmd
- Size
  
  291B
- MD5
  
  77048213eb9358ff71f99667dd08034b
- SHA1
  
  cb35b4554e96f3a7089c103e911eab58c9369d53
- SHA256
  
  e599adb50f219cfbd620a21167b6cfc68e326da50836b5985826e45e88d247fe
- SHA512
  
  6af0c1281108ad7d61d61ae98ae84e5ad024fed32dd997e2f053dcb40a1d595cf76310ce36397791e747cad984a341a959fd4eb43d284cfcaf6cf17f7c5f7236
Score

1^/10
behavioral10 behavioral9
- Target
  
  goodbyedpi-0.2.3rc1/service_install_russia_blacklist.cmd
- Size
  
  660B
- MD5
  
  af6dac6686b77dc51203800737f41b75
- SHA1
  
  385568a96d92ca8206e45b6cf945b2fa11b29f80
- SHA256
  
  4d2068f04436998bdf003c430f7bc28f0d0fc7d48031b8a37983f84bad6374bb
- SHA512
  
  ae54f13ec18a71983b598f9f2d38231168b9f7de3238f6f742128331f2957e0a770b9502f2bf1997c8f6a6cb0c4bb90e9f4a8156ac807744141c51f4b0c4c49c
Score

1^/10
behavioral11 behavioral12
- Target
  
  goodbyedpi-0.2.3rc1/service_install_russia_blacklist_dnsredir.cmd
- Size
  
  747B
- MD5
  
  77b1d63472e67c4368961c463cc1d92c
- SHA1
  
  7653fa303944e6f2436ef72ad8a6d11eb6f8b95e
- SHA256
  
  450f2b003fb579f897eded1131c9e893afde7b2ebf07b86110449e57ed9a0da8
- SHA512
  
  67763f15836d456bd8713533599f2bc6d97d16887fc4078f5c5c36ec0b42beffc267e5eb9396f16aa350ce39a61c57ecc1c82e32068495a74489af68dacc3a31
Score

1^/10
behavioral13 behavioral14
- Target
  
  goodbyedpi-0.2.3rc1/service_remove.cmd
- Size
  
  272B
- MD5
  
  295c774295b7fab9f7e3100bf3a482da
- SHA1
  
  ddee388d720107a5959126e85e979daf9f6579b7
- SHA256
  
  d6f19938699e88198ace9206e417e1289f211e187cfed163d31172f97cb91d55
- SHA512
  
  dfca3ad06fcf73ecf1499828923a58f37d7ea82c531c3f71ed39ee98ec1be490a5220c5626ab45c817bbce7cb4362791fc3ee680511841dd317961ba0f346d54
Score

1^/10
behavioral15 behavioral16
- Target
  
  goodbyedpi-0.2.3rc1/x86/WinDivert.dll
- Size
  
  42KB
- MD5
  
  1cb0efd60883b5637b31bf46c34ae199
- SHA1
  
  b91de8d5f072f8c6aabd029d96568effdd5662d9
- SHA256
  
  625ffdd95bfabff32d0e8a95beabcd303c01c8bba73b90402d4e84d6e15dd8e5
- SHA512
  
  68c7c257b8cd28011f4b9af09b1e4c7b3d69c6f1457ca6f68fe114fcb382e470b87b9c12ca5d6d4aedd27a103a35fac9093c08b288867cceb9621a60ac70a6f7
- SSDEEP
  
  768:/BD4bCa+EfZ9+EwleNwYLWKkR9c5s1R2wdRt7JtXwxwprTKkimOyd:/BD4bCofZ8VYwYyKkR9c542wdRQ0TKkV
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  goodbyedpi-0.2.3rc1/x86/WinDivert32.sys
- Size
  
  75KB
- MD5
  
  cd477ee96ff05cacda8ac3c0e9316d7a
- SHA1
  
  68da0c17728aa672f140477b3822aefb5810c8b5
- SHA256
  
  29ca5ceb59c9c6993a349e82b1fd46078e6f8a302764153ab84fa22e382fcdca
- SHA512
  
  27e13504eb291a5324d824360532ca6d19c409022c72f5609ca55f92558388e3f25f1e8d657afd3d1e4f9ea9c082483c954d6f4e89df049e4f732383a04adcad
- SSDEEP
  
  1536:tVYIJtdRHzb+uzucD5GYLKYaU6s8BLcHWXizv65Q4:tmidRHzMcDQY/aC8B8gevL4
Score

1^/10
behavioral19
- Target
  
  goodbyedpi-0.2.3rc1/x86/WinDivert64.sys
- Size
  
  89KB
- MD5
  
  6a33620de63bccaf5e5314ee49cd58fb
- SHA1
  
  ac728b339681b2e27099fecc1419821f01d04b34
- SHA256
  
  e69b5ba3f0cd6cfb2983e442636e7f0b342b61b15264b0328317d4559c82cf50
- SHA512
  
  638d1b8aa4dc0e4ac504f51aaa3ec8375ccc3d69a4d36821f6bb98060b58586007f47966b9d58d222b9f067e12e80755f56559286cbabec8746146acaf24f945
- SSDEEP
  
  1536:8ovgCRgYL/h//oJJw5AdPtey2AyWpdsihch9WXi2v6MuO2:84jmJJsKle9A5pdsiqg/vsO2
Score

1^/10
behavioral20
- Target
  
  goodbyedpi-0.2.3rc1/x86/goodbyedpi.exe
- Size
  
  95KB
- MD5
  
  92a6c37a997fba11f9e26995925cbee6
- SHA1
  
  e00bd8465497427230c856089c36c64afc70c677
- SHA256
  
  da0884d6b282ff934c0d7392a50efca03c65943b6e2b6254e14e81420f0ebb5f
- SHA512
  
  68edb1ee011aa610fdaa53047a89f8f7498848832c46f5fb5bfd289090fd77e49560d13dc8ce5996203074cf5e158d4225152878b30e44135423f520d03901d9
- SSDEEP
  
  1536:XWN1zD41iCUdArHzfLDbnT/r3jP7HfLDvbnT/r3jP7HzfLXDblvaHZf6EUfVXe1B:GjzD41iLdYHzfLDbnT/r3jP7HfLDvbnC
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  goodbyedpi-0.2.3rc1/x86_64/WinDivert.dll
- Size
  
  46KB
- MD5
  
  88e1c19b978436258f7c938013408a8a
- SHA1
  
  09b77c8c85757e11667a7b83231598dd67fe0b8b
- SHA256
  
  6110bfa44667405179c3e15e12af1b62037e447ed59b054b19042032995e6c7e
- SHA512
  
  eaa0d8369b76fd9a4978f14702716ae31d801cd0dc36a86531f9320b4ddb683265c4f0e07af2b9d2e85f513270d98d1b11ae7d501d08287442bc505176d16e14
- SSDEEP
  
  768:itSVluu2agCfRSB3QEw2VWHxWYuaO6JXtltdUUwhqWB8TicI:bUZWECHxWDABdIyTic
Score

1^/10
behavioral23 behavioral24
- Target
  
  goodbyedpi-0.2.3rc1/x86_64/WinDivert64.sys
- Size
  
  89KB
- MD5
  
  6a33620de63bccaf5e5314ee49cd58fb
- SHA1
  
  ac728b339681b2e27099fecc1419821f01d04b34
- SHA256
  
  e69b5ba3f0cd6cfb2983e442636e7f0b342b61b15264b0328317d4559c82cf50
- SHA512
  
  638d1b8aa4dc0e4ac504f51aaa3ec8375ccc3d69a4d36821f6bb98060b58586007f47966b9d58d222b9f067e12e80755f56559286cbabec8746146acaf24f945
- SSDEEP
  
  1536:8ovgCRgYL/h//oJJw5AdPtey2AyWpdsihch9WXi2v6MuO2:84jmJJsKle9A5pdsiqg/vsO2
Score

1^/10
behavioral25
- Target
  
  goodbyedpi-0.2.3rc1/x86_64/goodbyedpi.exe
- Size
  
  95KB
- MD5
  
  fd680538c2a80dc54c63ae39c3563fbd
- SHA1
  
  34fc71b71ab4361a68bf8355e9b2f54dd8cf910f
- SHA256
  
  fa9a32ae6eb24e2290941ea60f80e914168e1f84e900293bffd4393fb9a8fae2
- SHA512
  
  8bae7d75dcaf708433504e8b725da41f051fdaffccfc2e27e2450f89866b8d113a2782a11c54e1dbf03e5db22b883eaf7bea8cfd2472e67c7eebabc9de2ef838
- SSDEEP
  
  1536:uS4122+admkx3xg+s8ZtkhMvIpylYTvf6EEXUaSsGe0yNgnIcm:/4122+admkx6cZi0IvUasKUgID
Score

1^/10
behavioral26 behavioral27

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

BITS Jobs

T1197

Privilege Escalation

Defense Evasion

BITS Jobs

T1197

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Download via BitsAdmin

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27