b9af69ac821a649f211c99e3edf32a76a213e9450b5e972a6cdda5758af530dd

Target

Application Files - system32.zip
Size

200.3MB
Sample

240823-bsm5jazhpp
MD5

9e13c0126b7f608956f951212b77efdb
SHA1

7c486a0f69ad4f21be45954df7bdc2f4ce9b0dad
SHA256

b9af69ac821a649f211c99e3edf32a76a213e9450b5e972a6cdda5758af530dd
SHA512

15b133823bf17179d3f806893480c77082d8a6442d885cfd5f1c77d8fdd476cafe63201fa030d60dbc812d9c9be8e8db71d83a714a4c40d8f59dbf28b9528ab5
SSDEEP

6291456:nENHZIGVuWulErUOn39qvc00IYv6EbEJY7CqQubcGX:qZRulE54vcbv6tluQGX

Score

5^/10

persistence privilege_escalation

Malware Config

Targets

- Target
  
  ddodiag.exe
- Size
  
  68KB
- MD5
  
  0581dbc3715ec547372261e95caae080
- SHA1
  
  f6838fec32d75aa564bd56561c8b24683c9658be
- SHA256
  
  48bb5bdf5436a2545528d9f6a50c154865b556cbbccdbc5969cf62ec2a7e362b
- SHA512
  
  a933092c9903b4342f20e2f61c5b5cd34b2ae58e212bf1fa929a4fe20cb6e2b4e45fa0954ca92529f07dc6863c01975998f9d3e778f18422fa2ccab0c900c516
- SSDEEP
  
  1536:vs2brg7S1DqJBGK/hc3aZkLmMgMaouZl6iTOJtt1UI:vrXUasm
Score

1^/10
behavioral1
- Target
  
  deploymentcsphelper.exe
- Size
  
  56KB
- MD5
  
  7a488ab4c0e6852610b6841e6f8452e3
- SHA1
  
  351a0e973c42009d5a8f29438b3a569546005c67
- SHA256
  
  fe85af963288dbb292408a000243dadfc21690d58439373227230cfd111b6090
- SHA512
  
  186fa8ce38d990e593652505d22b1c2f1c727a7266121b6537112a58af208f50191a29be0dd13ec0ffeba894aa87017f150ab6b77a968811f51ab5186e65197b
- SSDEEP
  
  768:et9w6pFX8/ceuw6Aqjcwbml07Bw+9x9z:QHFXlF6+myxt
Score

1^/10
behavioral2
- Target
  
  desktopimgdownldr.exe
- Size
  
  152KB
- MD5
  
  70255e8c8bbb5f01d9354f111f6dfe8c
- SHA1
  
  56d529030718c43b3c4415737820fc36d17fccd4
- SHA256
  
  59c4e7f6a92ce1ff5c5660dd91a20de67a5dc10ec25d58b6cd5f3f73d04fd324
- SHA512
  
  80c9440fa479235235d59b48a606ef4cbaa0bfa6d6b8239bf49f296e9a8ffa1e49971162efa485f71f5243e2beae52df2cbea34371a4d2c1244768626434acc1
- SSDEEP
  
  3072:Vdps+1ZBrJWwfKVAeUgr2EIKPdnJKFMyyrrunXSTJL1ruDAAf5T:Vd2Mn8IKFn9VKsGAAf5
Score

1^/10
behavioral3
- Target
  
  dfrgui.exe
- Size
  
  136KB
- MD5
  
  87db68334feab8038a7e147296bc56c6
- SHA1
  
  6a471bbf0fc60c1e3e4c9055c55c37a5bf50a78a
- SHA256
  
  59c2107664e7ea21ce9f90bfcc2ac498ed8d1c87b2959069924c1eb8d4d42955
- SHA512
  
  0713797ab96c357b9487d12a7f736c1729d882f01345c5170078aa87711f563cf20010c9e8352c61d625bf30c5ccf5845b268ee7ec0e249d86db1cf93c0454f8
- SSDEEP
  
  3072:+3XdbBN9PSgedIahbz2nxihBX4Nq1u+BsmnLkJKk/UEAZC7x:odbBN9PSgedIahbzrTX481uIs2O
Score

1^/10
behavioral4
- Target
  
  dialer.exe
- Size
  
  56KB
- MD5
  
  d6bb90ef02bedae431eddd5f06cbefe1
- SHA1
  
  cea31fc0122e4aef4a6991322c643c2317574794
- SHA256
  
  a8a147051824b7839176f109d15dd033f1765f6d0f3f4d4149aa14e5aa5b0da3
- SHA512
  
  80acf5e76666cd0123b99a0e8d20b862a4ea37971627bbca14a855829f0630852ac35e8ccfb9a5208885ff58555bcfcee9a3135c2f3ed728bb13df446dd26f4b
- SSDEEP
  
  768:qr44yI9nX8Wk5kXkK9qEsXtc+Ih0FMlGQSYpuNeolWOm4Jg5tSd:qr4pcX8Wk5kkEsXt0V1pydm4mSd
Score

1^/10
behavioral5
- Target
  
  directxdatabaseupdater.exe
- Size
  
  172KB
- MD5
  
  02e79e6dcfd28c1b07a96229ee3a6f1d
- SHA1
  
  a04c5ac233fa0a47d717722e8bce8d0a9e0fadbb
- SHA256
  
  b1c43c8cec143039044cf52232279eab95bd1a076cf9971eab2b36d1efdcb654
- SHA512
  
  606275dd29f32634232969a25bfd3434fa0e1386d277507489b9998984641de6d029432c920e311286aa07af4e6047e1da91e0ee6dce2d1708915808dc21b51c
- SSDEEP
  
  3072:nQddDCArvsgXWeuUgrfEguBbwtzwTHhH5IexK:kCADu/zXuBbQuBH5
Score

1^/10
behavioral6
- Target
  
  diskpart.exe
- Size
  
  176KB
- MD5
  
  0676bc64eb3a629d312c12101ee8ef27
- SHA1
  
  0bc158701353a8102bf941ad04f0d9294ce8c1d3
- SHA256
  
  8263f9e3aa799c961174e876236d5e49de77efa9ad7497768887d35671692566
- SHA512
  
  f9d8abd1fe06e11ae795c62269776926167bbb517a163cd6121d3117b17239ccc9d2adbc893fc04b4e47b302c22d3366107f9ad17caac55168f9fba28665f01e
- SSDEEP
  
  3072:lAYoKaV0g1QS7gwjGB89G2mb3hYXtC87UyikdWgZB7GVx1+bdMy++Zfo9p9YyC5U:lJoKaVr1QS7gwjGB8o2+hYXtC87Uyikl
Score

1^/10
behavioral7
- Target
  
  diskperf.exe
- Size
  
  44KB
- MD5
  
  e65f4cc956468eac72d56d45310ba7e3
- SHA1
  
  90e828a7fc3dde88e7ee66c1aa143f350df8763b
- SHA256
  
  ae27b4847fe79b06177996a671a2e7a964f390af1bc60decbf73347d846869a8
- SHA512
  
  930d738161c7a455f72f088f7d7f6f329be27b1b2a92b20e48d933e62d87d3bf31b9d88cd6786ae4e66e352339fd04b0a8c2f2192ebfd26138e303364dc526a3
- SSDEEP
  
  384:aaieOJdmrYv5ZDKh4FXexG8kI5dixvVVDhTl58wRiOMkW495bEZeufZZhCdlWjJx:pO1nDI4oJkVX8wRiOMyQZ1ZZhCWX
Score

1^/10
behavioral8
- Target
  
  diskraid.exe
- Size
  
  360KB
- MD5
  
  229592d7c7778f5126ce353802dde17f
- SHA1
  
  bf9af419f584302ed1c8f8e8781c1ede66ca5c60
- SHA256
  
  03b0bb59daed6362d651e5f983ff7d57aa63d06ffee7c195610909434081994f
- SHA512
  
  1b96815039a3b43c618b94bcb81338c01ea06916abbbae1bbf7bb856e162dfee500069b7c62f2126f52227c4d69c53dafc4c5d82c4f8ea3d6fcdd7ce27fbfa2c
- SSDEEP
  
  6144:pUz4megqUW83RSHVrhSYgApvq1Evfnt9V+ujbr32YyBasLpTwUZPmaEsMUUsU1p5:pUz4megqUW83RSHVrhSYgApv4Ennt9V7
Score

1^/10
behavioral9
- Target
  
  diskusage.exe
- Size
  
  68KB
- MD5
  
  49dce1a7c1d54a82ba6d87b62f264974
- SHA1
  
  29ac10778cfe5b27e827d46cb218e0798ac827f7
- SHA256
  
  ace15e1e96bb34f2ec4ab93d70a0efd28a1d3f2fcb6d361895e6c341014e5118
- SHA512
  
  11a0e67c51dbec588a4e433852e04627ef0eb46acd29fd2a7c70685379ea61784d98828953e969959a84b34118bdd6a3005028dc78a5618432f835d34f20149c
- SSDEEP
  
  768:otM29TpcVFHfOdZNdVwhcFHiucUic/USnSIlbOjQnwrUcfkBJaZM9:F17HDyVcNQxflqCYdfjZM9
Score

1^/10
behavioral10
- Target
  
  dispdiag.exe
- Size
  
  136KB
- MD5
  
  14fb9f8b35a8486d05af9a41bed05480
- SHA1
  
  f04b78fb94745d071b693fb996d5bc7edc15dc08
- SHA256
  
  b2365f5817e826489bdab47fd77e0751335f12b68e4fc2bc77971ff54b804ada
- SHA512
  
  e11f9e2ba3e138b7b846ac7424bc0c160e15b4f6f46e59765868a3b4e91f8c53fd2eb7fec42f063be3938cfc545d3af64771ac580306566b138fdd56064f08c0
- SSDEEP
  
  3072:1keRaCBlUyGlxu6gLW/N21V+lbYM4kghsI:C+hBlUyGlxuTLdjmYrkghs
Score

5^/10
- Checks system information in the registry
  System information is often read in order to detect sandboxing environments.
behavioral11
- Target
  
  djoin.exe
- Size
  
  100KB
- MD5
  
  963ec75c3ef1a9b6422ba4cc79156459
- SHA1
  
  f11984013497685683ac889ed1e818243d12099f
- SHA256
  
  05d576742a3d4c092a7d1f2c586b37e3236052bed0492c4604e5370d3436db89
- SHA512
  
  c797d4d3eb7f5f795305862188d1e8e4c4aa26ac1ade739228df0647b0d3bf26e0de87aaf5031013915a9e1dab6604754e7419d59ec932b9a41bb25c211f4fa4
- SSDEEP
  
  768:OAtclOjsn26el00E75FNARwApEYa8bPPP976+AIj8FGdDMoG18Y3arb0CPRRQJ6J:1d3LEMtp1p7LGaSF3aXdRRQJ
Score

1^/10
behavioral12
- Target
  
  dllhost.exe
- Size
  
  45KB
- MD5
  
  144fa51a15e98d84d28eeab815bc9a8b
- SHA1
  
  c521025c55687c1f29b1f3a3c69b3d152ce84981
- SHA256
  
  fdfad08eadd54a431e431febe60e87b574ce90e5502ed0be2f026a1828120fc6
- SHA512
  
  f0913ebc532d85362ee3192139bcd8ebb20bc1ec6a98c6cefa84797dd9656fea7fd6c32b60f72d6a43bef5400312e326197bc7c76c06ad7d93f35dec32a24f24
- SSDEEP
  
  384:S/V4tpd7kYktwVVt6cPa/WA5WIDBRJBjK61x85zR9ztSxY:k47kt6wcCrX1PBH109zYy
Score

1^/10
behavioral13
- Target
  
  dllhst3g.exe
- Size
  
  36KB
- MD5
  
  dd7427cafabaf8eec7d4b2460f439ec9
- SHA1
  
  58b5dfdc1a8f292ee11f9278dbc6b173755715b3
- SHA256
  
  bcac93eada95f030e60b4cdfb693589019dcb76b0aa037d5e71bb004d1b4d0f9
- SHA512
  
  b6d8db40484985ef6e8b4846ec75817df7a5d5093718e50c135bdff4d4e81a2a876aab3ee9164c7157deb93be587167c5ff4b3fdcbc2b797f2b84680ff14eff6
- SSDEEP
  
  192:lGUF/2Hy4tGswK2eec7kYktwewUWp/iq89aluaEZcPXLmPWZyW:lb/V4tpd7kYktwewUW8q6cPaPWZyW
Score

1^/10
behavioral14
- Target
  
  dmcertinst.exe
- Size
  
  200KB
- MD5
  
  d4f0af963723f8d7d154db4ccafaca5b
- SHA1
  
  8469a12618d686e306005e289507cd4498dcff1b
- SHA256
  
  9fdd8e87fd008eb005e18c16ff5d0e148ac79706be39ad7acdf7741f1357ec24
- SHA512
  
  934ac4323ea04c0edc6d9bf799c5fbd69c921fc365cf9205fab076254850f77886d213b7fb088481822eb71c3912e664b71e1bb78c97298606eb75d21ffab96f
- SSDEEP
  
  3072:yfdpUVm3GEB8Bjq59SD0SR6D3C48C0+yz/FKz3MXOxVpKeJaPh:yl6s3GEfnSL6D3C46groOEeJaP
Score

1^/10
behavioral15
- Target
  
  dmcfghost.exe
- Size
  
  60KB
- MD5
  
  a1b66e574b15fda8cde392bd2039ad97
- SHA1
  
  c9ea9885b3653758dfd21c8863010c34109a8eeb
- SHA256
  
  a6988232d6cee531e7a3a1b01b579f3d392c637e0b0372e2a448effe7b5835b2
- SHA512
  
  20f84a5d918c1a35aa6b7775c56695a8982947b2a21e13a8c085ae27135fb0927eae63b552bb599578215bcd75bfe3b5d43d4223f501fa5ad95b0430927c87b1
- SSDEEP
  
  768:bo/lJHRHMkaAM1DzCo1rbvWZl0dJ91M3KQiUPQ:bGP7aAM1DNbvWZ+dv1M3diUPQ
Score

1^/10
behavioral16
- Target
  
  dmclient.exe
- Size
  
  160KB
- MD5
  
  2600dd80251392cc98c0329b0cb607a3
- SHA1
  
  964b33d021c411d9ec6bf2471d7606e21c35bf2b
- SHA256
  
  dbea593c79e1c42c98ac2f82830a8005247651b9dcd27b03de85bc9dadb8c056
- SHA512
  
  3b2f4fac6cffa723fe5fda9597764acf754a52655068b1be8dc0113c9980e7088116883eadb1227b83d9313e9dbf39f76f20fd89f2d679b1a518b8f282332778
- SSDEEP
  
  3072:swpfteBpw/EUG8hnQovLra+7A8SnL7UtSxD2a:swdteBpaG8GeaDfUtwq
Score

1^/10
behavioral17
- Target
  
  dnscacheugc.exe
- Size
  
  56KB
- MD5
  
  3a8f14a3351a4517be88df90eec93530
- SHA1
  
  14e7cf2f217e38514e834efa2046b5c45a450aa7
- SHA256
  
  744c58569bb1c45c9048d8c35f0a93276c41c4e00a5cc26f962f1c1a92615d48
- SHA512
  
  901937e13f6871a1daedc969eb95837ad37baaf7ed6788e37e6f5a6278f79dcec87e3b4246b248ca0e38b5ef26fc3d4c2eab4e5b532774a2de6e8482d79f5f56
- SSDEEP
  
  768:vP0MKqATgUTXBh7kU7CCZ1rRnDvsI8+f1BLB:vMhqxe8+frB
Score

4^/10
behavioral18
- Target
  
  doskey.exe
- Size
  
  40KB
- MD5
  
  814d40a7b47cd3eaacc406f7260419f7
- SHA1
  
  40120f41f4f272818622bad3e19c5093eeed07cc
- SHA256
  
  aeeda41f56f3ceb3e5b8c6b646d88b4d6ca888fe9b504c3fc723afa7b054f6d3
- SHA512
  
  72048ad9632c9180a1b06a207fa2ccd7747ff6ecfd99db6346c4e678a9533ec37650877b8ca4273c6c5a89f0621f88f04f53438672dc055b51485c23f5fb90e0
- SSDEEP
  
  384:wE5X8STH/48WvFJ4gjQpGXyG62lIKaCTvJuyuzCB5VyYXWIiW:nVTHw8WvFJ4gjdb68IKaaMoryYb
Score

1^/10
behavioral19
- Target
  
  dpapimig.exe
- Size
  
  96KB
- MD5
  
  5b1019c77497ef7e9cf63b4fcb021d3d
- SHA1
  
  e7bde015e862dae02dd1b493592b47d0ba307a68
- SHA256
  
  9f653b0de6d7ee5cb7cc3eb1b13cdf7684c234cd7f9d30c0fb4b779f78511dd4
- SHA512
  
  34642b1188fab4575cdb49db94223610837af40e202dd5b476d595bd6e689f735428d3932230478430b8f7e51f95febaf430758abe039ad6380785648ea3c5dc
- SSDEEP
  
  1536:cPyqd9aqo5BUMZW2Z00l3uU1HIED1fCbWpygzU:cPlfalImhuSJj16bE
Score

1^/10
behavioral20
- Target
  
  dpnsvr.exe
- Size
  
  32KB
- MD5
  
  959fbac45669cae07c0768cc73331d82
- SHA1
  
  cc2b540caee9875ce73c1b195ca1257d8f5e1e32
- SHA256
  
  7fa71f7e5a1130035716cb0beb3638ba8512e0616ce0bddf15ea7d0adf923e68
- SHA512
  
  5b179ede8991c982f7bb75c24addf8bcfad19dff4013ca0fa222d3fb1e7e1253093842cc83221ea606b860ac8d4eb123ee9518ca8ec4ee5044661b905fae817e
- SSDEEP
  
  96:TZ/PPDVJPQQM2M8GsyJJmPpOMdsSAQqNCNjS6qtzrUdcHoUEWxuWw:T1PDNBuQPMMKQqEj+tzrGcqWxuW
Score

1^/10
behavioral21
- Target
  
  driverquery.exe
- Size
  
  100KB
- MD5
  
  93b681f8cec938806c03aba7ce2ee690
- SHA1
  
  128581c801249919b8df5036b61b1f6909039d96
- SHA256
  
  01f13ae42639cfff58b121de5db7edbf3e84199bd50a9f1e6bab8008b315824f
- SHA512
  
  07ddeab1de387e1faaf03598403f528d2f4c07e273889cff2ceae728e7ca7445b88191f3a985951c668f7def35c56ec4b17ab1383c40c355509dfa1b831b1a3f
- SSDEEP
  
  1536:7/OMeJFQVfNCXJetIO/v3vYX0BpDEjOhSJOFft1ExI/xTy8W:7Pagf8JeV/v3vYX0DNt7EG/xTY
Score

1^/10
behavioral22
- Target
  
  drvinst.exe
- Size
  
  372KB
- MD5
  
  dfc6d79b1ba8dade27a0ea6237cb3779
- SHA1
  
  0f5aba62c440a7dacba0b231a0d7116c53df5b38
- SHA256
  
  9b0de4ba75e729c1249ba580a885f6a9af950795b7f60019fe9cdc112d896178
- SHA512
  
  4fe0139dcf86a2446ee059ddf193b9a819ce26d7ec2405b0378eb2f4a4d987b6867275081531d53edbd983b426ed0deac93a41c2be7d03169d966fda8e8b1de1
- SSDEEP
  
  6144:GSj/97KCJNK4M1jxTcdlZHRxIamTIFx+//dzqwHtE1Tth+vD:GSj/97hK4eVcnZRxIamF/ZqwHtKtgvD
Score

1^/10
behavioral23
- Target
  
  ntprint.exe
- Size
  
  84KB
- MD5
  
  9c9f0e440b3f2a59b8292299442fdfa1
- SHA1
  
  3c509e54cdd24828f67d763804e211a350e26d3a
- SHA256
  
  fe93b4eef86a785063856d640cb2934a52edd3fef1ba2396abd1cc445e6a4cda
- SHA512
  
  af3b6aa0a6587fab997aec4164cb42716340180163c403ae68fdbe5fef750ad0e49490c7858a2384b2503fea474c0fafbe1f237433392d0a77fa9a0e61e494ec
- SSDEEP
  
  768:oKYNAw95vI1iQfCIWVM9G4qW4ne+S/ly+PKAoXRZX6fbX57UWkCRPPA7/Qnm:vYzxVIPd4n+lbeRZIbSQPPA7f
Score

1^/10
behavioral24
- Target
  
  nvspinfo.exe
- Size
  
  429KB
- MD5
  
  b921f42c5509b972ce6786181ca555d6
- SHA1
  
  4c4f176b81d50e0f348ac91b387ed8c695ae71c8
- SHA256
  
  a105d8da64be0c42181dce01d08e8ce5d1bb8206b7a540bb69c040076f1a20fd
- SHA512
  
  51f52cb529aeffd1d1a3ae01722e32b4910977b21c3b357744ded1b46bb7c84e2fdaec6d252cc1c8b4bf55ae0836ec8723183a9d30d97bae614b6fdf8462ef0c
- SSDEEP
  
  6144:XSyEkWuswnykmtRLNJt418a1Mbhaa5RemtWXPkzfaTRyKjhgb8XIO:XSyEkWuNyksNJt4Oa18qTAayO
Score

1^/10
behavioral25
- Target
  
  odbcad32.exe
- Size
  
  96KB
- MD5
  
  44fa6db6625824cffcf3ef79a3b8e9d0
- SHA1
  
  b2d4826a1b8e6d064d3a1feb83e26cfc7cf1b163
- SHA256
  
  de81891d9f950638de932c24022cd03f1b783a80305be66b9d26a7802831cfc2
- SHA512
  
  d634247ce58b3d879386b5f616a5b3fa7ba2d2fd8b8d4e7e2d4b4a510986c52838ccf14505402ed84323015d27feb91e4fc20629e2468e9d4d7d766e96ed4580
- SSDEEP
  
  1536:9yoisiArDytv3Jrz6q9EyYt9FlUIlbvBjIloW:9frUUKI9jo
Score

1^/10
behavioral26
- Target
  
  odbcconf.exe
- Size
  
  44KB
- MD5
  
  e5bf9b951d735aa3bc89fa9f7d22972f
- SHA1
  
  2c84ac264aec7299450b620efc6390dd72a16b3a
- SHA256
  
  7c9295bd46577bf3b288419ce6f61b579335a0725d33bd15c045ac73f57af77b
- SHA512
  
  98147190abed1b695bda56f667e68cfde18bc89869dcd4e54a6e8df864c0b72ff5aec7b269ef91079ddd07142f0f41ddbb42d2f1ab7a8b162233bb2e5c130c70
- SSDEEP
  
  768:wJJF9+mlMey91Dk2wICe8AmvvBksZQRtd:wJ/lAW2wICe8AmHCtd
Score

1^/10
behavioral27
- Target
  
  ofdeploy.exe
- Size
  
  96KB
- MD5
  
  cf2ae52e81273f725aff73d1de0efa39
- SHA1
  
  9ce21104b10cc69386890dd98a91fab6fc0a69e6
- SHA256
  
  8ec9094e7632845fd73eb51aecb654db79c0c650bc121bc28c27855a3ed8762e
- SHA512
  
  37674491038e633ea252a6bf502a4756c994a1a32bfd23e7aa76eba691a96743942e8bafcb2cc72cda91ed7d4d5f7cdaea84e8883ace37bcfefc0598ca883ce1
- SSDEEP
  
  1536:24IdtssDxqXLjPHUowzJjQ6qRFLGKgR/hLivaPy3+sFssss+/in5S8+rKRefg:cdtsiIwzJj5qRFoiv0/inUZrqkg
Score

1^/10
behavioral28
- Target
  
  omadmclient.exe
- Size
  
  468KB
- MD5
  
  a5aaee3ef6de79f72c77a2298e089d59
- SHA1
  
  57de3d56383c91e0c7bc91766effd3fb4e9d7df4
- SHA256
  
  1af4841ac3264058b2e6632239d5c83d7258782a165079a9808ce59086c97c81
- SHA512
  
  3d5d0ba1e391720551844a14cb708b3eb72c7a9ac6284e0741dc42d98992c8984334b9b9026ff6d76a60c7a13125e2ea09b3c3d7ce46ee021f7d412573e9b0f9
- SSDEEP
  
  6144:+NnwSVdUNOhezvplYvjCpnUdsKklpLf87qCve9UhAlAF5RnJZqY0CY1gKPInAlq:+J/V2NtzvkupnI8E7DveFspz0xR
Score

1^/10
behavioral29
- Target
  
  omadmprc.exe
- Size
  
  136KB
- MD5
  
  71d5ad040f2c3f29af08ddc45547823e
- SHA1
  
  8a8cebaee45609978d077a22fd0d48cceee622f3
- SHA256
  
  0bd0c85e588364cac217601d3d6edbbf22f423b2cf3a927353019408c4949cc5
- SHA512
  
  c00b864520de1dbca1f242c1e8689f046817f73fdb0d788d8a29d756210baec4e9cc4f0211c9266a0ca2813a68b8893d63132cb06411493942f9e567b5db4da3
- SSDEEP
  
  3072:6tpjAtCSmXvaywMr1zm9vvNC+/dTniLDHtLfwGPO:MBXSNywMr1zMvojLfwk
Score

1^/10
behavioral30
- Target
  
  openfiles.exe
- Size
  
  88KB
- MD5
  
  d1ed1ed27f9f52c8c6e8b733f2dd3750
- SHA1
  
  703acea93a7fd4b0e4983227841e7193c87cf564
- SHA256
  
  587c1fd10e63b9f4db9bf1a659a4945e142d3aa460a6bf33beb0526da06f2ba8
- SHA512
  
  722941cea79f94d9b882db886299c3b6106c07e69476ccd944003f1fbcda5fcb8a921396aa7504a410befacb6ad2601e6cf39d48409048bd5615013a0f60c8c1
- SSDEEP
  
  1536:twIif01zSNGmbLwNcBDQTNXTrGGBr4pEj5vyA6jHPl3+fmIvrFAxLJt:tmf01m7kNcBjGBr4pEIAuvlX8rFAxLn
Score

1^/10
behavioral31
- Target
  
  osk.exe
- Size
  
  556KB
- MD5
  
  8c818d3b035f59617219ef5ca11ca719
- SHA1
  
  e62f9333eee8a10216702dbafcdee0bffc6a6304
- SHA256
  
  6923821e5f4d8105693fa37230717a2b3ab354db96ad716e596a2ec9f43dec45
- SHA512
  
  a7320efb278658d2d2e3604eeda94a83b58b5882206541599d6f3ca8f49e6f0ce72594f67342cfaf22e3dfbcf8524ae6d824c75286964ce6dd82cb9a4cefcf44
- SSDEEP
  
  6144:8pYCH/VPNW3QuJgUjE4dac1Oc5RNU0w7lslnCUGw/xIRLtxIRLuovZ:fg/DMQggUjBU0w7lzaoo
Score

3^/10

persistence privilege_escalation
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

T1546

Accessibility Features

T1546.008

Privilege Escalation

Event Triggered Execution

T1546

Accessibility Features

T1546.008

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Checks system information in the registry

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32