246b9cd12a9223e2391eba6bceea79015b598b701a22294bd4373355a3b47c2e | Triage

Sharing

General

Target

246b9cd12a9223e2391eba6bceea79015b598b701a22294bd4373355a3b47c2e
Size

3.1MB
Sample

240823-cz1vms1cjf
MD5

447cc929e22d945be32f61d789b31cfc
SHA1

e9a7f04caddd225927a3f0f3386cd77a9350dafd
SHA256

246b9cd12a9223e2391eba6bceea79015b598b701a22294bd4373355a3b47c2e
SHA512

f5527e03bd04e2ddba56ef808679980bb51f02ffeb97b81c0d193012765c95308dd7856e8ffa24e1473bb616263cb9051f90e1abb87224955728e819e4db1748
SSDEEP

98304:QadtZB4+RJdlKXTgq/antI0CmO0QFB5sfHyqET:QabZB4+RJdlC03CDdcfQT

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  WinTools.net Ultimate/Help/english.chm
- Size
  
  37KB
- MD5
  
  d4c3c6b9c70894be6a2634d915625e9d
- SHA1
  
  7da32635c65a4a181dc9bd78acde95891c30295f
- SHA256
  
  75dd050b11c97d099d1face3436773fee5c8ecd4d68e8a29fa75916a99a68bf8
- SHA512
  
  06cf01d879a9aab9bbbca6abd440463065f8cd5a1397dc155530bb51ce96fc5b9041f3ff2a9fb8c70b01ec2c54022a83f3382997a589e887d49d4676ea862e48
- SSDEEP
  
  768:8MgzjEj3rxouyMFK1VKaaN0bkafUJlaEhvEVyTICyg07hTN:8Mgssii4a0OffUmuvEVRPj
Score

1^/10
behavioral1 behavioral2
- Target
  
  WinTools.net Ultimate/Help/german.chm
- Size
  
  32KB
- MD5
  
  de697f0e0164beb84668d197d881b730
- SHA1
  
  2addd2faab18c7c3e473672337be1bf18483ad34
- SHA256
  
  56dd11ff924506a67b809464cab806de7fd1d796ae4ccddeb29b3896442b0c21
- SHA512
  
  7138fba311254812dc1fec5cc88e10006192c44bfcea268b84f8b2d752534c9c7bb8321b05e49e2061a469de24b28ea30e98616740e0b471a924b3e4ad5b1609
- SSDEEP
  
  768:UrGpLODv29uLJp6FZ8cNb1fjrW2vIpKx2:UrGpL7E36Fdr1vIph
Score

1^/10
behavioral3 behavioral4
- Target
  
  WinTools.net Ultimate/Help/nederlands.chm
- Size
  
  39KB
- MD5
  
  d699cfbd1a4f2643d36182e50bdeb14b
- SHA1
  
  34dd184b8e04830e489b5dd5b5e5a54f7a8e464a
- SHA256
  
  975cdc55e13101b156af616998a7c9a37a0e9ccf762b578f4756d43af66f3766
- SHA512
  
  80514c6262a37025cc7fb1b14059f4a723b584666f190f749964dbdbc1605fd68577779e484371f74af4151a0d548eaff52cd6eb7a9a7a130f38da841c94545a
- SSDEEP
  
  768:g/btLRz9FhV/vGhxgwOejyehxOfISPNU68C4B:g/ZdHhRSrLx/SPNU68C4B
Score

1^/10
behavioral5 behavioral6
- Target
  
  WinTools.net Ultimate/Help/russian.chm
- Size
  
  20KB
- MD5
  
  8798381375e4c8432e8a3352afabf95f
- SHA1
  
  dc6f4e4f808b6ec8061e0fe14e339f2026058fe7
- SHA256
  
  ff9d448c09967478495ebadf42f576549dd156fe0b9ef8ffd00d4d2c932d4aeb
- SHA512
  
  d1f02d9d59a9912f3cf732b8ef10691e58c40b79183e8d5eb926bfa2ec9a51170a39d972d1c5753d52db3cb8c9700f4ac2ba8e43b7abc25beb7253b03609efca
- SSDEEP
  
  192:ofoxtqolMfAUntwQox1pfcpe17+yKRBWctdOS/zgiiR8g9IwVqR7:ofoHqojIt+ncQRK7USr6RBBq9
Score

1^/10
behavioral7 behavioral8
- Target
  
  WinTools.net Ultimate/Help/spanish.chm
- Size
  
  29KB
- MD5
  
  279fb2fdea11598eaee63b6717bd92c3
- SHA1
  
  3b70f36fbd2879b4ed925cfbb2edfadda8d748b6
- SHA256
  
  1079c05b8cdc3814b52cb245c1462a1c2e56177e028e9373df74077bbf2c581d
- SHA512
  
  55dc95b50fff85aedf13dc9a6c20d5fc8a94ec4494e3d486536f4f8681624d9db9c850e4556a1791184e7e5044422825313008dba0e4b34a44682e222dcec4d4
- SSDEEP
  
  384:Q5wflEGNAkOqEtjboQeC1hCe4R+0nAJKSb3pMikRFqR5Ig09w3B46sXWS9sby:Q5wfvL9e4PAPGikRFqRB0m3B46sXWxy
Score

1^/10
behavioral10 behavioral9
- Target
  
  WinTools.net Ultimate/Language.exe
- Size
  
  177KB
- MD5
  
  700607f40de3d06726994ee3629a1f82
- SHA1
  
  3ce7d64f1bce8faa9cc2f269fb7ceb3a68c470df
- SHA256
  
  ecfbffa2ccc5fb2b94d8548b2b695207c8c63106d05c1c52b5c1e39969ff9e67
- SHA512
  
  749f649d7e7bf2aaa6280e3e5451df88aa6068175b79c6940a37ff372268d6f725cd905b441f87acdd841b9474d3985d42b0e1018da2f77363db607dcba91afd
- SSDEEP
  
  3072:zKL6fPGgoLu5gwepyLUOMsL7Ynfj2eXYSmlqg/7TbOSPPOjLOoKpl0:mL6HGgUtQT9kfjhulqATRng0U
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  WinTools.net Ultimate/WinToolsNet.exe
- Size
  
  2.8MB
- MD5
  
  c0218d32754ecc51c44f183cf06982b4
- SHA1
  
  1adb184201f33ef1c5b6c4a0d5fe2b2068cc3918
- SHA256
  
  b10e893615c5fe410d14d3f282d85cff73f07f0828595b68ace9dcf4d32933ac
- SHA512
  
  cd53481bc95bfd8d3bbac15aca988bb7a5ed463a1dd838a1187f62f19c5dcad47a1180d0db4b80eddfd083cc695d9ada32b939f8f7ac78d94fbe6815853f203c
- SSDEEP
  
  49152:E5mvPhVCPgAxOY1ntFh8U+HWbfiMpa3O/lcOU7m6Ccq:mmh5AIY1nt38n2TiMpwOU7rq
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  WinTools.net Ultimate/unins000.exe
- Size
  
  701KB
- MD5
  
  399a50dd5c4f89c8e5dc803ef8c96903
- SHA1
  
  bdcb019dc1e937704197393b4b9c3a671dd2d13f
- SHA256
  
  5489c99996c2ea34e8272d778d2a3576544f8c01c278cf029b35b83baef3224e
- SHA512
  
  e7f04ddbc1e9fc597e8fe4758f139c9d49c381a750c13a7727254008901258de32e4f02ddb8c6d602593309b99d83497d855045e143414e7eede37724808d174
- SSDEEP
  
  12288:c0QfKb7nH5lrPo37AzHTA63I0ihE4qE7prN9cgKARpkZXYu7XEx97G:ofKbT5lrPo37AzHTA63/cfqAcgKckZIy
Score

7^/10

discovery
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral15 behavioral16

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16