b9af69ac821a649f211c99e3edf32a76a213e9450b5e972a6cdda5758af530dd

Target

Application Files - system32.zip
Size

200.3MB
Sample

240823-rjcv7sydnd
MD5

9e13c0126b7f608956f951212b77efdb
SHA1

7c486a0f69ad4f21be45954df7bdc2f4ce9b0dad
SHA256

b9af69ac821a649f211c99e3edf32a76a213e9450b5e972a6cdda5758af530dd
SHA512

15b133823bf17179d3f806893480c77082d8a6442d885cfd5f1c77d8fdd476cafe63201fa030d60dbc812d9c9be8e8db71d83a714a4c40d8f59dbf28b9528ab5
SSDEEP

6291456:nENHZIGVuWulErUOn39qvc00IYv6EbEJY7CqQubcGX:qZRulE54vcbv6tluQGX

Score

7^/10

Malware Config

Targets

- Target
  
  EduPrintProv.exe
- Size
  
  120KB
- MD5
  
  d76b6ee8e4270f8f5f460e3c5089ec69
- SHA1
  
  b5a4982a46059078a71e89899854ca886e8c5b76
- SHA256
  
  6616e1daaa25f268c682d2fa78b01e04350c2f572fb7fc93a453550234bb3c74
- SHA512
  
  1db3f888e54b070f6ef28641180ffe54650cb7d07774ebd49067bdcad6067da9159b6692c1141b5d3b64f044d17b9d1259b66444ae4567a50c9cf28036b63867
- SSDEEP
  
  3072:kQmdhsII7ylJLdz4dmedWkiV3GcEHWyvC1:/mdhg7St4dmYWkiV3rAWyv
Score

1^/10
behavioral1
- Target
  
  EhStorAuthn.exe
- Size
  
  144KB
- MD5
  
  4ec5a027fe4988118d595e3dee11f985
- SHA1
  
  8e64e69dbca66d4b899ef911bc9770f9be66af82
- SHA256
  
  6932d4267a691d360528d6646c48809cd0facb9bb33ce1aaf28777f9db5b40f9
- SHA512
  
  742548639844edafe3a1e933e5fa4505babf27549889ab814c3c49ca18b3c575d92a6432292f42f5e0d414941b956d02262bb4d621a8765012b138d1c1fa6e56
- SSDEEP
  
  3072:EIwoAQnguxJ8HpxukKZdHBE/fxPxQZDFcZIZ:E7ugQ8HH+HBERPxQZDFZ
Score

1^/10
behavioral2
- Target
  
  EoAExperiences.exe
- Size
  
  176KB
- MD5
  
  4eacc83d72b415f9440511eb2d32b324
- SHA1
  
  c5d43cbe51f256499dd0dacb94c5396e05821f33
- SHA256
  
  5db5031067753f60679e8558da04930dd2accb0d6c6226ed7113f19764d614b2
- SHA512
  
  94fc436007bf9c502d03c4b1ab54086085e37d918c82862411bff396111f18a9186ff48d1e622f1b82dfef399d0406dfd1195e7300656fd30a84f2b6c73a8ac9
- SSDEEP
  
  3072:jEQ6+fSbkTTBslYv2xd9dkO6zQG9nwJq5jjqhB2:wQZ6bUTMd9qlz9T1jqf
Score

1^/10
behavioral3
- Target
  
  FileDialogBroker.exe
- Size
  
  148KB
- MD5
  
  cf182ce1bf621abc75f9f77203c34479
- SHA1
  
  8f0195a74def41c12404ab99fbfbeb0f4eb7d461
- SHA256
  
  360bee9b3b6b9a07df94daf9ed49406cbf1744c232547f9383207d67149d3e93
- SHA512
  
  b99f8f9de7325a30524c0f4fa20d9d38dfc3b38a74a5e597f992d0828174335a1c5f9f101228dd4478898c3eaf0828bf9a9168ef415b34a22647d6ea4f8df5ee
- SSDEEP
  
  3072:kwwbBiiC9fGblCWpkLIx2iLjB9CMA/hrUz4/:nwbBiiC9fKlCWpkcxZ9CbRUz
Score

1^/10
behavioral4
- Target
  
  FileHistory.exe
- Size
  
  256KB
- MD5
  
  74e456dc77fa46bc25d2f64f1a394639
- SHA1
  
  f7b59ca9e89cd6b3b54823869857d381308c8bd5
- SHA256
  
  c51f0ab124d4ef290679642aa09ac8250437c2239f8ff5ffc1b662f5645e5048
- SHA512
  
  cddd6fd32e321a54d754444eea4677cbe8573c3a8ba7d67c11f809a41f5ff8bbf71d316daf30df062fa946a28c20112d784aab9d2a35ec940173ce9e2dc882e9
- SSDEEP
  
  3072:eeMWLu/VM/TW5ValxvxzYuVD8C+cxICGQUJSGVUdZSbdmyTVulAyXQfN:eyTJvxzYuVD8CnxICG3crSbd
Score

1^/10
behavioral5
- Target
  
  Fondue.exe
- Size
  
  132KB
- MD5
  
  a2e8d3d332de0dc786d46c7699ffc601
- SHA1
  
  b1b3177d808baa4e9388292dcff0a84004860094
- SHA256
  
  b7748bcdca77e5b469cd0f982c3936d06b608c822bd06df966ae1cd28158453b
- SHA512
  
  24507833d6884d632dd8b1a84b31d2d908b7f4665965536c47bae089448ffb50003a5c87cd78e8b1894b2c3940b351c13425e0b7cc59021c425e3f0278b8e66a
- SSDEEP
  
  3072:2Lift5DNbEaznWfH22ZsuX2xKwMPTnaSrIrvDw:dfbDxznWjZnXeKwMLnaqY
Score

1^/10
behavioral6
- Target
  
  FsIso.exe
- Size
  
  130KB
- MD5
  
  6ad5953a043ae8d2420c0c8c584574a7
- SHA1
  
  5929bc4243c3ef57a182bc663c2c89dd7c59ba10
- SHA256
  
  805c23b3ab9eb86b578cfa411c7398fc011e00f8166816aae8c4a93a3cce8004
- SHA512
  
  436f94c30bbcb450b17494a07a82edefbc7c8395086845d585a1561136dbc49057b09b2ca2258b148de20756244b7d211590cdd6ce18641a97b8e45810addafc
- SSDEEP
  
  1536:if/I11t57q4GdtPU3E7kif20s3u9NOpHCU1IP3lPCPpFEp4zJB:aaX7q4GduE7f20se9Nyi53lPCRFX1B
Score

1^/10
behavioral7
- Target
  
  GameBarPresenceWriter.exe
- Size
  
  368KB
- MD5
  
  24c985164fcb0d213ff39203d927ceea
- SHA1
  
  4f58be64ebff5be3132122612cbd3983cf7d05f7
- SHA256
  
  b9d473ae69ad713d64316f780dd13ee60a6ed51dcc9e26e6c31f5ef0dafb1a50
- SHA512
  
  84e8d24ee1c8fdfc8531e096156c5ec79843816f33f0c30d800b8d2181f455a18a05df94023d7692c8904b6167277d81625856064a970741995483f67f70f5e9
- SSDEEP
  
  6144:keeTeSeim8FsdubKOQYfdQ4t+MAlq9ZI/0fOMp:krTeSejVd7OXdQ4AqsM
Score

1^/10
behavioral8
- Target
  
  GameInputSvc.exe
- Size
  
  73KB
- MD5
  
  7f95f18d9ab6c7aea7999142057584ca
- SHA1
  
  506fc6be785db81bfc45e93c0a659ea59d4a70f2
- SHA256
  
  639ff1c360bca2334b273d41045313f6bb27219d429622aa89a43958a54acd2c
- SHA512
  
  728e7c3a2d8c1f2b6b206aa1f40981c8a63b86638cb1d0304c3f88a01fa0cf9b89db2ff78f4eaf206d835b52e869ab1489811734107dbca99969db909e82822d
- SSDEEP
  
  1536:pgKRnGvDDbaZNlEFxIZTROwxfejX6Tz4:pgKRGvmNlAIZTkwxGj6T
Score

1^/10
behavioral9
- Target
  
  GamePanel.exe
- Size
  
  1.3MB
- MD5
  
  1ff4b5ee447b079cc153490906afa164
- SHA1
  
  d8653e7ce33f9dc2ffe0c80fdd6241f118c44685
- SHA256
  
  00ae0cba52a3aa3a2774e3305acbad5890249e118f8e61e604d9df941cf54f40
- SHA512
  
  f363da16ded40a4e924ac7596e0624970bce43b9504422f1802409ab1c922d545eccd9b1d2b2342da2a1e63f0e1ebcad45f36de1c708ffb05a3226c06b2ea6b9
- SSDEEP
  
  24576:JPom1a/jEpCHEfxLZ5JuH+2i41RKpKOmm+ml9rMOUK6A5NwS/3NjjWcj1ByURVPN:JPTiEp7fxLZ5JuH+2i41RKpKOmm+ml9z
Score

1^/10
behavioral10
- Target
  
  GenValObj.exe
- Size
  
  651KB
- MD5
  
  c4957206c3e8b111f49ac887ec7d2c49
- SHA1
  
  cb61c29e946680f970340ac8655067bd7933915f
- SHA256
  
  3ccb39d2191a713f44d11af823529d12f42774959699d49798fa3f80d9d29593
- SHA512
  
  24c8dbfb80895626d0cb1b696a4c87d41e13b69c099911214c29a74b37c3b85903a1576ebe7b068dd4add2666a27c0a1e57ac510a43a361d6ce47d9b7efd8707
- SSDEEP
  
  12288:ubZogRryyn0xLmTHSVX9xFfvOEcMJWhBN2kpafnGdDeP:AZoqrHUCTyVTFfvO7MJWIYinGdqP
Score

1^/10
behavioral11
- Target
  
  HOSTNAME.EXE
- Size
  
  36KB
- MD5
  
  8b2227798de5296303078a538b8253be
- SHA1
  
  0595e818b2a24d5f0e7dd2fef6f04aa8d78c38eb
- SHA256
  
  af53aca90c261cf1b3d8f6e7f39ae185e7f3972f3b27decb4ae0e58a7deb27b3
- SHA512
  
  5c7b5ea0712cbc314c40d99590fb73e4c7a23116de302949909eb9319b6bf3cd98cdc39b7c62ca698f6439168b514aaea834d9667534a5bffb5150a559b06663
- SSDEEP
  
  192:PISGj8gzZKLF4lnKbYYMeazFRaD6zBpgx4X6+EtqwGaaf0VThWg6W:PgRZwFVbLMzxsOo2K+EPpLVNWg6W
Score

1^/10
behavioral12
- Target
  
  IESettingSync.exe
- Size
  
  480KB
- MD5
  
  4d6f109558af577adc0e7df0857ba94f
- SHA1
  
  5fd61e1a6f6349a0fc19bc17a53245ca440cd100
- SHA256
  
  07f88a9386dce0d589680cf6e2a2700f9bdada1f18be8fabe8020e5cc399596d
- SHA512
  
  1d01d3552b133062f0bb94822019a8bfcdfa3fbb7de4a8e7880dca5789986495712ca6ef902a3223656db4e3cf1c7435a1cb2146515948fd83ee27978e8a289a
- SSDEEP
  
  12288:1HB2Q0nIH3s5VaPA+Zc6AxDzbtSCEJB3rkEk+OBIwd:1HBmnms5VaPDZc6AxDt0B3Yl
Score

1^/10
behavioral13
- Target
  
  ISM.exe
- Size
  
  56KB
- MD5
  
  c7a1fd61bcde27343a71785ead27d0cf
- SHA1
  
  c3d217f37d17bcaf91e23da8448e316fc614f829
- SHA256
  
  e6aa3dde08b0d006aec556ef0b46f95ff8c2f146ca4c8f3ae6a543036624e692
- SHA512
  
  af6586a64b3f2f02885f45df7d420bcc247ba2eb7342584f3d56902d917a7b7c4bd52c4f16decaa975f6a4fdcac377f56cbee2d80ad2ae212541d873d0f59e21
- SSDEEP
  
  768:4tqn5iGdpwOb9uQCMIZUJjiTP59RXLHLrm4aqIryCNIYvFfRZB:R5LpRbh6ee9RDfmfqeyyIqfRZB
Score

1^/10
behavioral14
- Target
  
  IcsEntitlementHost.exe
- Size
  
  60KB
- MD5
  
  eff70fe4051cf328e30ff83fe524dec5
- SHA1
  
  624145d3383c78c9167be684ac8e826f4d723696
- SHA256
  
  9bf8ecefbdf15dfeedc630711bcf7a7e8f99a5605a90702e54c13adce6817752
- SHA512
  
  0f29c1b8c8b9a7ff55a5686d4a214bb58e04b0be96849f5efef0839d68655d28eeb59307589a706d13ea98e2bc10d597054bc10cd643cd9872eb8d55ddbd7b65
- SSDEEP
  
  768:/7Zi6szUpwOJ2c/mCVeV3K6vJa+57MTVBZQQpl00ktD+6E4TBfxE+:TMIpRJ2c/J43JJa+56VL+0gTE4tfN
Score

1^/10
behavioral15
- Target
  
  InfDefaultInstall.exe
- Size
  
  32KB
- MD5
  
  cc203f9952f393b54f5457d8928dce15
- SHA1
  
  2f38dd0ae9c62a2ff5ca9209b002ecdbbe2ab2d5
- SHA256
  
  d6a03550fbd2313a8b1f4e71180bf27db436a86bd54660e4a6c6b6707bdf8d63
- SHA512
  
  17b195090f26e39494eae482ea10105eb57501ffdcfaae667400b1b851252e397232530404a10d62f32c6e4c830d41dba29ea69cb29475e391f4657a645e8b68
- SSDEEP
  
  192:lI5LR/bfD/UGSf+/gPdVHBwT6zJfIV5Ef1yELFys9aW/GW:Q/br/DSf+OqN5uzFycaW/GW
Score

1^/10
behavioral16
- Target
  
  InputSwitchToastHandler.exe
- Size
  
  128KB
- MD5
  
  748aee67d701ce354bbcf637c3b3ae4c
- SHA1
  
  fdd8672ac649711b1573bd2caef0879fbaa7fa8e
- SHA256
  
  afc7fa7ba93cfb9c52363389f694b185b0d0a27d79a0e0f14b2490f534a77db4
- SHA512
  
  517b289c2797ea9a053bfa43751714144db74e891356a0ede7b5291b8525d46107ee709d49f3001058369b4e707f373098a281ca489390f4c379fd6a8595ebf6
- SSDEEP
  
  1536:13ZQUX43twxhU9dWcYNnhdkysb96iVMvqc8FtB/QC3ndWwT7ycPLi:7Q53MDBs7MCccHvdtHZ
Score

1^/10
behavioral17
- Target
  
  LanguageComponentsInstallerComHandler.exe
- Size
  
  76KB
- MD5
  
  e369b420676a3081e1cc22d63c08022f
- SHA1
  
  31ff7994d684e736f8d6b8b062b7d95b9510e84b
- SHA256
  
  18b33a02aa79b111307da8d7634e49ffcead9228f2f67ee5897bed4690d79be2
- SHA512
  
  f1b3289fe4b9004f18c360236e96984fb4a181f919c0249215ed05806ef16b4fdfa6cda5e8fc50b847db645010c11b70ecec28be6bbdf08b7d54c686e9e21b82
- SSDEEP
  
  768:DPFWdDOXjT+Vbe1gxW2mm+RzIBHRhXcAhQjz20x/bWFCCqtl0LEh3nlc3Ct62Yap:7une1SW30RhXZheaGbWMt+Lw3cK/Yap
Score

1^/10
behavioral18
- Target
  
  LaunchTM.exe
- Size
  
  28KB
- MD5
  
  7e964bd16794b6e7cc6ea11cca678459
- SHA1
  
  58858a541bdf3c56560f73abb37ddd77fc43a3b9
- SHA256
  
  1f38100bbb4db7d5f8afaacf3c0ae7fde607f5feea4d63c0390488791d8afe8c
- SHA512
  
  43f20e05de5bc2e53a0fe72a8465ee941110f876c567958bc9265ad02b9083ff4a9d2dda0477bbf5fe2d064066e0abf7e2849a620aa000c8ddf8fae7b20e5895
- SSDEEP
  
  192:yAovtgjn9aJY0YfZmo3Y1aahvBwMU8TWBqayW:5oFInwJY0skoI8OBrFTWBqayW
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral19
- Target
  
  LaunchWinApp.exe
- Size
  
  84KB
- MD5
  
  098264e96cdd0639f8d4ecd61a7186c3
- SHA1
  
  e73f0fbc24bb57b77b4aaec7cd1af24d940693e6
- SHA256
  
  4c69b1e05ce4644d5b06e5530f33f97a2d8125baca6b399a85a11dc889f02c07
- SHA512
  
  01046c46d8d8febfdc5d79ec5865f8187d6d9af347190302b66a912c70b1574dd3d6415a1f86f76d16abbc7002d8f661e4703814b6b51b3a9c9698a89b41f795
- SSDEEP
  
  1536:3jpwkGdFiXzkDhp8NwleL0UfDN+F+MugDPyfUky5:391y8wAR5+cMTLy8V5
Score

1^/10
behavioral20
- Target
  
  LegacyNetUXHost.exe
- Size
  
  224KB
- MD5
  
  5761bc63a12360027e266c7204d4f33a
- SHA1
  
  14540df1d1208709a8bbfcd3306b7be50c32210c
- SHA256
  
  1171f7a80ab8a07115f5492f557ceb962b60a9326b47e48b7020f986e1482f2b
- SHA512
  
  95912caa80aa3282f821aeb92d730ad271777414c93bad959710e0736b5192a6228484721293c87dc439b7c3482275511034d4be7c115155037674929cb17fe2
- SSDEEP
  
  3072:OMhieeCVIkBIPNbAWGyX4KY57j8NBH9Pems00ktKnFCpUeYMO0S+:7hleCykB0AWf6tAN99mms00qAMO0
Score

1^/10
behavioral21
- Target
  
  LicenseManagerShellext.exe
- Size
  
  72KB
- MD5
  
  9708c9cdab44501923a36bc93b4214ca
- SHA1
  
  e4a8d117ca07002200543acf8bef19c6b9ddf3b5
- SHA256
  
  dbb19dcbc70c4cf63d7c63713f905403cc76a6a973832a6546882671448247dd
- SHA512
  
  62c89a67d24fc47c3a0332f5a00a19ae15b114f57df6d481f626e5fedc8a908f438d5b04809e336797666ff1af2f5428158563b4a888dd7c950868f4883fd500
- SSDEEP
  
  1536:UwKlcZkPYPyIFtum8Lch7OgR2cFebMsTUqATTQyV5sVn:74YP9FtuuAZi3hV5sJ
Score

1^/10
behavioral22
- Target
  
  LicensingUI.exe
- Size
  
  170KB
- MD5
  
  3ce7b30ec8e33179b3cf2d912e196c8c
- SHA1
  
  1c1e5495c87bce2b161bd239e58baa2d790747f1
- SHA256
  
  6bd9ae1da3efc9a23fb3c2478a18f9c122ab35e6ace635fc59fbcfde81cb028f
- SHA512
  
  6ccea3816de6d3f51d1fe8771b33a972b142bdb0d3c8107576030cd8057b2f676c3c448dbbe5deea022f38dbace12c0a0eac59fffe405016276dca7740034d06
- SSDEEP
  
  3072:/osTmrcCRjzvdPW3MZhC9YEPasYtRSChoGzzq+oRJa71PmbOSvkPzohRwJ3:/okmrcCRU3vk1RNhoGzzq+oRA71PmbOl
Score

1^/10
behavioral23
- Target
  
  LiveCaptions.exe
- Size
  
  172KB
- MD5
  
  f72bf3d957318d165aaaf78a40e7b97a
- SHA1
  
  f07de0fc53990638716773a987f8aab2296f125a
- SHA256
  
  b3be0a75d1e0466cd271e7a79216815d5a5fdead57b3d7e7f383a21b2f43715f
- SHA512
  
  b357f3cc3ec3c8ae4d7e825824b0fc8b60992e430701c9f99b5f4016d625e4b49db0a0f59e935b3df27f228d728cd4f5e2abdd0e4a57e19aac5c0acb1367cea8
- SSDEEP
  
  3072:pAhXuNwgdWrEMPX8duHtif/pRAktEaWIRKHk42qfQk90m3x2atEzZB7Wjys/70zr:s+NwgdOsuNif/pRnDWIRQJrem3xVtEzd
Score

1^/10
behavioral24
- Target
  
  LocationNotificationWindows.exe
- Size
  
  100KB
- MD5
  
  2f3b8aefc9a493814f3295e9081fabe9
- SHA1
  
  679e5468568c576de6c82be82ce2914f35ccd6e9
- SHA256
  
  adac7c49b563868a7c6379219e34fe7c9eaf16cf3c1e4507a15b629e180d3514
- SHA512
  
  31b01a32cbdeb5d4dc6c0f86bf1cdd1b0b7ae1b98fed42fab20f5cbbec315a2537f457974245eca97b351a951b3204eea2bf595b4b6cc47958b1121728c0c3bf
- SSDEEP
  
  1536:2ILXzPPhX26ILIYyuJfiUMdPrJNK8GCLd8dD7PgwcT2WiGKkQZDdCeTDxh:22PPRYyuJfiUMdPLGY8nU25SODMeTDj
Score

1^/10
behavioral25
- Target
  
  Locator.exe
- Size
  
  28KB
- MD5
  
  291f77ccfbdc300f79378e131cb0e8ed
- SHA1
  
  7c48ee0ffbfd29a7e9bd55c74fd5cdc2757d6766
- SHA256
  
  f48f120bf76207dbb75e16626c89b00cb4ff4d9fb91a48df87740411ef440e75
- SHA512
  
  617c48826644a3ba43ab63a63ca42e3c141940eb88d04b21d9bb0027ee684cfbfb4ebf048b70200442b8380284e3828ffa0ed73a66c84d2b346b14d2e96c6dff
- SSDEEP
  
  192:JApZSTazJdWPc0jZ8/p8EEtvsa1q18oD6QGe22s1mDCWUlW:J0eWJwP/j9PBpo1Z6qRNDCWUlW
Score

1^/10
behavioral26
- Target
  
  LockAppHost.exe
- Size
  
  102KB
- MD5
  
  d6aa9b34dfc96fbd6082774d3fb5de52
- SHA1
  
  9d9c7717e4922142ab86df93e908e3d032b7c2d0
- SHA256
  
  8fb3d664b51ef3f811efcefb02dc3134dda687899e407d478ed3615861d252cd
- SHA512
  
  670c1571ec397bda98cce36988c48e76d964350ff1fa1fc8ca4ff8b343d223197270a7819b407e561c9f7af2945c5a967a908258876b2220447d005fa6ef3dbb
- SSDEEP
  
  1536:BARJhOAcdPkv5hzKMmPck+ceOjnR3h4TfXTBx8LfMUJynaLPzaz3aE:BMJkAF5XuckbnR3h+7BK7MUsK+uE
Score

1^/10
behavioral27
- Target
  
  LockScreenContentServer.exe
- Size
  
  69KB
- MD5
  
  981f6e71f4f4fe9e44895fbd23543bbb
- SHA1
  
  0724e38e6a3e8581ecd530a7447a01a2d662c0c4
- SHA256
  
  d287781a5475ab869917c2965461c1a667333a641a51b4341a07b1e2d5e9f770
- SHA512
  
  7c8ab5725015efe4274c5741ded3771fe643b8b468c78d271a06a9d3367a498a044aad7d676a7916383ae73b185a106fbe146091ebeaf198d084aceac86426da
- SSDEEP
  
  768:8OC/f7XxKHN7m71JnZgfJyE9hcAeFHTVAKQ2fZaW57TbxEaz1PvPZ9zs:8tTumRCxhcAIzqD2fZaWhT6a5P7zs
Score

1^/10
behavioral28
- Target
  
  LogonUI.exe
- Size
  
  40KB
- MD5
  
  b3cc2464bece9a99d8c755a7ccbfef52
- SHA1
  
  83acd640edab941976a0326670e6c0a8ab7755dd
- SHA256
  
  b62e62c7374ce1398b985af3122ff10a092750f65191fdc3aa6151de130183a3
- SHA512
  
  0149d2daf828e8877610b4fb754b7bede4acc1700d36d62c48ddcb3f6d466ecc4cc5dd975a63f726d1b2eadf46dab84f9d0e9eabee7efad0bbb8f9678d3186b1
- SSDEEP
  
  192:OHggLR20LF6VMUx6n2JDVZFj3maaTZYFPslFWYUW:OZv5pi62JPFjZ8ZjvWYUW
Score

1^/10
behavioral29
- Target
  
  LsaIso.exe
- Size
  
  352KB
- MD5
  
  c85bb526c98c60fe743724da79b0d07c
- SHA1
  
  96654bd8c773233a17c1aafce7a170e449c8a90f
- SHA256
  
  7d368b2ea4bfbff452a75f933a66e2aa94fe76b501ef1a5fd2368e4c85b1f5bf
- SHA512
  
  252a8e0eee2eeb0af315c59d182fe59d4332048c8f1bcb646f7031cc90c9bda700ea26afe1bfb1a902bd15f198d22667da9a640ffa1f9ac275cd128c7338aa2f
- SSDEEP
  
  6144:b4qMh+0uUflmNnonYm/b5m5/4St4VMLQkiSCEnX6HEPBcDA:bwh+0uUflmNm/dMDhzPBcM
Score

1^/10
behavioral30
- Target
  
  MBR2GPT.EXE
- Size
  
  328KB
- MD5
  
  27a754849d5de7b61fa028466cf497de
- SHA1
  
  f461d4055e625801449d93cd9a9d1b5b0b40060c
- SHA256
  
  b015024e15fee72428a2116fb695cd903e9594aebed6b0225d4a186e621cd2bd
- SHA512
  
  0bb2ea6316aff794708ddd270f21724b43a3fb725b0fe835c66b1aa8f14cf7181797a803316df2832c954e41f15e0298cd1934dce9d0f1b5e902a6d73c7b20cb
- SSDEEP
  
  6144:BdusINZwbgyKUkd8o5Tto6lMmbrWF45f06rxyEfPS/Ag/US6yQG9x:f5IwbVKUkd8o5Tto6lMmPWuF06rcEbgr
Score

1^/10
behavioral31
- Target
  
  MDEServer.exe
- Size
  
  476KB
- MD5
  
  fc638446a9921031b6d815fc6d5c0843
- SHA1
  
  cfce58a2199d6b1c42e491ec3b62e9552a512347
- SHA256
  
  01510c7086cece8732a1ef5c6cd11c41f1801c87230bea49f985982c50d16378
- SHA512
  
  cb4df64322db6efa2bc28f29b35ce880105b05ecfea3e5ec5f0e83c559470fb2ac3947bb8ae5c07c6096926cceb62017055b57a3063214616b284390be99e989
- SSDEEP
  
  12288:ioCmq4UYcAkIkosQ048gEIMwUYc48gc9lo05n7y2qvkoHxfqrzSRRDck2zCkoi8p:ioCmq4UYcAkIkosQ048gEIMwUYc48gc
Score

1^/10
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32