b9af69ac821a649f211c99e3edf32a76a213e9450b5e972a6cdda5758af530dd

Target

Application Files - system32.zip
Size

200.3MB
Sample

240823-tf47dsteqe
MD5

9e13c0126b7f608956f951212b77efdb
SHA1

7c486a0f69ad4f21be45954df7bdc2f4ce9b0dad
SHA256

b9af69ac821a649f211c99e3edf32a76a213e9450b5e972a6cdda5758af530dd
SHA512

15b133823bf17179d3f806893480c77082d8a6442d885cfd5f1c77d8fdd476cafe63201fa030d60dbc812d9c9be8e8db71d83a714a4c40d8f59dbf28b9528ab5
SSDEEP

6291456:nENHZIGVuWulErUOn39qvc00IYv6EbEJY7CqQubcGX:qZRulE54vcbv6tluQGX

Score

6^/10

discovery persistence

Malware Config

Targets

- Target
  
  SearchIndexer.exe
- Size
  
  944KB
- MD5
  
  3a91431d478cab0bcb73bce9479e4e03
- SHA1
  
  170086c3b490ab082d257311859980fb3d83c0ca
- SHA256
  
  0ff5da7637eddba4a2955276bfda0e8a4ced2d1061f389cd447348a988f5349c
- SHA512
  
  4e260d2022548de9d5bbe65921ad6f05aa1fa98cd5d28dfd92e17014d1629e1a1aaa76f44bee625300a335c16bace70485b07b83507524e1ee2056d61bc7522f
- SSDEEP
  
  24576:4fGuoi1KC49Ws0ha/MX0VLySqG+XzBIF0Ju2dY5xlFGfdN+g7/x:4fGuoi1KC4sn0VLySqGWVIF0JuV5xXQf
Score

1^/10
behavioral1
- Target
  
  SearchProtocolHost.exe
- Size
  
  452KB
- MD5
  
  689b1158cf9dade0460d0183e269e0a5
- SHA1
  
  1b39e64ec8a23512829fa8dc33de8f586e821379
- SHA256
  
  af73495c012bbb77f135c5a4a975a5725a764314a5f2a94b997f3b8e1c3d8dbe
- SHA512
  
  a2be37cf29e65797601132277a8aa6ccdba1b5d569513ea7906a0ebcbcfdc05d48d33c0a8a767c97d306b785b7d1e5335c5d69021cb72c82c998788cdfa5489b
- SSDEEP
  
  12288:mKab5S3/J+qwSOztF8my1r/3mGwqQztf9:mKabk/JUSO/GT3mG1Qv
Score

1^/10
behavioral2
- Target
  
  SecEdit.exe
- Size
  
  60KB
- MD5
  
  8b8c541263f22ca9358ad47d1968664d
- SHA1
  
  309cea96564cfc7c9347cefd58412b87b64e177f
- SHA256
  
  577c2d61ebb4dc1b1cb49df3c0ec878e4b75ef685e1de36be0d6ace5da3a64ba
- SHA512
  
  bb712fe9cd70becd0b234af27c53248c962a5d395f0169fe946e05d6395eb6fe37f408b0881ce50399294071d01e70e0287772b5e70db5dbce7f2a35b06bfbb7
- SSDEEP
  
  768:2QaTUPRRu/43YcicfvEehxKvcLlMGn6EKGPb9JqT7/pXk:2N1Q3YhcfceDlMEKGPba
Score

1^/10
behavioral3
- Target
  
  SecureBootEncodeUEFI.exe
- Size
  
  116KB
- MD5
  
  ce462e1804e1ce9675c363a4ef5ae7ce
- SHA1
  
  eee7a777182197096f4d0101ca08e530d59825c1
- SHA256
  
  0fc9f6f6b9c93025410e79f235762c8cd37efd7b9ce780128563bf292ac5ac7b
- SHA512
  
  711e7049166ba76a9d401ac345af04ae3ed26abcad480f4ae19cb41596abd3f72405c4cd5cd1a989fef161e776525d9ce94cc7a9cce400caf987982f6b9ef7b4
- SSDEEP
  
  1536:FJ45f3EDGyLP4hO999pMGmAFy4VjexI68Fxc4olW7/qWt/pUc/7gvq:fhlgMLGK6l8kVk7/xZ/m
Score

1^/10
behavioral4
- Target
  
  SecurityHealthHost.exe
- Size
  
  113KB
- MD5
  
  dd17a198df33f3e5e7c29d319e359357
- SHA1
  
  d204d9cec24bf64d13f92c2ef57bb9a9b3d2448c
- SHA256
  
  b277492b1cf726b6085b76f57241b4cd80a7cfd88676c3cd3978e19e7f7d545a
- SHA512
  
  0dfd564e470c513d9c6a4eb51ba660761880d23a3f437e95e66c19160e226cd310034f4e0f9de92cbb408643886417ae7395642876ea98799107c82832c0d7eb
- SSDEEP
  
  1536:P8ea1qs7sKKTYrhXLTrIAU9dZSyND6GCH2nSRWPifCC4oQRAMjZuE+j138TEsLPt:taXs0k9HND6GCWnKq/oQju6EIkg
Score

1^/10
behavioral5
- Target
  
  SecurityHealthService.exe
- Size
  
  142KB
- MD5
  
  7795169a62235e1ec67bec099cc05402
- SHA1
  
  64469cfdb26e005dcd112799bfbf5b43cdab1f81
- SHA256
  
  c7543be6bf591f89a856cf71bf275b487b4d4610ff4f363d6df93fb66f068efd
- SHA512
  
  702d5816dc70720f5d336df3e3c82b0bb6152efc9a9b65c3f5d2a085ff362a9ecc7a778d7301455602259ad94b4112468879ba1729bf460243ab04a975f12712
- SSDEEP
  
  1536:nyPQ4NSntbdScVYvhXnAaIBwluRkNFn3S/rTIfbPFjRIdqKTeCw18GTrerSHxsUM:yPQ72zMJ/XIztjesKTeF1BeuHj5i
Score

1^/10
behavioral6
- Target
  
  SecurityHealthSystray.exe
- Size
  
  260KB
- MD5
  
  50253e1e0cd17879597c966e7289ebc5
- SHA1
  
  a093113624cecd7e6fef9dbeda1e96e4d6fa426f
- SHA256
  
  0a8804cb309ebc3cdd2e3787fbf3c129a20e387873ff13eea18ad95e5153e5f4
- SHA512
  
  f807644b3a62f306983e50608ccf40a1d4cbca15f56c1cda1662bb34e7303d766857ee917a42d17c9236dfaf07516a863cd9e5c9b05c29f64976640e9e5333f2
- SSDEEP
  
  6144:MZRv8Oo7RmiTVVmVVV8VVNVVVcVVVxVVVPVVlVVVRVVVtVVWV60jVLVVOVVUVZVo:MZ+P
Score

1^/10
behavioral7
- Target
  
  SensorDataService.exe
- Size
  
  1.1MB
- MD5
  
  982830b3fe783c6434955760cf82bdeb
- SHA1
  
  a3b488b26abaf15cb8ba2a7ff3da8eaf4244cc56
- SHA256
  
  b13026239b240b18614a8e99b736dff9ff33660542db3d791f3726b7efa91a42
- SHA512
  
  eee2b65ead31a1b1f9d03da5e2c81858860fa63ac894bf59bfc89e04dde9cd9ad8c5e8dfbb3cc227bbf3babffca84f33d29040fce91bd12004764b0f1440f7d0
- SSDEEP
  
  12288:tFOwImNJe/4cyiJLv7nHyVSR1qVxWUZKpx6PeqgyB6x1vrQo8JJUebZoveTnum:tF5Y/4LOWcEqpAPIyB6zvrQo8Q5v+
Score

1^/10
behavioral8
- Target
  
  SensorRuntimeBroker.exe
- Size
  
  100KB
- MD5
  
  28d3ec9339861f458e0d488b9787433f
- SHA1
  
  554ad7dd9d7c7d27fb5c1c1ba15748ef39bfdf4a
- SHA256
  
  3f523e90c5869acaf30224a7c87fc9fb6d41048a0c7abbcf42c92f19f3bbc867
- SHA512
  
  f66404ab1d19d20a738c1f76ee2402c1d34f95806348f1bfeed702883bcf057b27c3b10c5952731075ddc9e612fdff2154896e456e1172b44df819413f4eea7f
- SSDEEP
  
  1536:45bePhWRXSBhXVxFokYVo7jPiS1H4bkTKq+Ooj4m7QE+u:U1EQGHXYbkTh+k0j+u
Score

1^/10
behavioral9
- Target
  
  ShellAppRuntime.exe
- Size
  
  1.4MB
- MD5
  
  130017fc71bbc867cf39b9dec1841a5b
- SHA1
  
  d18c5e06b2874b2bb128595c023cea2300153114
- SHA256
  
  c7cdf62ada99ddc6ed42dd28b5a01d3dfa3c1fb7b2f19db07345a5b4fdf2b366
- SHA512
  
  f1c2555637a5040f4d6ff71b895a7b43df1dfaa58cd3dca5169c2acf2708e1c5cb3f65f1d12258667d1e7481c859d52d2c38afa42ff63566fb4baea3f3918637
- SSDEEP
  
  24576:fl8cLQKkBxnBajp8Y77W40omILNI+dujhZA3+CJL3GCHModYv4HGAYBdrulzndyS:t8cLQKkB0p8Y7WoVdmZA3+CJL31TDGA9
Score

6^/10

persistence
- Boot or Logon Autostart Execution: Active Setup
  Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
  persistence
behavioral10
- Target
  
  SlideToShutDown.exe
- Size
  
  37KB
- MD5
  
  44ad3fc64610c628e2b82618728b3cfe
- SHA1
  
  a988b83f2a27fe1ecb85e7461eb675ef47a8baac
- SHA256
  
  d171b96ab5574515025675b58951f3dd77c4b44221dea5832ff878235830a9bc
- SHA512
  
  537b2e2fe48eb4c0fa72cba183df38c2049bccb24c2ae213fe3daf589d2118ef999156e3d3f965025cb2c900adbfdb3e2eb1eb80fcdf13d33aae3038a72f707c
- SSDEEP
  
  384:W8owPzMCbeAD9OSfAd5M0ZfLWWGRC6WRaDBRJaTwR9zQb4ZGn:WOyAD9OSfATM0ZftGRCE1P2M9zxZGn
Score

1^/10
behavioral11
- Target
  
  SndVol.exe
- Size
  
  300KB
- MD5
  
  d936dfd58c333997d06ceb7961095603
- SHA1
  
  cbea831a45a18b7dd49ea6105d3398a5dd203b7b
- SHA256
  
  32deb446f0b28fbda14d0450e7cd4a6c7b7cfaf0968cc73f7cd6173f1bdffa4c
- SHA512
  
  3c41a4568efdb488f2f8a86811fd6085e293227705445d5306732fc40ce0be20a3c9cdb8dfc1dfb4fd2a7ae7e9d4188d43eb3d0f4fb4a689b4b14fd105e8ef4a
- SSDEEP
  
  6144:RJmghny0klk5Qblha2UkEPJhilocLR7DgqMIP5y10zi:bmgM0YPh4kEK3d5y9
Score

1^/10
behavioral12
- Target
  
  SpaceAgent.exe
- Size
  
  204KB
- MD5
  
  672d4e8f25f75e72f25278f47e4bbdec
- SHA1
  
  8ab7304ca6aa34055ca3bed66dca9a1efa5a7f83
- SHA256
  
  c4fcb15868a9aa4557ee89a5fd9b433d501ee0a8c547227072dc967719d0f2cf
- SHA512
  
  81ee4dc7b51c18883b88fde3c99e9efad935476e6afb0d6d934f4aacdbafd83c8174e39d8c10d64ab441b4cb9ba7c86cb2788208a85f5ba338b1cd18b8b200c0
- SSDEEP
  
  6144:5Ik8OSJS9WWzWUeLkvX1xFWxXgJJR0w7:5Ik8OSJS9WWzWRLkvPF8+P
Score

1^/10
behavioral13
- Target
  
  SpatialAudioLicenseSrv.exe
- Size
  
  180KB
- MD5
  
  52a0345f6ae3836b17cb920b18bb7681
- SHA1
  
  cee75f8f7196f1fc99a06a7b0d03e531e2e4a86e
- SHA256
  
  d1e00f3ba30bb830902c8b87bf327cb482bd346c55df9821c3d887fa9867cf9f
- SHA512
  
  965610fb96d6c3b0152b96e20ac61313119fdbbb14d4114e0688568c1802b9fd496bda7516b5e777612b0bef7089d93bfbd23d0456abe38ba995fd2235a2fdf3
- SSDEEP
  
  3072:F7K2ed+Me3jHPq+aFIhUIK6JqykubSsqmOAeUUOo2qS/GrTEoZnkJGYMs8BFcsLX:lK2ed+J3zCBIhUIKoqpVsNOfUUR2pGlb
Score

1^/10
behavioral14
- Target
  
  Spectrum.exe
- Size
  
  752KB
- MD5
  
  6af28c52b30f86962f43bd7f1482bdfb
- SHA1
  
  555c93ad58fc274454b1329ac42e4fd273ea621b
- SHA256
  
  a1c1ec93221b631536fde4f5102f040115daa6c4ac7e79b64b932d204e446336
- SHA512
  
  ecad9b21f0b22b03dc64ada48e89fe1c1c0d32643ee8eef1a585fd817fcd5ed9904c8819a49c3b66101287e992251560ef65ae633fa164d10ed5498e4120e886
- SSDEEP
  
  12288:VXM7aY7C+9sFzaBZt2iJ495wwqXP4aex5q:JM7aYe+9sFzaj3CXwjte
Score

1^/10
behavioral15
- Target
  
  SppExtComObj.Exe
- Size
  
  576KB
- MD5
  
  c75d2b790e8a8cce5a5b2962f606c70c
- SHA1
  
  5f16435141e695e57eaac3f1b64b7a109ea5983b
- SHA256
  
  38c251b02046d8902b41cac82b03b2a37e5a24e39ab710e61f48f9c6b020a29b
- SHA512
  
  e9197ff642c025ea7772e211f328aed4423c4c5a42411dc4afedf62e91ce46bdd7d1e8976cecd3446eec54d91e08bf4c9961623a35714c55cc0a024e2194524f
- SSDEEP
  
  12288:7W8cIl7SmKpc5Zf+3ptHWnvsTYS70Uo3El7GIQbw0i/xH:7YYuaUWnvaYUzr
Score

1^/10
behavioral16
- Target
  
  SrTasks.exe
- Size
  
  76KB
- MD5
  
  a0a091f6ccf2f6c6097ec1afde3b6936
- SHA1
  
  43b435342c83e68bb7f4d336780607fbee8d8867
- SHA256
  
  e31cb9596844c0ec7f3181e6be76b98c3053da46a515c49469f48a2f8c328659
- SHA512
  
  4bc558e36c8185842a2a6059a591f2f3d19d52a97143576b9b4bb53c1d50d7b86fe653c157b7c42827924a854a9ff64a16a0eb08b36cd1b4b0c1a8b5a98143d3
- SSDEEP
  
  1536:P2j3ZZ1QDjI2d1BDa6vjfZbXk8F1FCp/apeM0:P21ZuBDvt0i1Mp/aIp
Score

1^/10
behavioral17
- Target
  
  SyncHost.exe
- Size
  
  68KB
- MD5
  
  dab9b7272e638d0f526f59a0057d1e87
- SHA1
  
  b27275ac45900d8a649da0aa3ec49cc52ddcdd57
- SHA256
  
  0272c426b09c2e9dc08f7e47e09b2f78c6003819576a26817516d1a692f0361d
- SHA512
  
  0766fc2c586d0e691577c8ac75aed0d05e366d80e6324f39191eabfaade7e480b7cd00a9086c760d47669e93c043a2a0d8bdb9daa40b8474cb0f6799c533d554
- SSDEEP
  
  1536:YhHM0hpQiLnTajAYElgi47u8kbutM9ipQWqG3b1PKx8hnC:YW0Yjqlgi47u8k6M9ipQLGHhnC
Score

1^/10
behavioral18
- Target
  
  SysResetErr.exe
- Size
  
  69KB
- MD5
  
  f8fd1e7356d3408e296999d4f7baf32b
- SHA1
  
  0d78cbaf7863b08e19e4fd9d4b4407cd600d90cb
- SHA256
  
  21698938becb229930e0d66caecfb2a5357a6d3e38657eb6aeaab39c9c85e9aa
- SHA512
  
  070d5668e7a03cc6fdc6e4d87f3ef5ed7744831283fd6e89460515634f82d920f16dc1795e64f9fd1898d85b1cc6a99695764a20c6477d5bdf1532859e844b97
- SSDEEP
  
  768:AXP7QVYv6GJE6ttnIXT504KRoCl0xS3xCmRoX4VkH01PsL29zeX:kP7nDIj503+U3xCDX4VkHEPKCza
Score

1^/10
behavioral19
- Target
  
  SystemPropertiesAdvanced.exe
- Size
  
  100KB
- MD5
  
  5b087c14fc2288ad5f87d7d404cd6a5b
- SHA1
  
  7187254d94f2594a71238e3d50c1914b7a452e51
- SHA256
  
  e32459fd6d5fbb3e7c98a2b9a21040ced0deba34ee299930d4cfe930651c62ea
- SHA512
  
  192ed4cc8aed1069b1ba9a88fc21d577ba3a6d3061e65654e95520fef0ede868f8f48388b72b7a070ba82ceccc7336efcdaa278a6d04567965c76de43b8456b0
- SSDEEP
  
  1536:41ZGtREC/rMcgEPJV+G57ThjEC0kzJP+V5JS:4HGzECTMpuDhjRVJGM
Score

1^/10
behavioral20
- Target
  
  SystemPropertiesComputerName.exe
- Size
  
  100KB
- MD5
  
  0ed9499a38450d378a591d62c7094ee9
- SHA1
  
  1f2d8db617c47119d2915377a0e2c3935280da3b
- SHA256
  
  4cb77b1437a7922505634d89a43907e07f83db16417e4e3a9a56c2bc884d6223
- SHA512
  
  112ee96f7e0081898f6687d9da27fd0a0d91de1d127b74bb61e620e6b9f904fad59db3d940ddff167984dc384d267a46534cc0293f1e7d32e670c0edc9b3a787
- SSDEEP
  
  1536:+1ZjtREC/rMcgEPJV+G57ThjEC0kzJP+V5JG:+HjzECTMpuDhjRVJGA
Score

1^/10
behavioral21
- Target
  
  SystemPropertiesDataExecutionPrevention.exe
- Size
  
  100KB
- MD5
  
  fc17b23f708558bd17c625677e4783c6
- SHA1
  
  e1f7a1339b90c694c4d97ad7fd695cda2f664cff
- SHA256
  
  b63941073470f3760ce8fea11d1ebe8156d75285a5fc2638f5b7ff36ac9dd83e
- SHA512
  
  bada8651b098d0f40056e128d6227ea0b2ca34dc61262e35fddfe5c865e0d8c0d1f7235e9711d3dd5b9b70ed53ba807aa9f208b3a660790c13272a66fd73b245
- SSDEEP
  
  1536:y1ZStREC/rMcgEPJV+G57ThjEC0kzJP+V5Jv:yHSzECTMpuDhjRVJGZ
Score

1^/10
behavioral22
- Target
  
  SystemPropertiesHardware.exe
- Size
  
  100KB
- MD5
  
  fa3b7dece806d6f0a658ffcce1b2d034
- SHA1
  
  674a1de278553e175d0917f7215d2ac842909566
- SHA256
  
  fa1dfbb1990936db862a4fcac7e160641532d435f40f20c8959707c6cc675953
- SHA512
  
  c4a706c8c337ac58817c7ca4c8419b19c3b5a02ce001718173f48bdc37608f58e4e895bcf149ff85332b337a953cc9467b4bb38a4feb04ba1441f3fea5b4202e
- SSDEEP
  
  1536:+1ZmtREC/rMcgEPJV+G57ThjEC0kzJP+V5Jv:+HmzECTMpuDhjRVJGp
Score

1^/10
behavioral23
- Target
  
  SystemPropertiesPerformance.exe
- Size
  
  100KB
- MD5
  
  14465ee40efd221ff7e8b811ce905111
- SHA1
  
  af25a28052cb8ca7f89036fe96b9d532d9911a1b
- SHA256
  
  cbab585e48746b4e40b876475bab062ee78ba45baba8c40d152f5316b60add11
- SHA512
  
  2134109819a58bd236ee1abd0aef60c6183bec14ada29b3014277b5b7840106328eb1c8740e74307e67870ab267f668634e6902471264fc74d11f32ed33bfd57
- SSDEEP
  
  1536:Lm1ZZtREC/rMcgEPJV+G57ThjEC0kzJP+V5Jq:LmHZzECTMpuDhjRVJGk
Score

1^/10
behavioral24
- Target
  
  SystemPropertiesProtection.exe
- Size
  
  100KB
- MD5
  
  267e5e22a40b09a9294743c111e7579d
- SHA1
  
  b8b40cbe24f77f76d61dd8978c9815624242a79b
- SHA256
  
  255716d4aa2846d43d5a43a3c2b0992886f4d0978f71969dd04c055170c3af93
- SHA512
  
  69802f5faabe648e284515855cfc8ec86f6e4bf8ccb28616b0fddb56833dc35ed3aa2a40a051a69aa26ac9d743724ebbbe2b46519cee7b8097084e533a5f6e7d
- SSDEEP
  
  1536:m1ZKtREC/rMcgEPJV+G57ThjEC0kzJP+V5J3:mHKzECTMpuDhjRVJG9
Score

3^/10
behavioral25
- Target
  
  SystemPropertiesRemote.exe
- Size
  
  100KB
- MD5
  
  a1ba3aeb202df532d519ebc7d8dc8766
- SHA1
  
  2acecb93c466da03f4e41c6b444dccc9262766b5
- SHA256
  
  4f299c0dd0e80896e945c879dcd9eb6c308161fe24a9feb67610a8a4bc6d7df0
- SHA512
  
  33790be5af7f0c3d8dbf45a71d3614555629c9bd34bfa46a3dfd64abbb62cd8eb70aee397d5253246ba26e23e9100b12c904af554d1681b633bfa6e794c9909c
- SSDEEP
  
  1536:81ZktREC/rMcgEPJV+G57ThjEC0kzJP+V5Jp:8HkzECTMpuDhjRVJG3
Score

1^/10
behavioral26
- Target
  
  SystemSettingsAdminFlows.exe
- Size
  
  711KB
- MD5
  
  90cb6e26c6ede975e119077eba3fc511
- SHA1
  
  87c7aa1a78c29dccd896e60e3a182e3683e42080
- SHA256
  
  6018deac93d315ae63b6e2cd01aaa34f2822df1b57792b0f82ccb34b05d88280
- SHA512
  
  67fa2c60d9159ddadc435e59d7fbe313b1086344147bbbcac25ab04ddfa0c56dfcdd0ff13072f400faaa19df80e829219e45dcf257bce808c98ecf594d39d5e0
- SSDEEP
  
  12288:HZAhcJpeRQki3qZidv3zdYoKZqGA3vFSnTeOYRmBKLD2wLhqX6lebmjtOj:tJpQQki3qZidv3zdYoKZqGA3vFSyOY2H
Score

1^/10
behavioral27
- Target
  
  SystemSettingsBroker.exe
- Size
  
  215KB
- MD5
  
  899e65893cdee7f9022dc9b583f94f0f
- SHA1
  
  7334148d1a49b92da2fbfde6477d141eb5194a68
- SHA256
  
  38810de0f8a4a649fcde9c409ddcc58eb1216143ab1c7ee2deface4a5d7a31c3
- SHA512
  
  dffeb9192bd7c8d5a71b4b8df438b42dd3f02a46dc9593f89b937662421ccd65a96999b1be3b130b9d382df3969b902bb1b5bb2c54f5ff57f0712c31f180f1ed
- SSDEEP
  
  3072:V1f+c4e9cCAKJhsLpDSagLtmi4oCv+3o9pmmZJIcthkwf:v+c4ycCAKJhgZpmajtx
Score

1^/10
behavioral28
- Target
  
  SystemSettingsRemoveDevice.exe
- Size
  
  65KB
- MD5
  
  d3560d73520aead96318d48282afa258
- SHA1
  
  169a65b6311d7ddbb35f7a181b06925b9b1fec8f
- SHA256
  
  4c0099a6464c245c80763146c6092c01fd4f857a22c42f80a78962bb9ed261f7
- SHA512
  
  2da2734693a26e4d03533b89d5be8e35a0aa7a05062d439d515ce069fe6bd468138a944603f8e78893b7a40c4dcc3e3da4933ef8c69be25306f60dadcf9c038d
- SSDEEP
  
  1536:nfzFUukUW2ZfkLLkhnVjXUFJZekLPS1zoY:Nk0ZL/UF7eAKMY
Score

1^/10
behavioral29
- Target
  
  SystemUWPLauncher.exe
- Size
  
  116KB
- MD5
  
  acb2061192a243ea8f6c829e80e15204
- SHA1
  
  ca7e2060266495a676351af37172d93abe5c43c9
- SHA256
  
  14f1e99634551755064776728c8abaf48a3dec1d4dbc9daae913bbb1a789f817
- SHA512
  
  a6a8235d650e8b209b3700a53af1b639dbfd3d20842bde9a4e2fae392b889aacd36c62b63d2181567c143aa450acab387aff06c84106152fa786dbaf2241cee3
- SSDEEP
  
  1536:C1WS9F0F7iVJK8/fOLnhzrhdlSKz8AwBUpqY2w23hFp10JX3ver6hxezuS:WWSzkafsv9zLwBUpP/23516XmrQxel
Score

1^/10
behavioral30
- Target
  
  TCPSVCS.EXE
- Size
  
  32KB
- MD5
  
  4973f3fe6e85ed979d82c20b62c024e8
- SHA1
  
  3492fc451cf988ec47f528e0e168056034acc9bf
- SHA256
  
  83a9708e4b60332440d51382726de5bdff22a1e77d2efac365386d89745a8af7
- SHA512
  
  690fa74d0a800673c56dc823b9b6a20c218a8dff581cc4f507aa94be1675b9bae89ecf37b8a0f4aba020d9a4f7b89007fcc09bb999422bbf48379fadfe5a43a2
- SSDEEP
  
  384:a3CR4bS/aFe/Wxrl0o/sFQ/AWxDXLum6///KeyLW3/W:a3pS/geexNsYxDqm6//S6
Score

1^/10
behavioral31
- Target
  
  TRACERT.EXE
- Size
  
  36KB
- MD5
  
  03bf1dd3c52a9c442f15183923ab2176
- SHA1
  
  4b0a4e42a3c1d92283a86e6d0a75c4aaaf71af42
- SHA256
  
  014ab74d5721c1d1dbf3b86bdbcdf04844f8c29b28204acafecbf790bf2f08f1
- SHA512
  
  4e6b560dc223cae6029e2b6f1a6db7d306b501f23887e8ad82ddada1a81cff35536ad3b8f2f7f7267268befb55e2743af0cb0484a666593d65cbf00a2e35e6ff
- SSDEEP
  
  384:8ci0Kq7Pvbtw/r9STcPOWBVxOA0NtFvE6mH2LeYWUaW:Xi0Xbi/ra4r2FMFH2Lee
Score

3^/10

discovery
behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

T1547

Active Setup

T1547.014

Privilege Escalation

Boot or Logon Autostart Execution

T1547

Active Setup

T1547.014

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Network Configuration Discovery

T1016

Internet Connection Discovery

T1016.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Boot or Logon Autostart Execution: Active Setup

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32