General

  • Target

    Crazy Error V2 Installer.exe

  • Size

    36.6MB

  • Sample

    240829-b8pcjaxfkh

  • MD5

    88b35804fb768542a8020f370ee2bbf5

  • SHA1

    5410e4d9fd812e6dd2470bff060e88c65f5e8c4a

  • SHA256

    a3a264617e3ef583f7a8e9747ad08da7c5e831ee25eb597543512ae32ddf628c

  • SHA512

    0a95f3e6154b8421d83b1e09f39edc07ebacb651dcf07ce64418c72ef60fe0d77d5570daea959818059ce66f1783f304dc2f8f56b2a2fbf69d8e0745fa1cca75

  • SSDEEP

    786432:hTkzYE5THTYjifPkJhvxrbWEPV9ILkbF/4t7Zh9fUUMgOqvO+kT6B:hTkcQTzYNbvRWEt9PbQh9fUFqW+ko

Score
7/10

Malware Config

Targets

    • Target

      Crazy Error V2 Installer.exe

    • Size

      36.6MB

    • MD5

      88b35804fb768542a8020f370ee2bbf5

    • SHA1

      5410e4d9fd812e6dd2470bff060e88c65f5e8c4a

    • SHA256

      a3a264617e3ef583f7a8e9747ad08da7c5e831ee25eb597543512ae32ddf628c

    • SHA512

      0a95f3e6154b8421d83b1e09f39edc07ebacb651dcf07ce64418c72ef60fe0d77d5570daea959818059ce66f1783f304dc2f8f56b2a2fbf69d8e0745fa1cca75

    • SSDEEP

      786432:hTkzYE5THTYjifPkJhvxrbWEPV9ILkbF/4t7Zh9fUUMgOqvO+kT6B:hTkcQTzYNbvRWEt9PbQh9fUFqW+ko

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Target

      Python.Runtime.dll

    • Size

      169KB

    • MD5

      af017ee97166a848e3d39327b9bea173

    • SHA1

      ea5e4f65126518a7eb099bb632821b1579aad06b

    • SHA256

      b14f5525c1a1565de4b45777295bff0926772da9646f4b4ea7466d57e670019c

    • SHA512

      8a2436c1df06f8bae4e51947a6ec2b214f4624aa9d0d6dfdff20b79049426be01607de7b19093823516b4759c5a53c37172eebe9d7447bb1083d38ee19bfea1e

    • SSDEEP

      3072:jf+we4nGUpKUca7DbLH33JfZdxWCx+/KvKRbWAFjvVFnIKk/rJnN7b6lrVfrh+zT:44XYa/H33Rj9cCvI1tvDsnerh

    Score
    1/10
    • Target

      VCRUNTIME140.dll

    • Size

      84KB

    • MD5

      ae96651cfbd18991d186a029cbecb30c

    • SHA1

      18df8af1022b5cb188e3ee98ac5b4da24ac9c526

    • SHA256

      1b372f064eacb455a0351863706e6326ca31b08e779a70de5de986b5be8069a1

    • SHA512

      42a58c17f63cf0d404896d3b4bb16b2c9270cc2192aa4c9be265ed3970dfc2a4115e1db08f35c39e403b4c918be4ed7d19d2e2e015cb06b33d26a6c6521556e7

    • SSDEEP

      1536:RPwKQRaeU5QsPWFP/wPENm2eK7oJnoUSgpAY8ODcDcm7cIs+4ecbV6iVBoA2r:RwKQRbU5P4XwPENm2eK7mnoUSgpAY8Oa

    Score
    3/10
    • Target

      _asyncio.pyd

    • Size

      54KB

    • MD5

      1c8b0c97c1349b5d3fbac844baf805de

    • SHA1

      681250f026fe719c6a5725e9936d3cb531e979fa

    • SHA256

      d0c6d739de371df2746686711361756b344ad1591435bd4a726ae75501912f04

    • SHA512

      c7840b564a99814ca82a9831102a6f2113ca321df4632d7c5683225f9421132e11300b62df8419de41cde05f4f784622b433e8941c996a02f85475b82a74a68f

    • SSDEEP

      1536:EhUoUIrl9ulDGSop9ghO27PmixtM5IhsnjERyGV:EhjprzsjmixtM5IhsnjWV

    Score
    3/10
    • Target

      _bz2.pyd

    • Size

      72KB

    • MD5

      7f8dc5e22155dfaeeee837bee907f960

    • SHA1

      9d03bd1120fd67cb4a2a6e42707c3ecc95d56a31

    • SHA256

      f2eaab5894a666556a6ec0f7b430deb30cdcdb534e822cda8c789435d3834535

    • SHA512

      ac4ae9f88dbebdd6619be62252275260f476bec5765644de279dadf9f10437ebec526d833fbaae70686de1ef65fc574659191c2c8050df96b7ff7ff3fb51f80c

    • SSDEEP

      1536:uHi3lVNW+yen/syxiC8b4dUL7BIh4Vxg4yGr:TlnJ6t1b4dUL7BIh4Vxbr

    Score
    3/10
    • Target

      _ctypes.pyd

    • Size

      109KB

    • MD5

      e7f1c92338eb9964ea5922de823abcb8

    • SHA1

      ae5719b87f4f6b3cdaacd6e43f5bf101e492adc0

    • SHA256

      497cf76470349d3cb601e1fe66c8e08f7570cfb0d25e15c3d94aae84280dba58

    • SHA512

      0fe48e6c7596c226d031a1c2966270589b939b54a316e44856054a933be052d5084afc4c1a9d8314aa1cf0e15cc777747645741f3efea3016a41248c01d8fc14

    • SSDEEP

      3072:I4w6dPcswtJq50s/+5e+we8/9IhVPhKqo1:nd0Mt/+5eZe6qC

    Score
    3/10
    • Target

      _decimal.pyd

    • Size

      219KB

    • MD5

      44ccf7ff70b92fdc6c843c68d1dd66e4

    • SHA1

      82176fc8bb776ecaf0957f7051f789b02f196024

    • SHA256

      d4554bdf86c188e97eaacae305223678262138c7569cfbb9837990efd6255e77

    • SHA512

      75f50c42a46c47a67714807e8702d5b23db36b7445f44fb53aa75aa737331f988c6ddf088d4f8194e64f365473d52d54abb8c739280396e1f2501879a6a1bd27

    • SSDEEP

      6144:oaueleQ7Alat004ppuq6xV3XMW5g3ZGwVSqrq:oaueleWbOCqGWSqrq

    Score
    3/10
    • Target

      _elementtree.pyd

    • Size

      171KB

    • MD5

      189621eb7888503a3b14c37ac3803fa5

    • SHA1

      5a213fc4db8787db09c96b978143fa19dabab809

    • SHA256

      af25cebe4337abbffd9975a77189aea2f8fba89d02c2540fd81038c03c4b8aac

    • SHA512

      7b9495dec4da12820eb7fc0944338e19b2c0daa0593da4aa80309c10585e09a08681d4c0cac57fdf639729c9b20bc70a61344c2eaebc7eae6465714f783eb522

    • SSDEEP

      3072:vVAF+qWR1pfGg+ICjICX6Oj1K6Tx2aaYyGgRA7m3hV+RIhAfmN5Z6:dfR1sICx6A2c0X3h06zk

    Score
    3/10
    • Target

      _hashlib.pyd

    • Size

      36KB

    • MD5

      13e5639aa1732db7f8fd9c2820cced10

    • SHA1

      5f9799b1a16bbdb337766b42b9828f8da1f55e75

    • SHA256

      b54e3474472fd318e0d94b9115238dca43c457e6253f06f92d2604df14d8247d

    • SHA512

      f4abc90e5f6ea1b204265e91f22978ca8eb04c8ce9bef5d558becadb1b6116c769d7e3401b9396438c85f5decf88b79fd8114f6054541228c753494660a949d1

    • SSDEEP

      768:4VKNA5Ae3iOei9FK5Y8TjUI0uJO2vo5IhsI7SUWDG4ys7aM:gKNA5A2iOeivK5YmxdJtw5IhsIiys7R

    Score
    3/10
    • Target

      _lzma.pyd

    • Size

      181KB

    • MD5

      b1abe0da66ec97e4aff97f1bd5203434

    • SHA1

      c3bd39814c4f01b57a442da50ed515e7dfd05a8a

    • SHA256

      ee4f276ec7f0b34acd38361023173d6113d97a7de17d28a4fbbd286fe5ce2f28

    • SHA512

      47556e4c65aa04853520c92fdb1f88bb03ab7f4478bfc60e15186f6109cf659e68d458a7b1090a063a0f771c6eb835582464a646456d9e7f82534854c74f83b0

    • SSDEEP

      3072:tez7m1+Dj2ykm6e+gyd1uBSsPc5S/BPkG23pS17tvtjVNgGoY+7l1/3gOi7atzHo:8zDj2ykm6e+hd1uB1D+7zg5s1YO+RR0E

    Score
    3/10
    • Target

      _multiprocessing.pyd

    • Size

      24KB

    • MD5

      a7f5a7a1d1b967457812f94026864378

    • SHA1

      2680bbddf0ce046498c8e8f22fa0db19f33d07a7

    • SHA256

      bb766742d1657427691882f5f5eb9b222618b0144f7d05fd7be2a8b43569e4d6

    • SHA512

      b84bfb7a92c964cd30459204bd02846c8721a42c57643e715f81bfb8835c84ed1f7cd0ca577e9af294f7cc28ab8960f8fcd8cf93a71512984a081b777a9d27a7

    • SSDEEP

      384:tj54CDspiPeJexiqJIDBidEYWPqgYciaZJIhkBLmCwhbnYPLxDG4y8LtDEY:pDqOiqy6Wy3JwJIhktsZWDG4yG

    Score
    3/10
    • Target

      _overlapped.pyd

    • Size

      37KB

    • MD5

      411d94ed7a9332b30f7679f03abea320

    • SHA1

      53099a8114b41d82cbb1fffa427d7666583d2c1d

    • SHA256

      0fbb74da4ecddf1a18663a31f64c52d169e7c102d5e8dbe288e8b30df8e34598

    • SHA512

      e142fcd4877e97fe812d08b1939b467dada365be974391a25a37166ec8711e89d2e5ed02fde4571d2e89476ac275eed5943f65a8c2240227618fd02f676bdeaf

    • SSDEEP

      768:3u7xuQeN43zIRCJ7no8IYZp0qEbNA1B51IhJtiQWDG4yEs:3EBG43zIqLLWqEbNUB51IhJtiyEs

    Score
    3/10
    • Target

      _queue.pyd

    • Size

      24KB

    • MD5

      b9dc46c4d8f7640c75baba109d9569bb

    • SHA1

      3188e695eef3e0bbcf50b13a507dc87b2284c998

    • SHA256

      151315638f893e81d9e724615cb2e97f31d7a1aaff3c5d598094206332c78e2b

    • SHA512

      4cb320b9639393afff2c8b955b3ab059bfd6590b3b3e02ddf9dee55a15e345ebea1387c367e7ab49c75be861cd7a4bdbe6c29c11bf0ea1c8350327bad31b221c

    • SSDEEP

      384:XjJU/wTEESvp2JyeVesLTpJEMo6ryhnuO5xWh9IhqUnzqnYPLxDG4y8fJtG:XlUuy2Dhu16rykOuh9IhqUnOWDG4y5

    Score
    3/10
    • Target

      _ssl.pyd

    • Size

      108KB

    • MD5

      38a431e39fe4502ebbc7a17bcb519240

    • SHA1

      5f9990e47b03a35707639047839ad215af7cb82c

    • SHA256

      91225559138228aaadf83d77c92835b080bbcbcc17c190c6ef7bb9d23cc17595

    • SHA512

      cc8c635471b2ae18d1c3962812b30b1ca6d4187595bc941ca84c18028f46c3f75c9a6d66afceb75b1f454884c5a012f97d8d995a55d60b493d381bb827413c94

    • SSDEEP

      3072:BJB2fQmq/cNhdp/bzM0LRylD+vGYEDuBIh47Qg:BJB2fSY/bAeRtGYEDun

    Score
    3/10
    • Target

      _testcapi.pyd

    • Size

      89KB

    • MD5

      323593fe59435711a811ac04e6c54bc2

    • SHA1

      a1d08ba0d9e0912ff52bfaf3f86994d0bd698cc5

    • SHA256

      658cf91d8a9d1725b3f003ba3d11b92fa4eb20805502a949934c3f49abca26cd

    • SHA512

      3d9233ee6bf0f3eb59f852645b40b5bd2fd74140b0dd2b921d092ec467307560196a0ebf260cc02bda12ef46223cfe295868525d896e9015369faf84f224d122

    • SSDEEP

      1536:rhdq6KtGglLp9Opdj7WwfeyQk0QKkra5PvL5Ihjw+ma61xoyT:rv/KtrlLDC7QyQk0QKkrwPj5Ihjw+mXT

    Score
    3/10
    • Target

      _tkinter.pyd

    • Size

      58KB

    • MD5

      f5fa0ed3dea125649c4c01326c41c617

    • SHA1

      a8f734dd18c963ea24f655223230bf6d5a71a1f6

    • SHA256

      1a2394e295252bcef3ebfe88d8633e833d172c9e4fbcc6657e16094c91d3a041

    • SHA512

      016f2046437f3f1c35784b4960becfee9b15f03c79580fde159bc1a287b0e73adaae6de381550602f06f5557e9553a39da86adf236d2ad3bb4bc9e7d8bcb32ed

    • SSDEEP

      1536:XEwQVilHrnTYzYHYwHC9boV6hchM1AJx5IhsSdSHDXJy9:X2EoYFhM1AJx5IhsSd4Dg

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks

static1

Score
3/10

behavioral1

discovery
Score
7/10

behavioral2

discovery
Score
7/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

discovery
Score
3/10

behavioral6

discovery
Score
3/10

behavioral7

discovery
Score
3/10

behavioral8

discovery
Score
3/10

behavioral9

discovery
Score
3/10

behavioral10

discovery
Score
3/10

behavioral11

discovery
Score
3/10

behavioral12

discovery
Score
3/10

behavioral13

discovery
Score
3/10

behavioral14

discovery
Score
3/10

behavioral15

discovery
Score
3/10

behavioral16

discovery
Score
3/10

behavioral17

discovery
Score
3/10

behavioral18

discovery
Score
3/10

behavioral19

discovery
Score
3/10

behavioral20

discovery
Score
3/10

behavioral21

discovery
Score
3/10

behavioral22

discovery
Score
3/10

behavioral23

discovery
Score
3/10

behavioral24

discovery
Score
3/10

behavioral25

discovery
Score
3/10

behavioral26

discovery
Score
3/10

behavioral27

discovery
Score
3/10

behavioral28

discovery
Score
3/10

behavioral29

discovery
Score
3/10

behavioral30

discovery
Score
3/10

behavioral31

discovery
Score
3/10

behavioral32

discovery
Score
3/10