12c8a9ab93649f8c75399b6b96f4c54e7454cd0eaa25090dc53c223788c85222

Sharing

Copy URL

Twitter E-mail

General

Target

AimmyV2.1.5.zip
Size

51.5MB
Sample

240905-pjt4da1fnc
MD5

5f253f81377176b9091ae669acd1451c
SHA1

ac69f0836b4f07292f026abd64097c48bee33139
SHA256

12c8a9ab93649f8c75399b6b96f4c54e7454cd0eaa25090dc53c223788c85222
SHA512

ffeb2afa63515d1fbd3d39bb45bfa61ca5f63c858cbf9dcce091e7a97bf5e4791736a6398e483a8c804aea76502214160a53bc0d7b072c437b3a54abd29ae385
SSDEEP

1572864:RZ72Vgh57ip1mJxRBrnEyZINZs0Jb2IGLvKEMRj4:njL78EVzEmmJb2IGzKEf

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  AimmyV2.1.5.zip
- Size
  
  51.5MB
- MD5
  
  5f253f81377176b9091ae669acd1451c
- SHA1
  
  ac69f0836b4f07292f026abd64097c48bee33139
- SHA256
  
  12c8a9ab93649f8c75399b6b96f4c54e7454cd0eaa25090dc53c223788c85222
- SHA512
  
  ffeb2afa63515d1fbd3d39bb45bfa61ca5f63c858cbf9dcce091e7a97bf5e4791736a6398e483a8c804aea76502214160a53bc0d7b072c437b3a54abd29ae385
- SSDEEP
  
  1572864:RZ72Vgh57ip1mJxRBrnEyZINZs0Jb2IGLvKEMRj4:njL78EVzEmmJb2IGzKEf
Score

1^/10
behavioral1 behavioral2
- Target
  
  AimmyLauncher.exe
- Size
  
  161KB
- MD5
  
  1b61edaed8b5543cd875d3d22a219947
- SHA1
  
  45d0ded1b50b37063f3a0f328d56f676ccb0e519
- SHA256
  
  f9b275cef715b35cd5357b881bf2e62a22a6ea01a46f917cd2c072cdd2b3a18c
- SHA512
  
  668b3ee30fa7b2dd4a8e368f8b8eaae387f0641b2f874984e398a11141f520102568520f4fe27b6cd370b0b927f809073f9080092a413086e6f37a06de785a7b
- SSDEEP
  
  3072:BKta93TRDiicws0MWbs2OJiKF/ODxT5CyV9u2jNI8m5:B2wX7bJ39uyNJI
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
behavioral3 behavioral4
- Target
  
  DirectML.dll
- Size
  
  13.4MB
- MD5
  
  7982ce756c6e8c8f6bab62eb1902b714
- SHA1
  
  80f79ef136a8b4866bc7be1669584361b9a0ab23
- SHA256
  
  5ab77cc5db8e1544d386fd28586598317da8dcbef098fb86d8d8a60e739e0e5d
- SHA512
  
  71f9b4d30d41a28de009ddfbe6c9328a905dba6bb83623e14e252a255b641b88307c51754d509bed608a44882c5bfb9502bd1a533162a13d78d45c10140ed2e1
- SSDEEP
  
  98304:h4wQAqtHLRf+ZUSlVtwXgGN0gBl5NZsggKnHvibc0PMkFA9q068ZrS+O9mblF8G:mwzq5RGJlViXNHJsgXc/P1m9q0HNJuG
Score

1^/10
behavioral5 behavioral6
- Target
  
  TotallyNotAimmyV2.deps.json
- Size
  
  64KB
- MD5
  
  043ae6d30f6bcac091b4f7b1c0d63c30
- SHA1
  
  a6272775956ccb811e377584455e7d69f9511010
- SHA256
  
  7b70ec4cb90257c93b28f0bd754eccc950272a9fdedc7fbbf075872290c917d4
- SHA512
  
  e6e8db8942dd04386bc9c046838e4a2485da9e938aee32d9139bd00677414d4120cb06c078ddf5ed4ae7695f000882d3dc1c1399325487ae0b29713ca355e49c
- SSDEEP
  
  1536:Cq3+vW72+lcu7OnBW2RSiL1ONeljpZKSt69xDhR:Cqrlcu7OnBW2RSiL1ONeljpZKSt69fR
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  TotallyNotAimmyV2.dll
- Size
  
  6.9MB
- MD5
  
  a95cacbb2a6540d97b99c5df61cb5196
- SHA1
  
  3949201761754ba240d846b36474f1ca2caebb9a
- SHA256
  
  147c739bfecbe74fc1b8e30dfc68b99214160aef76e1b42a360d3a1641b81f91
- SHA512
  
  5e080f7e7ec8159471b95766433c3239b93ed7259a5ecb3bc122621c7e589a322c08be19fbbb2b16329325286348fcde67b1432e33d6e0822972ca4d88eb554d
- SSDEEP
  
  98304:YHFl2w8cuNdWqX/ItGhbIC8LKVBBRHnZs3gP8i+FbiQZfrkE2N10PHRed9jqjHRl:88cuzd4H2VBBRHsfkUfH2kIkdmt5Ti1
Score

1^/10
behavioral10 behavioral9
- Target
  
  TotallyNotAimmyV2.exe
- Size
  
  139KB
- MD5
  
  3d729e9b4df34ddb7ddafe78a01b71eb
- SHA1
  
  2f01d3349288f33a5e50c1d779b27ea65f753249
- SHA256
  
  b48997a06687cbe6dadae5ab45884feadd5921f5fe6f79df810c492557669406
- SHA512
  
  bb476a263e2f29628801826c4f5869424133f26921262a98d399240cc6701519ad7337875adb2fa37f7dec122ec832195d0ea6216022646f61fc735528be5875
- SSDEEP
  
  3072:ZiS4omp03WQthI/US3BZC0EiRQ1G78IVn2tbSkcJB8ltt:ZiS4ompBUS3BZC0C1G78IVEcnct
Score

1^/10
behavioral11 behavioral12
- Target
  
  TotallyNotAimmyV2.runtimeconfig.json
- Size
  
  458B
- MD5
  
  07b9a30265ca4e69c7016a1b6e3ffc27
- SHA1
  
  3a4af82a2695b1423aedd8b60a5c86793c011b02
- SHA256
  
  c71152bf25e40d647b2440c5b39be157a3d356106be9d5b678ab97bb87b4e782
- SHA512
  
  efd582f8edcdba5ef48d02eee5f73d83ff35071af99b49e08e0213928568d728d0856e3b903bfcccb9237f786846cf94da83139f99e9bee86287aff2071c3f1c
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  bin/anti_recoil_configs/Default.cfg
- Size
  
  105B
- MD5
  
  ce1699b43cac56a1db708eb47fb895ed
- SHA1
  
  b459711e26677a97573209b48a2dfba18f5d2124
- SHA256
  
  ad346cf890e24061ecb780c0ccb64c14b97a0fadc3cfbb35079370664fbdba65
- SHA512
  
  7a130b9f968760862945b986efea104c3a0345a1ac41e52322ff7afc566af26b9845091b9c3933ea36874ab6c389903145d280db829d457c82476fd1ef6268d8
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  bin/binding.cfg
- Size
  
  262B
- MD5
  
  35869a56ed85525fbdcbdd5f9ded7f98
- SHA1
  
  2a23a5c0620efab4a3402627f80febea41457fd3
- SHA256
  
  8425289b6075c0be636b57160b31a870bbf0e344189089be98573ab731724bc0
- SHA512
  
  902fdbcbd55b17d014e0909b0882224c786644e0d87f38bf66696a6446a9f76fa283d712d9db2c7e0da6ae3cc9d637563a2cbac6f38700cb1c4dddbf9c8bd9e0
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  bin/colors.cfg
- Size
  
  69B
- MD5
  
  7ebcbc301ab4fbb3503b041d3fcb2df5
- SHA1
  
  756dfe049d5f9fa102c480622a0898cae8012fba
- SHA256
  
  58d719fef5af2cabfcc4c2f60dc8d98ad899e94a27fea33245e16ad4f5b400c9
- SHA512
  
  4e6796d2cf8e1449d9bdd77736725dd1182066b558b512bfffdafdc7db8628812b7ad2a3bdf582b7e3c1e143bc7ac381c1ae2d422f2e734bfe35b33147631dec
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  bin/configs/Default.cfg
- Size
  
  360B
- MD5
  
  9cf7b6c406085dfbb03992f2fece703d
- SHA1
  
  9b0985aa472a0152984044ee9da0c43d67355049
- SHA256
  
  4965f889ed04fc3716961d36538f81acfc05fe47eb6d33be928f0fbe45227467
- SHA512
  
  07ee2d76ad45b87ae6f14d2abd034b39059139298c689107f6fcbff59cfb22c522a2982c8ba552eb08713a47cfa87b8e56443e481b95bd67e30eb19f12446b90
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  bin/dropdown.cfg
- Size
  
  174B
- MD5
  
  a299260259d7f5f5d95124fcca933260
- SHA1
  
  906da5c2514fd6e6e466b8af770c1e26f8782faa
- SHA256
  
  de3475c3315a6fabe07f1e37e5ac8c8007edab946c72f96ed33630fa8ecd751f
- SHA512
  
  404df0c27d5bc824448579b4e2046b0af935f4029989f530511839a7269119304598c3c59aae2b4b47c2b5e944ec4185e19e1bf9fdae63e240ab0339d14a9dc8
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  bin/filelocations.cfg
- Size
  
  79B
- MD5
  
  550f662ab7bd788c310a3feae8f216a4
- SHA1
  
  c8b9835a4f35b8cf3f894a248863cfba77db1bce
- SHA256
  
  82cdd247d97761fec303c591a06df278b7896c194f4375db1fc176d9e45711a1
- SHA512
  
  3fe320d9bc542e9ce2f3b177c64d321581be45c00c36df2e2279834aff3b3eec30d64d34ac73fdf360d92b335de3987df6e6ea192e6216baced23cf40ec7f53e
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  bin/labels/labels.txt
- Size
  
  5B
- MD5
  
  8c6d21187fb58b7a079d70030686b33e
- SHA1
  
  a25632f8f4ff9659997a848c2ebeef27d0974164
- SHA256
  
  0021d5fe20a08754dd965d947e4830740633aa94b4555d03067aaa6a3e6e1214
- SHA512
  
  2b9f6b63d16cddb68715a3438171e729fa3be22506014034f03aa5631b72eecad7921cb3fc6a00c5b1e9aa78623b95a80d92920d74affe078658d262b37f0bf3
Score

1^/10
behavioral27 behavioral28
- Target
  
  bin/minimize.cfg
- Size
  
  202B
- MD5
  
  584078def15682c4984cd4e4351253fd
- SHA1
  
  a2eb3eff79c2d0a4c76e8146bc6cf31fc64d200a
- SHA256
  
  c9c2b8de91fe8e0034b07c7eabcce35977e6e8695453778f323faf731cd896c5
- SHA512
  
  2cce04e0c2a066ddfadae99fe0bfa0197b7c1c685694eb64041e4470ffd5dfe0ce9fc8d7a75e30bd3fd24ac3e52df4b0347d4fa3a1acd5b7e926cd719a5896f2
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  bin/models/PhantomForces_Hamsta_v1.onnx
- Size
  
  11.7MB
- MD5
  
  50a0d0e8bed0f084ee46a154df442be1
- SHA1
  
  6de46f518bfc1e512797287e9d1bf4d2cdfe0497
- SHA256
  
  b25e0c6dbe87475837bb0f85a40cc7ab98ea40cd0b7486f53f3fede6ff405238
- SHA512
  
  63be031e8949857c96a1fc396d4d471c9b5090e9051b3a724248f0c7725c7fb2f1988116f1b298548d28b2a5458de6eeb1300efbd4dc23521a7af4d46dc4ec8f
- SSDEEP
  
  196608:3aqBE21+hlJP3/0l3/zKY4BMbvCb1hAeF5qT74midcpxnDx95isYIgp/7M7ItWoy:33b1qT/0F4BZfhad/JE1cUWQcmF5fmB1
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Checks computer location settings

Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32