4454d5fc11bafd948976ffe7232f0bd34e84e8ab4d8991abea1073c22478b33c

Sharing

Copy URL

Twitter E-mail

General

Target

AYSASOPTIMIZATIONFOLDER.zip
Size

169.9MB
Sample

240906-1cntkayepn
MD5

421fcb07f4a37e556778ea2f9b3ee0b5
SHA1

d7317d634244ad3689f89df4933206e3e678fd60
SHA256

4454d5fc11bafd948976ffe7232f0bd34e84e8ab4d8991abea1073c22478b33c
SHA512

0493e332097750dbdc203b13d5a807ab930231e7a27fad52b9e1fec778a3833b94d2e18b3a11fa7e94d9e5f2d2458420f6ffe7f47920e62fe98cfeb3c3dce513
SSDEEP

3145728:A31bvdKTA0F/hBvdtNm2Shp4mCj/pXuEtZYnu1UPfD+7vKaLUpS2rlY8C78RXsyk:A3hvWnJBvdtI2+p4mCjpT11U3K+jS2lU

Score

8^/10

Malware Config

Targets

- Target
  
  NART x AYSAFROMNAZARETH PACK/Bitsum Process Lasso Pro/MeasureSleep.exe
- Size
  
  137KB
- MD5
  
  c81197ee2433d30c1731b2ddee8ae67b
- SHA1
  
  2a4fe29f28443936fbea66855c489098632f886c
- SHA256
  
  055425a39ce8e766055ee2de3f4cee1714bca31f274bf0c9f658009f551e9e73
- SHA512
  
  de1ab2c2cc47c058fd326ffe5f4cc9fe4b42b1407ad20c70138a34db92b17bd127021f3a50b2ef8fe15d3ac81d47ed0a2e2e91957850720215e05d1c8030b842
- SSDEEP
  
  1536:9qStkJ2I0E0Rm1qplwjQ5V/Eg78OJExsmXNe3az5U9zSaXUNpUvblnPnEyAU:nQ2I3PKwcDEg782E6+N75U9zSaX6IEc
Score

1^/10
behavioral1 behavioral2
- Target
  
  NART x AYSAFROMNAZARETH PACK/Bitsum Process Lasso Pro/dpclat.exe
- Size
  
  299KB
- MD5
  
  b3849adedca497a29e4b1a13f6851d45
- SHA1
  
  38438d73c378fd410d8d51ee954231f73ce9aa1d
- SHA256
  
  00a7c7b88877bf59dbaa70de734fcd3f287f1eb92caff4571a4c8e67a5dc0aca
- SHA512
  
  9fd6df7f1173bf8258f54d9153505dc648dd7a8b99e4c995ebb37965795d8467dd560beff035c2d33d0a047a43c280b4fa22e7fee019767e9190453c7769a425
- SSDEEP
  
  3072:/3epwRoNb3H6oy98nu6zp+4uhv9UKBLk4TZKVLIh0MRtcwuKohGjBf8i3Jn:/8eso8FnqSKB1K07Y2eun
Score

8^/10

discovery
- Drops file in Drivers directory
behavioral3 behavioral4
- Target
  
  NART x AYSAFROMNAZARETH PACK/Bitsum Process Lasso Pro/processlassosetup64.exe
- Size
  
  2.5MB
- MD5
  
  4efd7509873a6dba9db17c99702f5a7d
- SHA1
  
  89f4d8aa3b6b02d0c0250580b9e39761a3d593c3
- SHA256
  
  fb00ea98cb78dcb72e3c95a3665281e213527f54a91ff485969a43be9651577e
- SHA512
  
  2b1b057d5a42492138d704a72fe84c79d2348b79930cc4ccbd83fb1a375b28a6b90f1be882530948d4e5ddfbec11d0edf0e5a6323966d67ec13b584ec5abb039
- SSDEEP
  
  49152:I68Sr4seByNJOdAZHxKU3z9ljajNP6zuMH7fZPuVd8i:Iir4seByXnZHxKU3zPajNhMH5M+i
Score

4^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/INetC.dll
- Size
  
  24KB
- MD5
  
  640bff73a5f8e37b202d911e4749b2e9
- SHA1
  
  9588dd7561ab7de3bca392b084bec91f3521c879
- SHA256
  
  c1e568e25ec111184deb1b87cfda4bfec529b1abeab39b66539d998012f33502
- SHA512
  
  39c6c358e2b480c8cbebcc1da683924c8092fb2947f2da4a8df1b0dc1fdda61003d91d12232a436ec88ff4e0995b7f6ee8c6efbdca935eaa984001f7a72fea0a
- SSDEEP
  
  384:wv1j9e9dEs+rN+qFLAjNXT37vYnOrvFhSL+ZwcSyekzANZBJ:w1AvEs3HBLzYn29vYh
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  68b287f4067ba013e34a1339afdb1ea8
- SHA1
  
  45ad585b3cc8e5a6af7b68f5d8269c97992130b3
- SHA256
  
  18e8b40ba22c7a1687bd16e8d585380bc2773fff5002d7d67e9485fcc0c51026
- SHA512
  
  06c38bbb07fb55256f3cdc24e77b3c8f3214f25bfd140b521a39d167113bf307a7e8d24e445d510bc5e4e41d33c9173bb14e3f2a38bc29a0e3d08c1f0dca4bdb
- SSDEEP
  
  48:S46+/nTKYKxbWsptIpBtWZ0iV8jAWiAJCvxft2O2B8mFofjLl:zFuPbOBtWZBV8jAWiAJCdv2Cm0L
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  cff85c549d536f651d4fb8387f1976f2
- SHA1
  
  d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
- SHA256
  
  8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
- SHA512
  
  531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88
- SSDEEP
  
  192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  CPUEater.exe
- Size
  
  484KB
- MD5
  
  65a1d58b8a9129f69073b4997fb494b5
- SHA1
  
  ba9f7f75c9ee5ab0ee6052a76b46b3e851ff966e
- SHA256
  
  dbc5334e06291fe7970bc86118ef393428d70765afc409af4184b0ccd7d7c796
- SHA512
  
  ede81447dbd8a2097e7e69579f3fdea8583b342bc475f80982a90a262846b943c48e133ad930cdaba6682760c532bde11c550da76d4f50bdd1895a40ed546d77
- SSDEEP
  
  6144:FJWlpafqCwll1Ik4k5w/Fj/l4lvjlkdQvtIIK5UDEeBxhLX:FNfqR1d4k5OFjajlXtTK5UVD
Score

1^/10
behavioral13 behavioral14
- Target
  
  Insights.exe
- Size
  
  750KB
- MD5
  
  e825bb27108035adda9c27815fb1adf5
- SHA1
  
  0417a261d31f485fd510b4e737636401140bb4e8
- SHA256
  
  7fed9370ce18f5ca8b3f8bbef91ac04c8d3f946836a1185b3077f396772621ab
- SHA512
  
  a7572ab7395f7cfd267a61687fcd1ebdfca1e3f322550c1631d251c9eb8518f653b72aca7e70f46eacf795e066b2d66b5860424da349c0ee74b0b9b6b0bc1bde
- SSDEEP
  
  12288:vsfeRpOSZXtAOvd0m3+p8Ly16/sJKGHx6:0feRpFtAOvr3+p8LyIULHA
Score

1^/10
behavioral15 behavioral16
- Target
  
  InstallHelper.exe
- Size
  
  764KB
- MD5
  
  ead091d81ec9453dd8bf4d8b65b4644c
- SHA1
  
  8278e562f0e156171bd57a95f265da66bdca01a4
- SHA256
  
  90f9a6e4e09d0ad7745e74fb70198ab82bbd6621ebcd3eba1a511850020bc989
- SHA512
  
  37c7b0397faf5ee49fe4080c02a1e5362dc00a0cca986461f5ec798ddd8fa2ccf04f023af15b2043bd4361fd10c16082189e865c03547964565f78c593ae1f00
- SSDEEP
  
  12288:PnKSfbOSYCQsHi2+NgaxZfWuzJxfeQXlbSKGc:vKM7YCQsHi2EgaxZfWuzPflbsc
Score

1^/10
behavioral17 behavioral18
- Target
  
  LogViewer.exe
- Size
  
  857KB
- MD5
  
  1fa9ee2976c9faf43eb109ca380a4899
- SHA1
  
  9f7bcfe0f862f1c60093d51ac146546424e44b65
- SHA256
  
  c21f257bb257c79401352e59e69db920ef87915feaaf2257afbf919c42086e8f
- SHA512
  
  f16f6eed01c69097c38f8e753024edce5e2c151d572ba442335595934e72ace89da5c388012ede31c5d2aa8bfb3e4018659e7064b1cce373a2ae23da8e1cca8c
- SSDEEP
  
  6144:z3iuBkOY8B59ASUsJHj1HMFdtX/jy+/6WOhVTgvBZOB6csuAPjNqXXB6uAPUFBmN:znAQ16/jy+/ogZ4B2u1XB67PVa8OGx
Score

1^/10
behavioral19 behavioral20
- Target
  
  ProcessGovernor.exe
- Size
  
  1.2MB
- MD5
  
  30d0346a2c71530eb3e9d6711af2fabe
- SHA1
  
  a0c80c6a2973d87f119c211fdc9d7a0a03aef3f3
- SHA256
  
  3151c4f9f9b328841b7b8acf78e7aa9cc200ae51fed88affc9a2dd0c8c74e417
- SHA512
  
  1805ad082bc4c4857224f3ca234de799cf7347864a584a36fd23348ce831aa2e9781e96347eaa1383b643c12f0c7c02c2940ee770c18cc7a930cd15b868f0405
- SSDEEP
  
  24576:mrLwE1K8WYVCtOH+BdTzhXgXqNvCyaulh9srcYD:MwETWgaOaNqyaulaj
Score

1^/10
behavioral21 behavioral22
- Target
  
  ProcessLasso.exe
- Size
  
  1.8MB
- MD5
  
  7ad00b88f224108c8f28e65698844a63
- SHA1
  
  2b101ae272c02c15c3048c3dca1088e67bf83862
- SHA256
  
  11b92eca6aaf291579aae4266fc45340aef19233a461798aaf2939d7ac2b2605
- SHA512
  
  fc58c2307c5cfd8d8e302e4fb6bf7aeec94bb30b46591e4598809f81b889a8b3295e9d341a331f789003a947973f145ab97c380d37c5ce91d333f0f5c352e4ce
- SSDEEP
  
  24576:yLyCSyM2YvYyC2gnyR3g7nVNHKpOH+PnC/nG97+N1p2E22r1STBvXVJcFJ+S7FEd:yu8CgnCg7VN+C/z1/RSFVWp9Mf
Score

1^/10
behavioral23 behavioral24
- Target
  
  ProcessLassoLauncher.exe
- Size
  
  397KB
- MD5
  
  0271f3b6fcb68f9d2d02957feecbab39
- SHA1
  
  c1bee1c29b2058a4c98c8057370c4beb93372233
- SHA256
  
  046e04a71622e7cd87e6c34259c48dc36f173f864c3986cd9059709a7d746b41
- SHA512
  
  040b423649a7356b2664132dc791d5e63dcba4ed72d2423237714544a435e523cc9b33c0c9e3bdd6c7fcdf8149560f48441102748b85e302b4a7d56545dfb80f
- SSDEEP
  
  3072:q1hBjA8ZOHWQ97VpEwYNY/SooDlArk7HoZ7WK7T1YP:OhhA8IHW2VWnAr7WGa
Score

5^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral25 behavioral26
- Target
  
  QuickUpgrade.exe
- Size
  
  470KB
- MD5
  
  06c4fe95b2ac2a6b334dbbd795fcee23
- SHA1
  
  5a58f4866fd38dacf198943883cf894d079fd7eb
- SHA256
  
  322410618f06240a9a7f6e853385fbb4ab6dd191f40a79c10ab059d369e3a625
- SHA512
  
  0d1d5e534061a94ef7d0a275908f4fdf41c231e835673a07d9fd4a355f155348c02f7f7a39c5b7752f1e07d473e40a9d207043ca615e4cb3ae56fc0460a10e8f
- SSDEEP
  
  3072:8MlF9kZSKyI9m1+rxy9dTDs/ZR1ctUA/86KF7HEG+qMQOrUsLVtPk7HoZ7WK7TBR:8MlsT9u+ty9xElcyWK+OKfLP7WG4
Score

6^/10

discovery
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral27 behavioral28
- Target
  
  ThreadRacer.exe
- Size
  
  534KB
- MD5
  
  1b53625cf9df5b8b5b0e3b07a4ad0436
- SHA1
  
  5980a6f8558c1d6ace9b292bfbd0f0f55271b407
- SHA256
  
  015480e8443c56f5562fc29830a594676526c1b15c606e202f9d51029a64ef47
- SHA512
  
  ab8b1a716d5cfddee599649b3de869d512ed5202c4e08353fdbfa50107f912c911963e8ecd38b221ddb40989f3aba58796477594d197c4c4896962e340ea0c77
- SSDEEP
  
  3072:APO0Gp8YiDjWgjDddsuUckNJktwzp/i5d03Q2hc6VEpjbgtGjv/AsGc6/cANCMkG:APOn8Y8NnaeidAdYHRVEpGpcANd7WGxb
Score

1^/10
behavioral29 behavioral30
- Target
  
  TweakScheduler.exe
- Size
  
  619KB
- MD5
  
  763ea87e142c4eb38804a05f7b31a423
- SHA1
  
  e38ef8bf61df89dcd9ea4ac1453eac225efa1ae5
- SHA256
  
  6c7454cc3047d9d90bc53f65dde889b49ea8a7769c577cc326e19643fece275a
- SHA512
  
  19ee80fda25939506c51b2b1007dafc3c1bd566e6aac80ab3827fa3e39a9652c08403773dbdca69b6fbcf3714b3aaaabd8f09548a3799f779c2141919ed208d7
- SSDEEP
  
  6144:Hgvo9kk2z8iWNrJLMy7tIIpM/JZdbjKYop1qtWzUpNfVvOtxOVxaY5:592z8JfNNMxZdbjDofP8NpsY5
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Drops file in Drivers directory

Checks computer location settings

Downloads MZ/PE file

Checks computer location settings

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32