General

  • Target

    S400.CrackedByLMJ.rar

  • Size

    10.2MB

  • Sample

    240907-tpan5sscql

  • MD5

    40ec42776d20ddf033c96cdce5726812

  • SHA1

    d104f876c7ced7e8eb2fb6fe079af73f6f002a97

  • SHA256

    498df8057ccd98b0cc7b47fb53276fb2cf040d5f745c6138d4b574df620e7ce2

  • SHA512

    4708394c61820076d085480c94263ed577d5c528f2454b421829940c95c3fc88fd0a891979f30fdbac8bef1810fee22c1c02e7c96fe110c91d32585febe17f0b

  • SSDEEP

    196608:uXQ6Six3oz37XVk6zP8+ADo9msQ/UjzTVSrvtJgOlq+Q8fjLwylzeiWR:MVeLXVLrSooNMfTgrFbq+QGgy4xR

Malware Config

Targets

    • Target

      Thanks For Purchase/S-400 [EXTRACT]/API.dll

    • Size

      51KB

    • MD5

      df1b7e8e22353b01a29cb972d054ee16

    • SHA1

      27df441b511a5f4aea9a24b54cddb8d7b5fdbdd7

    • SHA256

      9eeea1447ac2fadce2b6dbdd73a607052007f2e3c4381336e3e31450a5092509

    • SHA512

      271b8ad7d51c379b0a21adcd9f1a8bf2a9f239ef5174b7d7ce9567e09aaa361a90988d63cccb6ab2b71f6936a42ecddc9f9a424a4feca1ea925cc57458e8ebd7

    • SSDEEP

      768:DaeCA3W2BB9q4yVUy+4ousziMWZ2f1TZKbhE4wJI86zyemRoY38u9ZwSn:DaeCA3TorVYjWisOJBWylx38uP

    Score
    1/10
    • Target

      Thanks For Purchase/S-400 [EXTRACT]/FC/Act.dll

    • Size

      12KB

    • MD5

      40514fa1bab88f1b8c4c2a42d361f67c

    • SHA1

      9794f98cb73d50754d595cc80f7b569672c5ef5d

    • SHA256

      44e9418e96f5eb466f79b77b4e9fe550f392ae84cc5f335faf4adb8d1f02c120

    • SHA512

      a8d1c32245d8c4c93137631ec9026fb05abb5261d0ee3cca2f32f378bb54184d1d3c8d32c7916bce1c63243e929b5ab8601c82351902587f16b5b43119031de0

    • SSDEEP

      192:6uaZFwqkC4x50O4GsCLfm0VJ1n/xEx1V9O0uUlFgyHTzIW1Pn/vU+MgWDJnLLk:6u52OR80VJ1nZmBx3lWyHT9n/8+CFM

    Score
    1/10
    • Target

      Thanks For Purchase/S-400 [EXTRACT]/FC/Anti.dll

    • Size

      12KB

    • MD5

      ab646175867b7602f2497f3e8a8bb8e6

    • SHA1

      7e5bc0df0baf3771b9c730ac437c9867a783c498

    • SHA256

      b6d8c15ecfe75c7f1a3082ce202cb85ee84450bb95f83e0e1d8f202036571524

    • SHA512

      92bcf728a8f6ed3e79512acd7d5aad4b65c8266a03e6ea325727f6539e51799d97f4b3bd0a158786e4f59785cb7dde0d2eb951b2d7c7f7e000a119d4a9b1eb82

    • SSDEEP

      384:boEUEB2YJWVGmn+faqn2+lSyzT9n/1GbKf8:boEUEdcb+fDX/Emf8

    Score
    1/10
    • Target

      Thanks For Purchase/S-400 [EXTRACT]/FC/Anx.dll

    • Size

      23KB

    • MD5

      0f52530cf216a3cf65fd195c8b29768d

    • SHA1

      4675f8ddd03ab1fe6de9a4d5c2c1b4511ec5bc5b

    • SHA256

      40d7c2fab8c23cb959842c8d74eff8541a4b1c1dcbec99806e3c92e7f990d962

    • SHA512

      42035cd7075d4019fbc42b2ae470a4c224e121c47a41925e3fec2f344aa298e1e2c95118ee0ba6a53f9ae8adf0ccf94381b21fb3b5caf2b90c28936cbc1d0c83

    • SSDEEP

      384:aRrUJh5fljJul3zsW3cffwElNZyzAd2U2tbKc1TokI7yC1e5Iuf6R/elISjsdm:aR0h5fl8l3r3cnDT2RKc1C1evuqYdm

    Score
    1/10
    • Target

      Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Aut2Exe/Aut2exe.exe

    • Size

      1.3MB

    • MD5

      88d518a90f4187b4542618cd328d7a34

    • SHA1

      fa5fd671f8aabce769f82b960634d54c4a27e502

    • SHA256

      5affc1a22d87715d5da70bfddb081335ca0a382b9cc4a54e18263047a76d5d81

    • SHA512

      a1ed751ba7518dcb2cf9ab821fa28690d8f4a41238e4b8d97b37c00eef5662147dea600c90a7192142808f6668f8d252372e0712415d0fb7b9d1faa53b2b7769

    • SSDEEP

      24576:k30RJ529+RipvL1SXk1QE1RGOTnIEQc4au9NgxnHNnz:kE89+ApwXk1QE1RzsEQPaxHNz

    Score
    3/10
    • Target

      Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/Array.au3

    • Size

      79KB

    • MD5

      464c252c46aa2b3dc3151f56cecea340

    • SHA1

      2246004486a617515adaf7369f1bf9093e2ffe2f

    • SHA256

      ca1103c91271e92ef0bf4b9ed3c34280117ca86d7a666878785f1af61fa947a1

    • SHA512

      4b97d855e50c2009de95513a2514b7fa39ef70a163dd402201ceab2e86368140ce1fb7d94367bb880209b41eedbe98aa3db0f1813cee089d2a74f2cfcbdcba60

    • SSDEEP

      1536:4lXhsWYNm6QS2uO+vPbsUXxNdkKKmQUEKBv39yxKry66pFL77snBONkTJhQBDANG:ePYFQS1tZAmQSv39yrDFL7zNkTJhQBDf

    Score
    3/10
    • Target

      Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/ArrayDisplayInternals.au3

    • Size

      32KB

    • MD5

      2df11d2c3c0265a4c464d69edc2fb2c3

    • SHA1

      1c46ca052fcbac85c1f7ce7a5100f0ba922d90e5

    • SHA256

      dd8e3aed69555f3ae83b4eac26f92a0ff527c376097f1c58136b6709a6963d8e

    • SHA512

      f8cfbbf09adfe61019672a5394ff371d2b25b6e4123bdb08c0b5cefa751d86ac158e593ed3612c8f50ad8277f7a20e93735a9c94231ddb329d3a41e05b8aefdd

    • SSDEEP

      384:REL2FJOu5t3uqbxl6wmHeix8yCdYcpvNfYYr7bL/R7EVTQqLft8hl5oEwiuydwCJ:Gubf6w7yANfYIOFQ6ihTZRhmqAQlPF

    Score
    3/10
    • Target

      Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/Color.au3

    • Size

      9KB

    • MD5

      2753a47247c4c51ca0f74ae209fccfae

    • SHA1

      fd4a7c0efda4e6e06a9f4938ce85019562e977d8

    • SHA256

      10a5f94203af0033f9318f7b0b3af114a2b09f50fe1c16a0cecdf13bd7bf3e04

    • SHA512

      7d751c2bd4719feccdde46174ddcfa1ec5d50217db95baf40cba194b07e0fe6d193d2ce2ede653b35c18cfb6903664fb12393912be8f9d792c4b972cbd6ce057

    • SSDEEP

      96:5Y/vQKBxiz4e8S3Vtw5jrdIKSWBKEaUKCkzR72YRNRCTi6OifGZ0dh3ZoL:5MvQKBxinYIK/JkzR72YRNRCvxGOdK

    Score
    3/10
    • Target

      Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/Crypt.au3

    • Size

      26KB

    • MD5

      808a9c9418c34c225c428df9fadb2c78

    • SHA1

      e0a31208a6d1d5bde7819eb7026077660d1e717a

    • SHA256

      8180b5e7821772d5f09d3fee7a7b8b85bd5e56b2cce25ef488cc92e45b20c73e

    • SHA512

      27c30271fa5657ad20682734a12770bff0f06872fb4451fd7e1363d47eb1136dc6cef737f5839845f797a940e6ddced687afd73151baa0308e59f1156aed6515

    • SSDEEP

      384:+wkcb9/DFAHdtPfb4AfrRihjUjUEtN2U/KluprhthR97K3nLJtoLgyHY0TaDazhY:CijEDpgDa+/

    Score
    3/10
    • Target

      Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/Date.au3

    • Size

      80KB

    • MD5

      4b5f09fc4734bcd4f1aa848ab682b7fc

    • SHA1

      89d24dd131e3320da36f5b91f9f71b452435506c

    • SHA256

      c3437b7ac8cccd7c297067f78fd59a3befb545c2b46914172b34e4254ba8b5ff

    • SHA512

      b4ffe6781db4da7f9901f45f9f5befb2a4458a7797baf56d57043aae3cdbaab90789d2871805f6eba3f3c5da9b9c6400514a203e50c7f9c5a0de593d75e0c758

    • SSDEEP

      768:v9G3lrI1yiM3e6eCAjaE35/fpJiMrQYiFDol7ElEaRra:v9G3lr6YeCAjaE35AzM72Rra

    Score
    3/10
    • Target

      Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/EventLog.au3

    • Size

      30KB

    • MD5

      9ffea7d53c1ef4a8a48ae41f40f69f4d

    • SHA1

      88c74374c4de74224e98dbedd169e5fc16e4b48e

    • SHA256

      91a0ce94e41420fc31b173a982490364ffcb83cb379caee31331fc4dd404c603

    • SHA512

      272645a062a2193f2778b5256a002c776777af7ac680bc2ad5656a8fd08db1b7ee7410c10784dad12dac5407f78d7fe58935dca9ad3c4b2f65faa8dbad050ca7

    • SSDEEP

      768:OHGx5vJNiaLWLDnJo6oCUbd1i/Jv8pL5b1sK8AxnQOB8mAzcG:Qo6oQP

    Score
    3/10
    • Target

      Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/Excel.au3

    • Size

      56KB

    • MD5

      1aeb32d807a5dd3748ac73ca30ac24bb

    • SHA1

      36e8f32c6bf2298311ce04f74f122338baa59d1e

    • SHA256

      270e63affb03229d330404c91ed8e89b2966f535ae8f8315d58ee8a84306ba6f

    • SHA512

      dad029524b435f0520684f1abdecf188fe6c048a7e3552f439a87e9e12424cac0861ff842ff7fc9478ef1044813c72dcb431f9678d83afc7d55df602719caade

    • SSDEEP

      1536:5g0ucNv6VYjnaa7aEryaT1Bzn/Q+batrIaErIXahr4aErdxqLbZaEr+4+Ccahr4M:huASYjnaa7aEryaT1Bzn/Q+batrIaErf

    Score
    3/10
    • Target

      Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/FTPEx.au3

    • Size

      44KB

    • MD5

      1cd7a6dd5b30ac21c22d2b8520d10009

    • SHA1

      9797bada8acbe71c9dabdb99ee8e0961f7f909a4

    • SHA256

      6fd4ef67264279b05ad5a646cac51c7166e427d9f378e5bce44047b4accd6c2c

    • SHA512

      8fdf533ec7ee2bc8059eb1ccc98488880ea38b549389daaa6bc3a633f54fe204dbf47f338af542abeaad88bae31d9098f28d3703a9d0d9af153419daf1aae6ed

    • SSDEEP

      384:r0tgq6DQNWEg/B3X7WMY2SL4M+E3Pap9Sg2a/IlwVI5YI3PVfBzACzd2PHWdbb1f:+s/pKqHsa/IlwVI5Ygmw2hE

    Score
    3/10
    • Target

      Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/File.au3

    • Size

      42KB

    • MD5

      c3b2ff67de108db94c28fce35eb06302

    • SHA1

      c6f42262996198d3cb6e66af2492e3deb9264eb7

    • SHA256

      821cac4ffd91c9486b00c7449800713024568c522d0577ebc1f6633f45b57cdb

    • SHA512

      83a152e126972ea3ae663cade96925763319d61382c3e9f9845e2ddc41335bc081df29b6569c5f4a40b68b98029458de6bd9c0dfdb0849fba0036f3957200fc6

    • SSDEEP

      768:3kLkIyvVdXvsMZgjZDjSNfClLqlkkYINgfaXfTZ6qHEBJbkdnZkR9n3:U4IyvV5sMZgjkNal3kYI2SBkBJot+R93

    Score
    3/10
    • Target

      Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/GDIPlus.au3

    • Size

      297KB

    • MD5

      c145b996a8d464d7780885f52f185008

    • SHA1

      24842f225a67c0bcf3aecda58c166797085565ee

    • SHA256

      7fb1b1ea138d0267061e358505abb0de480b14641df594cdb5292c9e8749afe2

    • SHA512

      6cb25ba18583ceeb6a868b01d5b7b0473d8e51f657c50355a5de486798a3f7a97770a483213034545d565fe620e5b6213723bdeb78b836c4cfe9f50b029fb0b1

    • SSDEEP

      3072:Lk8P+7THYQr3+NQx/GSHTrChJ2v0Y/j4bE78rLvlkK9Wr8Lk:rPq3vu+6Il

    Score
    3/10
    • Target

      Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/GuiComboBox.au3

    • Size

      40KB

    • MD5

      92e8b9868c64047bf71cf0e6e96a77ce

    • SHA1

      8907646dd4349f655e4c6a4a23cddff6d350789f

    • SHA256

      236f6f10ef03c8fc589fe0026e09ac1654c603c2a8b1e7442bebb0fc53f74779

    • SHA512

      fdf4ae6693753b08301b702bcffcac0c4f8fadf8d1de956526229ca17d94a8371203f0f823f05cf94d05f006f4bb1cfb7b4dbe78b1c4ce3a8056cffb0446c6bd

    • SSDEEP

      768:njDzpjiZ8LcJleS+krE1dEAnhWDydtcHq7x01zVqfYJBJ8/S/co16Qj+DbctGl0m:jxS+Ucg5ob

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks

static1

agilenet
Score
10/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

Score
1/10

behavioral5

Score
1/10

behavioral6

Score
1/10

behavioral7

Score
1/10

behavioral8

Score
1/10

behavioral9

discovery
Score
3/10

behavioral10

discovery
Score
3/10

behavioral11

execution
Score
3/10

behavioral12

execution
Score
3/10

behavioral13

execution
Score
3/10

behavioral14

execution
Score
3/10

behavioral15

execution
Score
3/10

behavioral16

execution
Score
3/10

behavioral17

execution
Score
3/10

behavioral18

execution
Score
3/10

behavioral19

execution
Score
3/10

behavioral20

execution
Score
3/10

behavioral21

execution
Score
3/10

behavioral22

execution
Score
3/10

behavioral23

execution
Score
3/10

behavioral24

execution
Score
3/10

behavioral25

execution
Score
3/10

behavioral26

execution
Score
3/10

behavioral27

execution
Score
3/10

behavioral28

execution
Score
3/10

behavioral29

execution
Score
3/10

behavioral30

execution
Score
3/10

behavioral31

execution
Score
3/10

behavioral32

execution
Score
3/10