Overview
overview
10Static
static
10Thanks For...PI.dll
windows7-x64
1Thanks For...PI.dll
windows10-2004-x64
1Thanks For...ct.dll
windows7-x64
1Thanks For...ct.dll
windows10-2004-x64
1Thanks For...ti.dll
windows7-x64
1Thanks For...ti.dll
windows10-2004-x64
1Thanks For...nx.dll
windows7-x64
1Thanks For...nx.dll
windows10-2004-x64
1Thanks For...xe.exe
windows7-x64
3Thanks For...xe.exe
windows10-2004-x64
3Thanks For...ay.ps1
windows7-x64
3Thanks For...ay.ps1
windows10-2004-x64
3Thanks For...ls.ps1
windows7-x64
3Thanks For...ls.ps1
windows10-2004-x64
3Thanks For...or.ps1
windows7-x64
3Thanks For...or.ps1
windows10-2004-x64
3Thanks For...pt.ps1
windows7-x64
3Thanks For...pt.ps1
windows10-2004-x64
3Thanks For...te.ps1
windows7-x64
3Thanks For...te.ps1
windows10-2004-x64
3Thanks For...og.ps1
windows7-x64
3Thanks For...og.ps1
windows10-2004-x64
3Thanks For...el.ps1
windows7-x64
3Thanks For...el.ps1
windows10-2004-x64
3Thanks For...Ex.ps1
windows7-x64
3Thanks For...Ex.ps1
windows10-2004-x64
3Thanks For...le.ps1
windows7-x64
3Thanks For...le.ps1
windows10-2004-x64
3Thanks For...us.ps1
windows7-x64
3Thanks For...us.ps1
windows10-2004-x64
3Thanks For...ox.ps1
windows7-x64
3Thanks For...ox.ps1
windows10-2004-x64
3General
-
Target
S400.CrackedByLMJ.rar
-
Size
10.2MB
-
Sample
240907-tpan5sscql
-
MD5
40ec42776d20ddf033c96cdce5726812
-
SHA1
d104f876c7ced7e8eb2fb6fe079af73f6f002a97
-
SHA256
498df8057ccd98b0cc7b47fb53276fb2cf040d5f745c6138d4b574df620e7ce2
-
SHA512
4708394c61820076d085480c94263ed577d5c528f2454b421829940c95c3fc88fd0a891979f30fdbac8bef1810fee22c1c02e7c96fe110c91d32585febe17f0b
-
SSDEEP
196608:uXQ6Six3oz37XVk6zP8+ADo9msQ/UjzTVSrvtJgOlq+Q8fjLwylzeiWR:MVeLXVLrSooNMfTgrFbq+QGgy4xR
Behavioral task
behavioral1
Sample
Thanks For Purchase/S-400 [EXTRACT]/API.dll
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
Thanks For Purchase/S-400 [EXTRACT]/API.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/Act.dll
Resource
win7-20240704-en
Behavioral task
behavioral4
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/Act.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/Anti.dll
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/Anti.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/Anx.dll
Resource
win7-20240708-en
Behavioral task
behavioral8
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/Anx.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Aut2Exe/Aut2exe.exe
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Aut2Exe/Aut2exe.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral11
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/Array.ps1
Resource
win7-20240704-en
Behavioral task
behavioral12
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/Array.ps1
Resource
win10v2004-20240802-en
Behavioral task
behavioral13
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/ArrayDisplayInternals.ps1
Resource
win7-20240729-en
Behavioral task
behavioral14
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/ArrayDisplayInternals.ps1
Resource
win10v2004-20240802-en
Behavioral task
behavioral15
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/Color.ps1
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/Color.ps1
Resource
win10v2004-20240802-en
Behavioral task
behavioral17
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/Crypt.ps1
Resource
win7-20240903-en
Behavioral task
behavioral18
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/Crypt.ps1
Resource
win10v2004-20240802-en
Behavioral task
behavioral19
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/Date.ps1
Resource
win7-20240708-en
Behavioral task
behavioral20
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/Date.ps1
Resource
win10v2004-20240802-en
Behavioral task
behavioral21
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/EventLog.ps1
Resource
win7-20240903-en
Behavioral task
behavioral22
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/EventLog.ps1
Resource
win10v2004-20240802-en
Behavioral task
behavioral23
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/Excel.ps1
Resource
win7-20240903-en
Behavioral task
behavioral24
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/Excel.ps1
Resource
win10v2004-20240802-en
Behavioral task
behavioral25
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/FTPEx.ps1
Resource
win7-20240903-en
Behavioral task
behavioral26
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/FTPEx.ps1
Resource
win10v2004-20240802-en
Behavioral task
behavioral27
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/File.ps1
Resource
win7-20240903-en
Behavioral task
behavioral28
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/File.ps1
Resource
win10v2004-20240802-en
Behavioral task
behavioral29
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/GDIPlus.ps1
Resource
win7-20240729-en
Behavioral task
behavioral30
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/GDIPlus.ps1
Resource
win10v2004-20240802-en
Behavioral task
behavioral31
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/GuiComboBox.ps1
Resource
win7-20240903-en
Behavioral task
behavioral32
Sample
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/GuiComboBox.ps1
Resource
win10v2004-20240802-en
Malware Config
Targets
-
-
Target
Thanks For Purchase/S-400 [EXTRACT]/API.dll
-
Size
51KB
-
MD5
df1b7e8e22353b01a29cb972d054ee16
-
SHA1
27df441b511a5f4aea9a24b54cddb8d7b5fdbdd7
-
SHA256
9eeea1447ac2fadce2b6dbdd73a607052007f2e3c4381336e3e31450a5092509
-
SHA512
271b8ad7d51c379b0a21adcd9f1a8bf2a9f239ef5174b7d7ce9567e09aaa361a90988d63cccb6ab2b71f6936a42ecddc9f9a424a4feca1ea925cc57458e8ebd7
-
SSDEEP
768:DaeCA3W2BB9q4yVUy+4ousziMWZ2f1TZKbhE4wJI86zyemRoY38u9ZwSn:DaeCA3TorVYjWisOJBWylx38uP
Score1/10 -
-
-
Target
Thanks For Purchase/S-400 [EXTRACT]/FC/Act.dll
-
Size
12KB
-
MD5
40514fa1bab88f1b8c4c2a42d361f67c
-
SHA1
9794f98cb73d50754d595cc80f7b569672c5ef5d
-
SHA256
44e9418e96f5eb466f79b77b4e9fe550f392ae84cc5f335faf4adb8d1f02c120
-
SHA512
a8d1c32245d8c4c93137631ec9026fb05abb5261d0ee3cca2f32f378bb54184d1d3c8d32c7916bce1c63243e929b5ab8601c82351902587f16b5b43119031de0
-
SSDEEP
192:6uaZFwqkC4x50O4GsCLfm0VJ1n/xEx1V9O0uUlFgyHTzIW1Pn/vU+MgWDJnLLk:6u52OR80VJ1nZmBx3lWyHT9n/8+CFM
Score1/10 -
-
-
Target
Thanks For Purchase/S-400 [EXTRACT]/FC/Anti.dll
-
Size
12KB
-
MD5
ab646175867b7602f2497f3e8a8bb8e6
-
SHA1
7e5bc0df0baf3771b9c730ac437c9867a783c498
-
SHA256
b6d8c15ecfe75c7f1a3082ce202cb85ee84450bb95f83e0e1d8f202036571524
-
SHA512
92bcf728a8f6ed3e79512acd7d5aad4b65c8266a03e6ea325727f6539e51799d97f4b3bd0a158786e4f59785cb7dde0d2eb951b2d7c7f7e000a119d4a9b1eb82
-
SSDEEP
384:boEUEB2YJWVGmn+faqn2+lSyzT9n/1GbKf8:boEUEdcb+fDX/Emf8
Score1/10 -
-
-
Target
Thanks For Purchase/S-400 [EXTRACT]/FC/Anx.dll
-
Size
23KB
-
MD5
0f52530cf216a3cf65fd195c8b29768d
-
SHA1
4675f8ddd03ab1fe6de9a4d5c2c1b4511ec5bc5b
-
SHA256
40d7c2fab8c23cb959842c8d74eff8541a4b1c1dcbec99806e3c92e7f990d962
-
SHA512
42035cd7075d4019fbc42b2ae470a4c224e121c47a41925e3fec2f344aa298e1e2c95118ee0ba6a53f9ae8adf0ccf94381b21fb3b5caf2b90c28936cbc1d0c83
-
SSDEEP
384:aRrUJh5fljJul3zsW3cffwElNZyzAd2U2tbKc1TokI7yC1e5Iuf6R/elISjsdm:aR0h5fl8l3r3cnDT2RKc1C1evuqYdm
Score1/10 -
-
-
Target
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Aut2Exe/Aut2exe.exe
-
Size
1.3MB
-
MD5
88d518a90f4187b4542618cd328d7a34
-
SHA1
fa5fd671f8aabce769f82b960634d54c4a27e502
-
SHA256
5affc1a22d87715d5da70bfddb081335ca0a382b9cc4a54e18263047a76d5d81
-
SHA512
a1ed751ba7518dcb2cf9ab821fa28690d8f4a41238e4b8d97b37c00eef5662147dea600c90a7192142808f6668f8d252372e0712415d0fb7b9d1faa53b2b7769
-
SSDEEP
24576:k30RJ529+RipvL1SXk1QE1RGOTnIEQc4au9NgxnHNnz:kE89+ApwXk1QE1RzsEQPaxHNz
Score3/10 -
-
-
Target
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/Array.au3
-
Size
79KB
-
MD5
464c252c46aa2b3dc3151f56cecea340
-
SHA1
2246004486a617515adaf7369f1bf9093e2ffe2f
-
SHA256
ca1103c91271e92ef0bf4b9ed3c34280117ca86d7a666878785f1af61fa947a1
-
SHA512
4b97d855e50c2009de95513a2514b7fa39ef70a163dd402201ceab2e86368140ce1fb7d94367bb880209b41eedbe98aa3db0f1813cee089d2a74f2cfcbdcba60
-
SSDEEP
1536:4lXhsWYNm6QS2uO+vPbsUXxNdkKKmQUEKBv39yxKry66pFL77snBONkTJhQBDANG:ePYFQS1tZAmQSv39yrDFL7zNkTJhQBDf
Score3/10 -
-
-
Target
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/ArrayDisplayInternals.au3
-
Size
32KB
-
MD5
2df11d2c3c0265a4c464d69edc2fb2c3
-
SHA1
1c46ca052fcbac85c1f7ce7a5100f0ba922d90e5
-
SHA256
dd8e3aed69555f3ae83b4eac26f92a0ff527c376097f1c58136b6709a6963d8e
-
SHA512
f8cfbbf09adfe61019672a5394ff371d2b25b6e4123bdb08c0b5cefa751d86ac158e593ed3612c8f50ad8277f7a20e93735a9c94231ddb329d3a41e05b8aefdd
-
SSDEEP
384:REL2FJOu5t3uqbxl6wmHeix8yCdYcpvNfYYr7bL/R7EVTQqLft8hl5oEwiuydwCJ:Gubf6w7yANfYIOFQ6ihTZRhmqAQlPF
Score3/10 -
-
-
Target
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/Color.au3
-
Size
9KB
-
MD5
2753a47247c4c51ca0f74ae209fccfae
-
SHA1
fd4a7c0efda4e6e06a9f4938ce85019562e977d8
-
SHA256
10a5f94203af0033f9318f7b0b3af114a2b09f50fe1c16a0cecdf13bd7bf3e04
-
SHA512
7d751c2bd4719feccdde46174ddcfa1ec5d50217db95baf40cba194b07e0fe6d193d2ce2ede653b35c18cfb6903664fb12393912be8f9d792c4b972cbd6ce057
-
SSDEEP
96:5Y/vQKBxiz4e8S3Vtw5jrdIKSWBKEaUKCkzR72YRNRCTi6OifGZ0dh3ZoL:5MvQKBxinYIK/JkzR72YRNRCvxGOdK
Score3/10 -
-
-
Target
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/Crypt.au3
-
Size
26KB
-
MD5
808a9c9418c34c225c428df9fadb2c78
-
SHA1
e0a31208a6d1d5bde7819eb7026077660d1e717a
-
SHA256
8180b5e7821772d5f09d3fee7a7b8b85bd5e56b2cce25ef488cc92e45b20c73e
-
SHA512
27c30271fa5657ad20682734a12770bff0f06872fb4451fd7e1363d47eb1136dc6cef737f5839845f797a940e6ddced687afd73151baa0308e59f1156aed6515
-
SSDEEP
384:+wkcb9/DFAHdtPfb4AfrRihjUjUEtN2U/KluprhthR97K3nLJtoLgyHY0TaDazhY:CijEDpgDa+/
Score3/10 -
-
-
Target
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/Date.au3
-
Size
80KB
-
MD5
4b5f09fc4734bcd4f1aa848ab682b7fc
-
SHA1
89d24dd131e3320da36f5b91f9f71b452435506c
-
SHA256
c3437b7ac8cccd7c297067f78fd59a3befb545c2b46914172b34e4254ba8b5ff
-
SHA512
b4ffe6781db4da7f9901f45f9f5befb2a4458a7797baf56d57043aae3cdbaab90789d2871805f6eba3f3c5da9b9c6400514a203e50c7f9c5a0de593d75e0c758
-
SSDEEP
768:v9G3lrI1yiM3e6eCAjaE35/fpJiMrQYiFDol7ElEaRra:v9G3lr6YeCAjaE35AzM72Rra
Score3/10 -
-
-
Target
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/EventLog.au3
-
Size
30KB
-
MD5
9ffea7d53c1ef4a8a48ae41f40f69f4d
-
SHA1
88c74374c4de74224e98dbedd169e5fc16e4b48e
-
SHA256
91a0ce94e41420fc31b173a982490364ffcb83cb379caee31331fc4dd404c603
-
SHA512
272645a062a2193f2778b5256a002c776777af7ac680bc2ad5656a8fd08db1b7ee7410c10784dad12dac5407f78d7fe58935dca9ad3c4b2f65faa8dbad050ca7
-
SSDEEP
768:OHGx5vJNiaLWLDnJo6oCUbd1i/Jv8pL5b1sK8AxnQOB8mAzcG:Qo6oQP
Score3/10 -
-
-
Target
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/Excel.au3
-
Size
56KB
-
MD5
1aeb32d807a5dd3748ac73ca30ac24bb
-
SHA1
36e8f32c6bf2298311ce04f74f122338baa59d1e
-
SHA256
270e63affb03229d330404c91ed8e89b2966f535ae8f8315d58ee8a84306ba6f
-
SHA512
dad029524b435f0520684f1abdecf188fe6c048a7e3552f439a87e9e12424cac0861ff842ff7fc9478ef1044813c72dcb431f9678d83afc7d55df602719caade
-
SSDEEP
1536:5g0ucNv6VYjnaa7aEryaT1Bzn/Q+batrIaErIXahr4aErdxqLbZaEr+4+Ccahr4M:huASYjnaa7aEryaT1Bzn/Q+batrIaErf
Score3/10 -
-
-
Target
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/FTPEx.au3
-
Size
44KB
-
MD5
1cd7a6dd5b30ac21c22d2b8520d10009
-
SHA1
9797bada8acbe71c9dabdb99ee8e0961f7f909a4
-
SHA256
6fd4ef67264279b05ad5a646cac51c7166e427d9f378e5bce44047b4accd6c2c
-
SHA512
8fdf533ec7ee2bc8059eb1ccc98488880ea38b549389daaa6bc3a633f54fe204dbf47f338af542abeaad88bae31d9098f28d3703a9d0d9af153419daf1aae6ed
-
SSDEEP
384:r0tgq6DQNWEg/B3X7WMY2SL4M+E3Pap9Sg2a/IlwVI5YI3PVfBzACzd2PHWdbb1f:+s/pKqHsa/IlwVI5Ygmw2hE
Score3/10 -
-
-
Target
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/File.au3
-
Size
42KB
-
MD5
c3b2ff67de108db94c28fce35eb06302
-
SHA1
c6f42262996198d3cb6e66af2492e3deb9264eb7
-
SHA256
821cac4ffd91c9486b00c7449800713024568c522d0577ebc1f6633f45b57cdb
-
SHA512
83a152e126972ea3ae663cade96925763319d61382c3e9f9845e2ddc41335bc081df29b6569c5f4a40b68b98029458de6bd9c0dfdb0849fba0036f3957200fc6
-
SSDEEP
768:3kLkIyvVdXvsMZgjZDjSNfClLqlkkYINgfaXfTZ6qHEBJbkdnZkR9n3:U4IyvV5sMZgjkNal3kYI2SBkBJot+R93
Score3/10 -
-
-
Target
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/GDIPlus.au3
-
Size
297KB
-
MD5
c145b996a8d464d7780885f52f185008
-
SHA1
24842f225a67c0bcf3aecda58c166797085565ee
-
SHA256
7fb1b1ea138d0267061e358505abb0de480b14641df594cdb5292c9e8749afe2
-
SHA512
6cb25ba18583ceeb6a868b01d5b7b0473d8e51f657c50355a5de486798a3f7a97770a483213034545d565fe620e5b6213723bdeb78b836c4cfe9f50b029fb0b1
-
SSDEEP
3072:Lk8P+7THYQr3+NQx/GSHTrChJ2v0Y/j4bE78rLvlkK9Wr8Lk:rPq3vu+6Il
Score3/10 -
-
-
Target
Thanks For Purchase/S-400 [EXTRACT]/FC/CVE_Port/AutoIt3/Include/GuiComboBox.au3
-
Size
40KB
-
MD5
92e8b9868c64047bf71cf0e6e96a77ce
-
SHA1
8907646dd4349f655e4c6a4a23cddff6d350789f
-
SHA256
236f6f10ef03c8fc589fe0026e09ac1654c603c2a8b1e7442bebb0fc53f74779
-
SHA512
fdf4ae6693753b08301b702bcffcac0c4f8fadf8d1de956526229ca17d94a8371203f0f823f05cf94d05f006f4bb1cfb7b4dbe78b1c4ce3a8056cffb0446c6bd
-
SSDEEP
768:njDzpjiZ8LcJleS+krE1dEAnhWDydtcHq7x01zVqfYJBJ8/S/co16Qj+DbctGl0m:jxS+Ucg5ob
Score3/10 -