6e2cd6207295b04d5e7172dfe2445a5f7090ec436bb23b4c8833c3333f34dd5f

General

Target

Новая сжатая ZIP-папка.zip
Size

60.9MB
Sample

240911-s6bgbsydmp
MD5

dae85a0bd45685cf6fbd7ff925ab12d0
SHA1

f31b68d891986fd03f9fe73554bdf50d3b432b1d
SHA256

6e2cd6207295b04d5e7172dfe2445a5f7090ec436bb23b4c8833c3333f34dd5f
SHA512

5a388f8ffc6416e01aba27560cdd3f3760b8a125a572a2f2a886259fcf32e834164e7b51e5d360743a6bebf0a69244531ffab1409462a479f99e22e77e9635e3
SSDEEP

1572864:thkEHSIKp5ZuqVdszsgtq7DCRhrMcrEDM44+4aMpS:tu3IlqrszFq7DCLrMYEw+Sc

Score

7^/10

discovery pyinstaller

Malware Config

Targets

- Target
  
  123.exe
- Size
  
  12.9MB
- MD5
  
  13339846d8eefab4e875dd81125d805e
- SHA1
  
  2e88a79e832a8450f63f0624f23600e93a1d7f5c
- SHA256
  
  1d1c04d1f0fc636fb476ea8c9e57de8ac23d5d6f028eb2db0afbb6e10291c7d3
- SHA512
  
  b146d704eff83afe064448d8fece49bf0c9bfd2289f5ad1c97b4ea6246481228667ea1a79aa1843a5beec48906520c3bab5c7d0103f7306dfd7afb9c772829b7
- SSDEEP
  
  196608:VwlYbPKk8yAiu27ooom4oSt9hqwUI1mIjdiXKc2gGOYNFq+OKBtZFb2hQ4edXde:Vk0soED9vjG1WFDBt/3E
Score

5^/10
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1
- Target
  
  cab0bqew.exe
- Size
  
  23.0MB
- MD5
  
  c226421ce513bb548a1ed3170a689dff
- SHA1
  
  b5aa6e2bc1b1cb6c5a4fa95fa62c84dd45f90104
- SHA256
  
  e8152805e9f9e6fc2e1df6e453e4b4b3cf685b73bcb859a985fd9e79b0c47b2c
- SHA512
  
  f53bea76a1f666e2446354e4f942489e7e8d34a5c985281621bcf5e84cf7fd802e318ba9cbe35eecf05340ec094b456ff5de8f99e5ade69900375be9dfdc3f9e
- SSDEEP
  
  393216:8lOFA/WbFv8iHgtg6zSNHreRzXFIiS4bWLISyYpu+/gukfg+b/ykeNAbivrtpJ:HFA/wWggtYFreRz1G4+yEu+VOg+mkexx
Score

5^/10
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral2
- Target
  
  systeminformer-3.1.24244-canary-setup.exe
- Size
  
  19.8MB
- MD5
  
  e19efed1ee74d0df0025d29656a1256f
- SHA1
  
  ede576a3af32f441b747ee2ebc09c362dc2d1ce6
- SHA256
  
  d1f0bcffe5e8b4b912f617315036812731131c94bf691b90abb1be45c87b5211
- SHA512
  
  b5837b98354cc27e78e75504d180c28d7098f3fe2bc1d01a04886ef68eb2f6269dd8f76f7ca6bf07e4d85e8df1adb719faa5c762b0044be9f36ce7bfe9dc7a5a
- SSDEEP
  
  393216:LTcvoL8ubEYtSlXDbEPi63z/XAJThYgScNwXK2+JBVyTdv7opTRdxT6GNKyr:RL6D5L63zYThtSceXK2+JBIdUJR6GNbr
Score

3^/10

discovery
behavioral3
- Target
  
  xy_extractor_reworked.exe
- Size
  
  8.3MB
- MD5
  
  d491bedc32612858c3b94df73e41d192
- SHA1
  
  2b6a7adfbd31ec1c7071073cf47e47989f203a31
- SHA256
  
  a8bfaf929e99a99e601bed89d6c31435304de846c50cce1f33a18a8ed9bdbb57
- SHA512
  
  5b8e218b6461ba34bec5efa53131dd7b8440ebefdf557367c3c150a7a7e77701405049164a40f06fd0706e1b627b38b5c8b9425aab45f460eb782c0570541993
- SSDEEP
  
  196608:AMhQIpCCsXDjpf3Zk648RmU/3ZlsPvVMQqTvN8C8BkO8:5hQBCENZk6tN3ZWTqT7H
Score

7^/10
- Loads dropped DLL
behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Suspicious use of NtSetInformationThreadHideFromDebugger

Suspicious use of NtSetInformationThreadHideFromDebugger

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4