183b7e2578d466fbdb15010fa5513eb1b542a7130fbfd82aee01846f9360f02f

General

Target

EXM Free Tweaking Utility V5.zip
Size

25KB
Sample

240914-cdhf6s1djk
MD5

3badfb939ba30f1ab211093a8b729a5a
SHA1

dbfde8a144018a16fb985cd6ee41b09d93de8dbd
SHA256

183b7e2578d466fbdb15010fa5513eb1b542a7130fbfd82aee01846f9360f02f
SHA512

8ce75aad276c20939c808aa5d07f871cf27675c07bf01f4ffa8f04c451a379e510031c5f79b68d45c3beba43171094800508d5c4bc71c65b05a9e5c11dffb430
SSDEEP

384:PjW3nC6xGdzjfzgkYv2Gz1HyDLx6hrXpLqslbLElrEJgGA5Zlix26S99rhUsyAtv:7SC6xWzgkCzNyP+e8bkrtkx899h

Score

9^/10

Malware Config

Targets

- Target
  
  EXM Free Tweaking Utility V5.zip
- Size
  
  25KB
- MD5
  
  3badfb939ba30f1ab211093a8b729a5a
- SHA1
  
  dbfde8a144018a16fb985cd6ee41b09d93de8dbd
- SHA256
  
  183b7e2578d466fbdb15010fa5513eb1b542a7130fbfd82aee01846f9360f02f
- SHA512
  
  8ce75aad276c20939c808aa5d07f871cf27675c07bf01f4ffa8f04c451a379e510031c5f79b68d45c3beba43171094800508d5c4bc71c65b05a9e5c11dffb430
- SSDEEP
  
  384:PjW3nC6xGdzjfzgkYv2Gz1HyDLx6hrXpLqslbLElrEJgGA5Zlix26S99rhUsyAtv:7SC6xWzgkCzNyP+e8bkrtkx899h
Score

1^/10
behavioral1 behavioral2
- Target
  
  EXM Free Tweaking Utility V5.bat
- Size
  
  245KB
- MD5
  
  253c21ab20f07aa19b67af3436563eb5
- SHA1
  
  fd8e1ffc32e01acf138cfaf3c226092fd073a33c
- SHA256
  
  871d2c8357102474f1affb448f9ad0dd97ab3d77c87509b009c45dbd72599cc4
- SHA512
  
  69725ca9cfc6ae5f2fed6820696d0a505771ab56cd5ae3f74ad4a3c38e4fdc947b8c34046df4c8085dfaa3bddf9de28984784afe72520b1b4c93478a16ba6919
- SSDEEP
  
  1536:z8HHusY/f7rmamnUk01vmeA0EsDmnUk01tr1ydkvC6cM1rw2rwbS+m+Wm:4usPs0TVOe
Score

9^/10

execution defense_evasion discovery persistence privilege_escalation
- Modifies boot configuration data using bcdedit
- Event Triggered Execution: Image File Execution Options Injection
  persistence
- Indicator Removal: Clear Persistence
  remove IFEO.
  defense_evasion
- Indicator Removal: File Deletion
  Adversaries may delete files left behind by the actions of their intrusion activity.
  defense_evasion
- Power Settings
  powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.
  persistence
behavioral3 behavioral4