e1db5c05bf906481fed2a473472e25bdf1e66db6d84d80793a900a169a21ec0d

Sharing

Copy URL

Twitter E-mail

General

Target

Perky And Kanvs Optimization V1 (1).rar
Size

30.9MB
Sample

240917-s9ye9s1crg
MD5

b1ac232c1965f0218ceb28d3528078f3
SHA1

8d90f0b26e1c48f0d487f8a3e13ab99cfa7ed643
SHA256

e1db5c05bf906481fed2a473472e25bdf1e66db6d84d80793a900a169a21ec0d
SHA512

e31f7f919c7141d46b27a54be7c286f0afc9d182e3420aaac3a09a4fa53eb494459318528d4f6e9ea17f37ccff6a766aa18c5e0b172ff91934c975f12c92664e
SSDEEP

786432:2iSV1IY98G8o9m9RIzAPJsxHJKvBYPrsmZlvH:2iv0+JAJKsFZd

Score

7^/10

Malware Config

Targets

- Target
  
  Perky And Kanvs Optimization V1/0 Mouse Delay + Input Delay/ISLC/Intelligent standby list cleaner ISLC.exe
- Size
  
  415KB
- MD5
  
  89d15c051c0599560c92b076aa274499
- SHA1
  
  3cb71afeb143a8fadbb2c9ff8546687b34ef2ea4
- SHA256
  
  065ebe279db9b8b2fef5e9bd9137b5daf278c5444426b602405793cecf1e0cb8
- SHA512
  
  d5870881cec900ddab83fd23624369e1a21be259486523a6f64050cfe9390035e453fce66e9043672b55641e5ca5b4909a72ae809b2333f8e97d049f0a73a3b3
- SSDEEP
  
  6144:47leVdRQ/vqkg1gEagdQH6VdRQ/vqkg1gEagdQHYVdRQ/vqkg1gEagd0iaqP:8eV7uikFg9V7uikFgVV7uikFgRP
Score

1^/10
behavioral1 behavioral2
- Target
  
  Perky And Kanvs Optimization V1/0 Mouse Delay + Input Delay/TimerResolution/TimerResolution.exe
- Size
  
  32KB
- MD5
  
  2c9017dbc6c38d2567d550177d64a81d
- SHA1
  
  f77de1de8e39c17c299c25696cc7965bfe07028f
- SHA256
  
  8a0c6871ec6e09e4193f537884111006a947d7b3e9260110907777d0c4dd68d3
- SHA512
  
  244430ea44c510b61351941cd459278e2cd7bf88750643c49b2d710139b3c71b4a35e8379d2dccbce23a15105e1b6ad6c9444875dabaefeb311a45a9a0fc580a
- SSDEEP
  
  192:h0ZL+FnJA4o2TCFFlsDof85qan7hsDofi1oynazAetV0qMI18rii13:h0enJA4/2fkJn618zAo0qM68rv13
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  Perky And Kanvs Optimization V1/0 Mouse Delay + Input Delay/XMouseButtonControlSetup.2.20.5.exe
- Size
  
  2.9MB
- MD5
  
  2e9725bc1d71ad1b8006dfc5a2510f88
- SHA1
  
  6e1f7d12881696944bf5e030a7d131b969de0c6c
- SHA256
  
  2240bf5fb5d80938b0676c46ef9f84bc1739c32f60c473ff85e530ae0eca2818
- SHA512
  
  62bd9cde806f83f911f1068b452084ef2adc01bc0dec2d0f668a781cc0d94e39f6e35618264d8796ca205724725abd40429f463017e6ca5caf7d683429f82d39
- SSDEEP
  
  49152:n65SJw48kZN+nCYk7c44+Y0hdwn4Km2A5aT/pVE0hYYajihV2Qso0SWMrboF:tfpeno4oY0QZm2dlNJsrHM4
Score

7^/10

discovery
- Loads dropped DLL
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/ExecCmd.dll
- Size
  
  4KB
- MD5
  
  b9380b0bea8854fd9f93cc1fda0dfeac
- SHA1
  
  edb8d58074e098f7b5f0d158abedc7fc53638618
- SHA256
  
  1f4bd9c9376fe1b6913baeca7fb6df6467126f27c9c2fe038206567232a0e244
- SHA512
  
  45c3ab0f2bce53b75e72e43bac747dc0618342a3f498be8e2eb62a6db0b137fcdb1735da83051b14824996b5287109aa831e5859d6f21f0ed21b76b3d335418c
- SSDEEP
  
  48:ifXNtGNjFizsU35iej7luiwa28mDJmDKUOMQH0glay/Aa4r/:5Fef5iej5txKJKenlV4r/
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  d753362649aecd60ff434adf171a4e7f
- SHA1
  
  3b752ad064e06e21822c8958ae22e9a6bb8cf3d0
- SHA256
  
  8f24c6cf0b06d18f3c07e7bfca4e92afce71834663746cfaa9ddf52a25d5c586
- SHA512
  
  41bf41add275867553fa3bd8835cd7e2a2a362a2d5670ccbfad23700448bad9fe0f577fb6ee9d4eb81dfc10d463b325b8a873fe5912eb580936d4ad96587aa6d
- SSDEEP
  
  192:3Gs+dH4+oQOTgDbzuNfrigyULWsXXZF/01JJijnK72dwF7dBEnbok:3GvdH4qMebzPY2Vijn+BEnbo
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/ShellExecAsUser.dll
- Size
  
  7KB
- MD5
  
  86a81b9ab7de83aa01024593a03d1872
- SHA1
  
  8fd7c645e6e2cb1f1bcb97b3b5f85ce1660b66be
- SHA256
  
  27d61cacd2995f498ba971b3b2c53330bc0e9900c9d23e57b2927aadfdee8115
- SHA512
  
  cc37bd5d74d185077bdf6c4a974fb29922e3177e2c5971c664f46c057aad1236e6f3f856c5d82f1d677c29896f0e3e71283ef04f886db58abae151cb27c827ac
- SSDEEP
  
  96:GFZf6PnleKYcBVGKLyhkrw0qyz/sRXQVgKXohw8FFtkqCp:Gnf6IKTAKLyGOCqQomItQ
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  56a321bd011112ec5d8a32b2f6fd3231
- SHA1
  
  df20e3a35a1636de64df5290ae5e4e7572447f78
- SHA256
  
  bb6df93369b498eaa638b0bcdc4bb89f45e9b02ca12d28bcedf4629ea7f5e0f1
- SHA512
  
  5354890cbc53ce51081a78c64ba9c4c8c4dc9e01141798c1e916e19c5776dac7c82989fad0f08c73e81aaba332dad81205f90d0663119af45550b97b338b9cc3
- SSDEEP
  
  192:uv+cJZE61KRWJQO6tFiUdK7ckK4k7l1XRBm0w+NiHi1GSJ:uf6rtFRduQ1W+fG8
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  f832e4279c8ff9029b94027803e10e1b
- SHA1
  
  134ff09f9c70999da35e73f57b70522dc817e681
- SHA256
  
  4cd17f660560934a001fc8e6fdcea50383b78ca129fb236623a9666fcbd13061
- SHA512
  
  bf92b61aa267e3935f0ea7f47d8d96f09f016e648c2a7e7dcd5ecc47da864e824c592098c1e39526b643bd126c5c99d68a7040411a4cf68857df629f24d4107d
- SSDEEP
  
  96:ytJ6tC4jcY5rKhkfL9SYdKkcxM2DjDf3GEfKvBKav+Yx4yndY7ndS27gA:yyj6QS8HREf+BYYxbdqn420
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  Perky And Kanvs Optimization V1/Cleaner/Clean Log Files.cmd
- Size
  
  48B
- MD5
  
  fd71e1e53bc1d789c891ac4a9859f667
- SHA1
  
  96b6dcb3a384cbce340d848be993df7121a3a682
- SHA256
  
  3d93bb6883233e3d5ec53854a21fca657a68e7a150b100bd0a82eaeffde91a99
- SHA512
  
  7b1ecee97e15ed50f6b5f64e71ca5d6ad36c0314820d951001923d592adbdbc93135cf6a478deab091adce4dee2d04c6f2fc5d81b572dd3e9d4f2fdb7ec4b74d
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral17 behavioral18
- Target
  
  Perky And Kanvs Optimization V1/Cleaner/Clean Temporary Files.bat
- Size
  
  257B
- MD5
  
  14546109b637a31c676fc433f9bf54e8
- SHA1
  
  40cccd3dd79320125eca1bac1c9e37e491580919
- SHA256
  
  dde4adf17c4b9b4ba06489f580b7a42558cf4d83a3375157fe251c9143419deb
- SHA512
  
  8f6d72c3fe566cf4f9b5555157cb1dd4a2ef6194134ad812b51adfb0d924ca5a97fc2a29b1e600fe7d381c9ddc0118d589aa2cd2396b83001a803e931bed1c59
Score

1^/10
behavioral19 behavioral20
- Target
  
  Perky And Kanvs Optimization V1/Debloater/Individual Scripts/Clear Last Used Files and Folders.ps1
- Size
  
  180B
- MD5
  
  5dbcb1c9b5458046db9899e080a0957c
- SHA1
  
  bf211f4d34254e05c0cb0349ad4ef45f27028359
- SHA256
  
  9d148276e7bbedfd397315815f48425d01280f13db5f3c17ca0b1c0f90d12f79
- SHA512
  
  f75f12c46b49b68e5f0b9f31d719d29d09966f50f44a98f27c1263914590ea6af2b0f749da52107f10aacbc4c478e2c6ffbfa51887649bb035bb5797821e3429
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  Perky And Kanvs Optimization V1/Debloater/Individual Scripts/Debloat Windows
- Size
  
  3KB
- MD5
  
  fe027363edd3aa71c6a4ae0ecb7ceaae
- SHA1
  
  2061b9af054ca1f1903797b270439db656d54dff
- SHA256
  
  2152bdd73176e7152a02b79170fe193e0f036b91373f8781937df67247561de0
- SHA512
  
  180d0305529edfbe8b18f1627ba3a1212605c703cdd574dfb7dde020209a0fd049effa873aaa9912526501a66ae2fee5d5c9e47aee624b3962d21e6582f105af
Score

7^/10

execution
- Executes dropped EXE
- Loads dropped DLL
behavioral23 behavioral24
- Target
  
  Perky And Kanvs Optimization V1/Debloater/Individual Scripts/Debloater - Shortcut.lnk
- Size
  
  1KB
- MD5
  
  81e41e4d4bcf6c0be25256f505b5fe36
- SHA1
  
  0eb7cf1df942a7a2a9d0b30a79e67f64e6c202ba
- SHA256
  
  1b4d49d8d84ffdee41da9d5dce43272d8993c6a4b7aafa52025eced14341d32d
- SHA512
  
  9b6eaf906e4f35dd4d1044c838516b96a1c03b43e954c1718b7bd76416a7b0383e1d3b7331aabace2cae77133e1d3e73073df46edcb85f989f75b4192d18b86a
Score

3^/10
behavioral25 behavioral26
- Target
  
  Perky And Kanvs Optimization V1/Debloater/Individual Scripts/Disable Cortana
- Size
  
  659B
- MD5
  
  6323e777a8add8e0c94bf73b29c7e493
- SHA1
  
  0a19c7a21c7f66ab97c3582fbf54c8627b9c5c19
- SHA256
  
  5f094ae62d81cd7b7a049d3193802ccf58cbdc738df285c95ff5cbb73b4876d7
- SHA512
  
  67a6c08278a06c2c2dcc24f2a2d2dae82372f9c369a82892fb2cb6f88fe4ef48a12006d530b199748fd7ad81b2aabafd59db7cabc8f0c9b18be967f78a1655f5
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  Perky And Kanvs Optimization V1/Debloater/Individual Scripts/Disable Last Used Files and Folders View.ps1
- Size
  
  637B
- MD5
  
  a89cd270851a8b1ef9d645a018b1b8f7
- SHA1
  
  0e8ef7d5edba0a8ad2acca033d4a1f2199075f7f
- SHA256
  
  63a2fa69b2ad719f963ea52e573e9777eb66552ea4a618416f19745a234d13b5
- SHA512
  
  b8537608716c3b7c48820ce1456818557b032b6b5e7e421ab538131d4b8639bcdb9e796ad48f203a2b9824a803236f3b15152eeacad5e93d2feda651805817c7
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  Perky And Kanvs Optimization V1/Debloater/Individual Scripts/Enable Cortana
- Size
  
  662B
- MD5
  
  9c87d755ea8c3d89c465044a67c1d3f5
- SHA1
  
  6f6e2ce809065e33a64978dca110e14b1f6aa0cf
- SHA256
  
  3a936c1812c16b8843b55a8e48458261438da509738362827be33b9fdb44a9e3
- SHA512
  
  355ad2b64758daa22ee85f16bebac87021353d3c946d366c8a6c87d9fc87cccbfc4471053864d75795eaa80b6f3271d1a4c2988a18e565ee91ddba072b229058
Score

3^/10

execution
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

PowerShell

T1059.001

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Reads user/profile data of web browsers

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32