463408ee65d826d76aedbb40faf5b457e005cef80be0bed20ae6b1c4a9bc5941

Resubmissions

06/10/2024, 07:38

241006-jglrbsvhlj 7

06/10/2024, 07:33

241006-jdqacazbqb 7

Sharing

Copy URL Twitter E-mail

General

Target

amayui_cracker.rar
Size

8.7MB
Sample

241006-jdqacazbqb
MD5

006f0075694b26913b61cb81b163adb4
SHA1

5a468e13be21f1e70732dcf4c3a8f614ac71ead4
SHA256

463408ee65d826d76aedbb40faf5b457e005cef80be0bed20ae6b1c4a9bc5941
SHA512

98a0b793fbe46c809744d02da0525b53f4daebfb0546b8098d708f20bdbbb2cfc798738e42c7045d8a18bbd255b87591a08fc9f212aba41bdd2d3931e97f35f4
SSDEEP

196608:iTPrGZsHHNguzCpIfW88eSPl40QyosTeXX2wncjvwBq:gKWHHSuzC0W8APlNQd2EBncjvwE

Score

7^/10

Malware Config

Targets

- Target
  
  AGE.EXE
- Size
  
  1.3MB
- MD5
  
  3ebf42c436ead412f9100f72ce7842e6
- SHA1
  
  496ab60584239d6694b88dc4af76bc9bd5b34f29
- SHA256
  
  85289eff8537f6ba43bbe0ed32f67b5d523d11d18fed589a41880e06b5f20386
- SHA512
  
  ef6b0ea1b7a28d708eb0ee0f70dfc2eb39d2e7ddfc603999433b17ad5bf353f2bf495d4c404a3380f99b2cfea7ccdd278158a77db2c63d420cc78191d372a0fa
- SSDEEP
  
  24576:kTbO9MRPKbuzh3NH8WH4YFLDeKTtRom2UbuLJwLi3KMENAW1HGmS:kTP9K0hPYkeKTtem2Ub0qOCNnwX
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  AGERC.DLL
- Size
  
  391KB
- MD5
  
  541b7fa15e4ebeed2cafe981bf728c88
- SHA1
  
  99d477f314d61f1d5f8080361baa663cecf7a783
- SHA256
  
  13fd92ca96056f36a68aa4386cfb339511c02dc5bd8d5d4303fb7a95d6a9cb61
- SHA512
  
  b16ea1e72032ef353ee86158e990441851b49622470c01b53091846bd105ee4dd5eb416082265b3b5bdae07a62ef2d2ee249586ca636d1a3e49f06afd957f929
- SSDEEP
  
  6144:rsiHkOUki/YbBpFwCOhdwBC7Qok8SQF/AjoL6pmn+aC1meyUGimMiG/v/nmQav:gaX1iVh0C7QozlA660W1meyUGpQGQu
Score

6^/10

bootkit discovery persistence
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral3 behavioral4
- Target
  
  SYS4INI.BIN
- Size
  
  452KB
- MD5
  
  9e32f62da9d23e7d2dc5769b9fdfe366
- SHA1
  
  742d3e2e5d6e12c08f5cb47cc75b1566010b7f1d
- SHA256
  
  5e3843eac2a16343fceb61a03de73d598580b66c824a322bbab1e9b73ce61787
- SHA512
  
  e4ddfba605d153502f3882f081c74f0a0e021eaaebd478166f2c69d3d5e4bbffffccd9cb78069db78c8b8f1fb126729af56ab8e6ca1ac7d78b2df66de48b094c
- SSDEEP
  
  6144:Pe57t1p7OqKFmSjmtDIf/G5dToAvcYFDDv19potPamp9rjEHONog4jAbXmtvIfpA:PCtOqKFNmife5Pc2f19gV9/EuNfs5Im
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  amayui_lm_101/amayui_lm_101.exe
- Size
  
  7.2MB
- MD5
  
  38b95c3a8222ae10560f98d6223d6d3f
- SHA1
  
  7f3b43d96afe5aaa61e4f79ecaee2fd304f1f4c9
- SHA256
  
  dabcbb6158e356e9d93c470223970aef8277c7d3dfa965971b6ac693bb66f183
- SHA512
  
  130ca34b8786d8045cafd5ad990b6922118e22c70326bf6fd032f01ffef5d2b2fe7ed477857fcecfd5ec49dff7b4e7ed830848b21ba571a176b27812614fce7f
- SSDEEP
  
  98304:uupm5ddO3wXcWqhZo4HLzEDoInOX3sMijq2KnPdAB6yAURzBSwR1cfv8Orp3R4xz:zyd1cdo4HH2Oqu2CdM1FiwvqfX4tH
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Pre-OS Boot

T1542

Bootkit

T1542.003

Privilege Escalation

Defense Evasion

Pre-OS Boot

T1542

Bootkit

T1542.003

Credential Access

Discovery

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Resubmissions

Sharing

General

Malware Config

Targets

Writes to the Master Boot Record (MBR)

Executes dropped EXE

Loads dropped DLL

Enumerates connected drives

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8