8e12dc4b5b89beab902febe90f49de6f2f0e18ad7399c23fb917f6a6b6b65195

Sharing

Copy URL

Twitter E-mail

General

Target

TrueAncestor_EDAT_Rebuilder_v1.65.zip
Size

1.9MB
Sample

241012-n2qm8stcpm
MD5

9b29ecb8dbc85c0acf56e11da2523387
SHA1

88603053746bab1804b917e9a88b98f7f13f4941
SHA256

8e12dc4b5b89beab902febe90f49de6f2f0e18ad7399c23fb917f6a6b6b65195
SHA512

3f2127e98d15e1e1fcbb0ff61642c9b03e338f7276faeec012243086c82699417200c2ab857fe94011090fe138e21af37a2442df390956740d62f35a869ad7b7
SSDEEP

49152:sWJ9G1YjmOyuTFiGPL+EYKWTb6+PMsCe84:Th1yQ+DKMbLMsd

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  rebuilder.exe
- Size
  
  114KB
- MD5
  
  03d31114dbdd3dd49e6d374930989114
- SHA1
  
  a485474bddbe34504d726787f082d40058d26af6
- SHA256
  
  4baec23db026d032791adfb7a36f34b3db43adac328bff1365742bcde4b13007
- SHA512
  
  72ee30a8204fcf2b651da4771ee40c20113020cbcabd295abebf0fbaaaa4be64fef77c12663080ee5ab9facf86f26c3265db80be93dbdbca5d95e9d611515ea8
- SSDEEP
  
  3072:odJyqnWGeiR/llxsIsYMEpOqFHtWIftBKo:odJB9jvOQ/HKo
Score

3^/10

discovery
behavioral1
- Target
  
  tool/core.jar
- Size
  
  203KB
- MD5
  
  62203beef5fcee9677adfee43ad15149
- SHA1
  
  e6c42ec4a508222b2a386f107e7f7fe4bce3e9cf
- SHA256
  
  e7463c81592d4d4154bd04b14af0b30845fbc8962c8ff31f18a757005e552ca1
- SHA512
  
  e3f488dc31c9e4e74a99e50bc30e8d68ab50fcfaad618300cd291151649b08249ace5ed2e95357d3c632fe574e640f8f5404345b8218efe4c4cefd6fa382243a
- SSDEEP
  
  3072:XMd3zuBWGJC6rlGU4yW7tpwftAdOPizee6gE9H+Ehal6n2wqWey5EN9DvoN+RBXT:cR6+be2mgEMExYpxXCOY2ZAVn0PBPx
Score

7^/10

discovery
- Modifies file permissions
  discovery
behavioral2
- Target
  
  tool/cyggcc_s-1.dll
- Size
  
  79KB
- MD5
  
  79e7032bcf04c619c9574becf51f5013
- SHA1
  
  87de04872658b6f57e218f3170bd1c32ef278c41
- SHA256
  
  c33476e98cd2a2de99c47425f790f9e9f9b8e554ada14c0f7645dca1d5a41d1d
- SHA512
  
  235e1a27a5441e64c2c8e88ddcc4b197b98bd9555fb310924ba45c3d2a8bfe4b9ca1e867c8b6d04091e63c3016b7c99faea22d40652e12727e45ebcef6d6c792
- SSDEEP
  
  1536:XcboM9x6BRsRTKFcFccAH6CqvuQp+g1vDXvxGVnEZN/tpZO9jjWBlxx:Xcb1H6xmlexaGg1vLvIVAN/tpZYjSpx
Score

3^/10

discovery
behavioral3
- Target
  
  tool/cygwin1.dll
- Size
  
  2.7MB
- MD5
  
  6ca54d1af76525b0e35a369b0f08de43
- SHA1
  
  2124fabeb6adc54fe7d24f6055847a5d7a87b369
- SHA256
  
  df4e2115c80d07ca4345ba92053dcc38c4002554677a04509d02669a50ab86bf
- SHA512
  
  35c24f22e3d455aa13027946482eac85b778068770bfa8d9e3be85efe1a097eac65be89876a1ceb3ea352de50f7c914492a6b4c6ad1ad0c1e595d98a070ea0b6
- SSDEEP
  
  49152:w3x3HUVf3PULVdgzsSAeUP/A9mEEBSHMk9QPr010gDC/misu:wB3HUVf3cLngzsSFUXDSHMk9QPrM0gDK
Score

3^/10

discovery
behavioral4
- Target
  
  tool/cygz.dll
- Size
  
  71KB
- MD5
  
  1bfb7d20779f3506a91086f2dcfe9203
- SHA1
  
  3108efe9a90bde5d7f60c01d3e66f35eaf3752b1
- SHA256
  
  c8c3a59c37edba3f80f8f4e837968a0c3eedd153fb8d79b2123a2bbea8e32c53
- SHA512
  
  a053171b3755b9c8f05be7eafe145e9f4d8dee77d2f11ef379349d8a1f02adaafa06391f6ad017013d1a51738eafa25401455ddca55f20c6eacc9f1859a0d831
- SSDEEP
  
  1536:xPba121uUtTXYsrsfNAk09bUAKsVvdqRurmjnToIfpIOOIOYQ/bOY:ZC21uMYx09b7KhTBfD8YQ/bOY
Score

3^/10

discovery
behavioral5
- Target
  
  tool/dklic_validator.exe
- Size
  
  10KB
- MD5
  
  9b9362dad4ff29526f2769f3a516cb3e
- SHA1
  
  d107dff1d5b6517f0f8fb1e78b1fc6f5437fad62
- SHA256
  
  317ec3c3e510bb5c24f777429c388b50834d962999bdcbeb9460d07f4fdbf953
- SHA512
  
  268496796d129bb67abf84349cdd733f52b61c7884076ca4b86b7381eec1182678af333969e862206d9d30cc53213b4ed9f1503cd6bc7119cb63a3a119bb8c31
- SSDEEP
  
  192:hzJ59d2D2/tC9fEEZ0kKYkxy+SYgmuuUlJpDK7:hzf9QD2/tCFJZ0kwSLRuUlzO
Score

1^/10
behavioral6
- Target
  
  tool/klic_bruteforcer.exe
- Size
  
  15KB
- MD5
  
  fe249bda3c1112f662661a68c43a36ab
- SHA1
  
  ea80103078ef735a9141774398e86cae4ff91423
- SHA256
  
  5216ca94908b557ff61c1053db39755dee6ecf0fc503cb9113b6a120e1b97529
- SHA512
  
  aa3e0c79903f792fccf5b04343d87d2eb04557d3813f31ac99b1d53ce89bc35ca2ec0d529eb1101f4e0cf82e27e7867ede03cfa21c6e8213f23a5d10dbb83494
- SSDEEP
  
  192:whmZAVq0jxsdeQtf9MIbk+XfdYXllqcu68Y5R53PPr+lB6y5i4nfiXTTWLF:x+jmE8OII+vmXZ8ORJeKGL
Score

1^/10
behavioral7
- Target
  
  tool/rap2rifkey.exe
- Size
  
  114KB
- MD5
  
  00ef4e5405d3e9e4d727b0eb4b72ceda
- SHA1
  
  4e857906dc7bb927f30259e74f1cad671d13f9ea
- SHA256
  
  0de7d23d602970e96f33856c500fe1de0a8c9f85228a787439a61271b8be09df
- SHA512
  
  44ab62192d9fb49eee7a09849b7dd8aa2eb29d2744da05735cd1c0c10dbf0be9a3e7fdd7fd3e3b701ee264fb70fb7730ccef949f72ce2c17b55f8ffe127889f2
- SSDEEP
  
  3072:3uL2x6A9aoPOnAIjMdyV5JRTH6jTxsEmt4C+b4yN:3uL2lgnAIjMu6CiN
Score

3^/10

discovery
behavioral8
- Target
  
  tool/scetool.exe
- Size
  
  71KB
- MD5
  
  b676a8cc54e97cfc8bbebcf1d1509a1e
- SHA1
  
  a90244a8ade7aad0dc9dbb4717504417afa392d6
- SHA256
  
  bd9b55bb8a622bf254021598e9a04108330e94f375b411b6fb4a106b4980777c
- SHA512
  
  0d84105957486bbcf01a37c73b2794091b1b1c1a71a3bb9fdeb63f8db96169ba5a989220068b6aeaa5e8eecffa89afbd48500fe0fc0f2d53ba8d80a884bd83c2
- SSDEEP
  
  1536:WLUUY2A1FQbCgAUPXBbjPI35ef7CPB5yPEtfqZNkPCnc0B/3B:WY2EQZPFPsPB54U6qkDBP
Score

3^/10

discovery
behavioral9
- Target
  
  tool/sfk.exe
- Size
  
  1.2MB
- MD5
  
  1c8421de8643d4199936682f7831f510
- SHA1
  
  178c7b534b34df1d8ff13a131a89ec62dd6ead55
- SHA256
  
  64c0f7a942672280e3f3752506716f1082616c9d8c0c2de2fd430d2279bdf2d8
- SHA512
  
  977cdf8fc3adc8c8fe0dd3d11daf63776f7ca475614c16be968d89241ca5763894cc75992892286d95712c1ade4ecdd996054d47a0c278a6db7cda928c581268
- SSDEEP
  
  24576:okOZpo5p4lZa0SuB19+G/py2dST5WwHxSgdB4bwEdafBOj4/aj+blTMk:okOI5OlKQ19l/pyKST2q7EWIKE+ZTj
Score

3^/10

discovery
behavioral10

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

T1222

Credential Access

Discovery

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Modifies file permissions

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10