93e1c2ea99a9b47a688586d1f562dc93c161fde29eb41d00b60728277b3ba4ca

Sharing

Copy URL

Twitter E-mail

General

Target

ArgusMonitor_Setup.exe
Size

12.9MB
Sample

241102-g5g2yaykcy
MD5

aafcca37088bdf47f889b9ec3dcc99ad
SHA1

102009acce6ba4e1024336b3502d10454c81bccb
SHA256

93e1c2ea99a9b47a688586d1f562dc93c161fde29eb41d00b60728277b3ba4ca
SHA512

1440ae88f34824b93d0b74119b68fb84506a3bbe8202237bbdde195b29a0767e8d5d9ab9630172612eb468e0aae28cae5c746d57d35bf84bda4444bfcaa0d8bd
SSDEEP

393216:Ak0OzM8qy3yH6skNK9dosSY3PV1HG4NXOU8Q1dptmI:Ak5NRyasIwdHd1VXONQ1dptD

Score

8^/10

Malware Config

Targets

- Target
  
  ArgusMonitor_Setup.exe
- Size
  
  12.9MB
- MD5
  
  aafcca37088bdf47f889b9ec3dcc99ad
- SHA1
  
  102009acce6ba4e1024336b3502d10454c81bccb
- SHA256
  
  93e1c2ea99a9b47a688586d1f562dc93c161fde29eb41d00b60728277b3ba4ca
- SHA512
  
  1440ae88f34824b93d0b74119b68fb84506a3bbe8202237bbdde195b29a0767e8d5d9ab9630172612eb468e0aae28cae5c746d57d35bf84bda4444bfcaa0d8bd
- SSDEEP
  
  393216:Ak0OzM8qy3yH6skNK9dosSY3PV1HG4NXOU8Q1dptmI:Ak5NRyasIwdHd1VXONQ1dptD
Score

8^/10

discovery evasion execution upx
- Drops file in Drivers directory
- Stops running service(s)
  evasion execution
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1
- Target
  
  $PLUGINSDIR/AMIH.dll
- Size
  
  60KB
- MD5
  
  d9a0c29bbd1c15a86dcc42df87fbbabf
- SHA1
  
  3b82b10fe50db79f5802cc716e156769e6d73da4
- SHA256
  
  b19ef6d852a44abc9d555b0b1c2adb6a68a950188ead37f6fc7d6aa986706677
- SHA512
  
  d320de03d2b4b4fb8472cc6f2eac4ab19c0a29cb6aaf63526b65cde90b1956eb8b64c93ef08c67a947ae1b022e653528997bd091fc87724a121fa6102191c568
- SSDEEP
  
  1536:4yz093DhvVtEAuKcS3BgROqBAM5C/P6KbHG8GLD9GZqC:4yzU31TDRgcGACms
Score

3^/10

discovery
behavioral2
- Target
  
  $PLUGINSDIR/LangDLL.dll
- Size
  
  5KB
- MD5
  
  68b287f4067ba013e34a1339afdb1ea8
- SHA1
  
  45ad585b3cc8e5a6af7b68f5d8269c97992130b3
- SHA256
  
  18e8b40ba22c7a1687bd16e8d585380bc2773fff5002d7d67e9485fcc0c51026
- SHA512
  
  06c38bbb07fb55256f3cdc24e77b3c8f3214f25bfd140b521a39d167113bf307a7e8d24e445d510bc5e4e41d33c9173bb14e3f2a38bc29a0e3d08c1f0dca4bdb
- SSDEEP
  
  48:S46+/nTKYKxbWsptIpBtWZ0iV8jAWiAJCvxft2O2B8mFofjLl:zFuPbOBtWZBV8jAWiAJCdv2Cm0L
Score

3^/10

discovery
behavioral3
- Target
  
  $PLUGINSDIR/SimpleSC.dll
- Size
  
  1.1MB
- MD5
  
  7b89329c6d8693fb2f6a4330100490a0
- SHA1
  
  851b605cdc1c390c4244db56659b6b9aa8abd22c
- SHA256
  
  1620cdf739f459d1d83411f93648f29dcf947a910cc761e85ac79a69639d127d
- SHA512
  
  ac07972987ee610a677ea049a8ec521a720f7352d8b93411a95fd4b35ec29bfd1d6ccf55b48f32cc84c3dceef05855f723a88708eb4cf23caec77e7f6596786a
- SSDEEP
  
  12288:fRdJsAp4dXFcLBz75cwoCmJKHwe6VuoH9v0D/LF5mM6:fBsmyVS151oCmJKE1dv0DX
Score

3^/10

discovery
behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  12KB
- MD5
  
  cff85c549d536f651d4fb8387f1976f2
- SHA1
  
  d41ce3a5ff609df9cf5c7e207d3b59bf8a48530e
- SHA256
  
  8dc562cda7217a3a52db898243de3e2ed68b80e62ddcb8619545ed0b4e7f65a8
- SHA512
  
  531d6328daf3b86d85556016d299798fa06fefc81604185108a342d000e203094c8c12226a12bd6e1f89b0db501fb66f827b610d460b933bd4ab936ac2fd8a88
- SSDEEP
  
  192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
Score

3^/10

discovery
behavioral5
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  6c3f8c94d0727894d706940a8a980543
- SHA1
  
  0d1bcad901be377f38d579aafc0c41c0ef8dcefd
- SHA256
  
  56b96add1978b1abba286f7f8982b0efbe007d4a48b3ded6a4d408e01d753fe2
- SHA512
  
  2094f0e4bb7c806a5ff27f83a1d572a5512d979eefda3345baff27d2c89e828f68466d08c3ca250da11b01fc0407a21743037c25e94fbe688566dd7deaebd355
- SSDEEP
  
  96:o0svUu3Uy+sytcS8176b+XR8pCHFcMcxSgB5PKtAtgt+Nt+rnt3DVEB3YcNqkzfS:o0svWyNO81b8pCHFcM0PuAgkOyuIFc
Score

3^/10

discovery
behavioral6
- Target
  
  AMBattery.dll
- Size
  
  593KB
- MD5
  
  46d7f8e0818db756ccc4208f131ac108
- SHA1
  
  cf30de5fa739ade572eeaf8bd1d7b72dbdcfce9f
- SHA256
  
  375f111e1aff6a4c38bedca2da3377ffd7073f85089e98545a98bfb722ae0047
- SHA512
  
  d06d4eb3b51395091510ec68adb492503e3649fbfd79ec6e810d865c6d0f8cd98c654796ad8f728a5f5ea572499e033e60d39cd60d7620bd05344e7f80ec48a3
- SSDEEP
  
  6144:mUc7Fe1sls7c1oxgplevQ56+YjZdMcyY0695zqrp1Aeps9PTQXx9wohVo5Oa6DMz:m21us7c1oxiYFRn2pazPTQXEoc56+
Score

7^/10

persistence privilege_escalation
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
behavioral7
- Target
  
  ArgusControlService.exe
- Size
  
  1022KB
- MD5
  
  f19e96083c2dc71f3c40cb4d6068494c
- SHA1
  
  f678948a7aace21c90e6ccdffa83c2488184f6c8
- SHA256
  
  22cd5a700208623c9dc874cc2d6ec1aef29942317d702cdebd21495004d80c6f
- SHA512
  
  12fba7ce7730fcb760924de18595b13b59df8194c4c672afe2d488799eb74e3b3c34c53053f35915843e172a893c9d5b1ac272788f6cc949d5927882a5e4c6e6
- SSDEEP
  
  24576:mM+Ifc2eO/bu1mJyrCx7dAcghBoqlNEl0wTGJmh:aIfUoM87dkhB4lNCW
Score

5^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral8
- Target
  
  ArgusMonitor.exe
- Size
  
  5.3MB
- MD5
  
  e29761ba789c6b84e4fef48d7ca1f74b
- SHA1
  
  13e83209c744ee0b25dc10a4d607d2b48f63e12e
- SHA256
  
  1501a9a6627863f8b373f178486d15f1398e120dca8e7c6c6f681ea9ff98fbf4
- SHA512
  
  bc7ceb8fbaabf87e701c7c42af77e723213de3b630d652f7c597f28351ff193c87959d52bee16cee1ef4da06c79a32c6c96ada4379c596fc73812e622cd7ec34
- SSDEEP
  
  98304:p/XDngkagxdNR8jplOSCRLOOpAtroz9AyvbSGTB7ny58zn3HoKccbgtxZ8JokyUc:lXrgka8tam3z9AAltO+z3HFccb1R/xi
Score

5^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral9
- Target
  
  ArgusNetHandler.exe
- Size
  
  1.7MB
- MD5
  
  4304ba8c94cccf01189a47081cfc1d0d
- SHA1
  
  a999489cb33cab5bb0b334953078cb73f2314a1b
- SHA256
  
  f14ba5fe6f3b7b82092dc9ff1507f28844ff4a7690513564e62ef269fe4fc21e
- SHA512
  
  16cb1eb9da3f93e26c2dd80eb00041538b5c301eb26f8de82a02b0fc3e4016ff5c359a41a4b1ad14dc09a22053bdbba618827499682166a77df489d4b4e22334
- SSDEEP
  
  49152:zvVYY8dHSWOkNj2elIZLs10/mpfafKNXd8qHn2ST5HgB5:TVYYCHSWrBFSJmpf48znt+5
Score

5^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral10
- Target
  
  GpuControl.exe
- Size
  
  219KB
- MD5
  
  31e416d0f6d7204fd3b8d8a7b145a725
- SHA1
  
  aa05ff3eda6741359bef9dc31c82121acb80238c
- SHA256
  
  60926f65689c863450db81b9cb1bb624e8bf5c2327a8855c469535716206ffd6
- SHA512
  
  00316d92f6ad24f67e514c0c7e257358440865932649dbaac17108ffaaab128d30a26bb915cb5d4614be0411bdbe227df9632ac3d25406c3abdc82cc8cb7ab73
- SSDEEP
  
  3072:dfwXNGEJy7gXDi0kiv0we/rIjTZRopwnL8vccdzmLgPdVHeItB/vKr:dI4Edx70MlR1cKOVH5tYr
Score

1^/10
behavioral11
- Target
  
  HWInit.dll
- Size
  
  32KB
- MD5
  
  b8d6687a62dd8084b4df9217a1d3da4a
- SHA1
  
  a6704a86b12a17f73faff5b687a1c635536346e2
- SHA256
  
  fd57dab209b14e129fce1e1f55f1cd5fc6107dde8d2b6d05e80109ba56bc9201
- SHA512
  
  686a48c156ea0b86189e2a8fc2f7d0e91cdd4e1dd53a55999074cd8f73b309415c90d535ae62d0b6c1b5c1b0eaaf26d119c2bba19bb1ad806af65cad5e31c913
- SSDEEP
  
  768:H7IPuBAfkMishOdJ1fa0X4cAbmzv6Gly2yrxqx88JQ:HHAf9ishOJae4G6Gzxnm
Score

5^/10

discovery upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral12
- Target
  
  libusb-1.0.dll
- Size
  
  256KB
- MD5
  
  90a50cf50e4e3556ff1b53aefc8a06fb
- SHA1
  
  be2ebb90ccb025fee7d6d380c5ab984253a94810
- SHA256
  
  0760140d425269244c20bc4fb55f495598ab2b0e9db1584b28295799b18d90ef
- SHA512
  
  6f17c0ac722508f07cd8677362b1c8b6cfcba9713dae858a488e0d90e039e74d2d5fefead416ddcba23f26298e4ec069243e381e220f38f30cfbba9495a12cea
- SSDEEP
  
  3072:9JvlmaUCl73ao0rsF/xQ7z2EJbNfNJJcP3yc8o1B9nMnnIRFOE7KBT+rwJ:9BlNll7qo0rsF/u7zJlXch84BBSEeJ
Score

3^/10

discovery
behavioral13