General

  • Target

    b00fcf44d39868b94c9c6816320d155edf5123501f34c2e7d23670638bb73414

  • Size

    1.1MB

  • Sample

    241107-s325waxmhq

  • MD5

    724e50c3bca382a9dfa9b0ccbf4d25a6

  • SHA1

    290ee14f82939bf958d8f84b9919d3ad29b0792f

  • SHA256

    b00fcf44d39868b94c9c6816320d155edf5123501f34c2e7d23670638bb73414

  • SHA512

    d36ddf4a89ac68f474218ea3f276aee5cb109d427dc67f079cc67d0284a2abd877e2fcac49d5adf7265e8a8a2ead55f482390dba2679ff0d519ab2fb8732b5f5

  • SSDEEP

    24576:4l4OtpmAEQ/qfxRgo3I7XZ9HL45THS6UdF5KSZ+RTLp:4yOKAE/Co3gXLryupK3Lp

Score
5/10
upx

Malware Config

Targets

    • Target

      обходик — копия/bin/WinDivert.dll

    • Size

      46KB

    • MD5

      b2014d33ee645112d5dc16fe9d9fcbff

    • SHA1

      aa69498562d350f2de06954b133e59fac1e57002

    • SHA256

      c1e060ee19444a259b2162f8af0f3fe8c4428a1c6f694dce20de194ac8d7d9a2

    • SHA512

      37014a018b9cd91b2eaeeccc7c5af3838fcae4d4fe6bb50c7ae32cd5c99423965a3e3efb29499324f6885b8f0c2ee2952cb75ab73db4e8960811abcb46801f15

    • SSDEEP

      768:Qjf2rf/kxpxI+JEw2VWHDDjQSQX4zTtllgwBqWocwTicI:YuT/CXHDvVQatonTic

    Score
    1/10
    • Target

      обходик — копия/bin/WinDivert64.sys

    • Size

      91KB

    • MD5

      89ed5be7ea83c01d0de33d3519944aa5

    • SHA1

      4c9b9c74529399abacc2284de1dead5f2332ee9b

    • SHA256

      8da085332782708d8767bcace5327a6ec7283c17cfb85e40b03cd2323a90ddc2

    • SHA512

      be6530fa0e26441441028b530cd6fc4f900448916e137f92613a1f886c16399d415ddd17f7f8847258cc19c63b1510f2f3068942203c50486e48eed838f9f138

    • SSDEEP

      1536:AsmCCzg4Klt7jh//NiRMwoGK0tmdsAXixJz48dJ/zuXR:Atzilt/iR5ojGmdsAXoz4k/8R

    Score
    1/10
    • Target

      обходик — копия/bin/cygwin1.dll

    • Size

      998KB

    • MD5

      c50b50303fae4afe7248307339a00d13

    • SHA1

      1b4a3f7666172809bd0d88f793ee855bd4b92938

    • SHA256

      712c39a069541afa69cfcbe01b422bd67b4201eee7e94cc1327d4ed8b4fa2167

    • SHA512

      123d06a0a5f891851e372881860b9d7fb8c453dcdbbca5970b9b2bf205f08f0a724595c6892f4afbbb4f85292a886dddffbf0d36dfe18d4b6eea7a5d12451762

    • SSDEEP

      24576:YbYJZPZf7KMuiA7Q4lsXBmStxacrFhG+wTGiPoy1u7MHltI:YAZfmM/A7Uk6xhpmGkoy1u7MH0

    Score
    5/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      обходик — копия/bin/winws.exe

    • Size

      234KB

    • MD5

      8c624e64742bc19447d52f61edec52db

    • SHA1

      1e700e2dd61b5d566a651433dc86bd95a6d54449

    • SHA256

      13fd7a9c6f7c98239a61a212f69211a0f19159b2e8cdae8b1efc57d35cdcd5ad

    • SHA512

      f676f7aa863fd13494186d4be597c19e49dc8245f6a98a2e9e2f1d09aa9e4cbf7a87c552e49359347b24b46cd1eddfb6edcfcbd6f4ff4d24888831ff182c952a

    • SSDEEP

      3072:v8eKEoQ4poZkFUIIggeAtqCijmtvzb20QTE7Eh2mS89QB+5Us6V:vtp5GoZ7+VAtqw7S0R7E9Ou8V

    Score
    5/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      обходик — копия/discord.bat

    • Size

      800B

    • MD5

      9734ab093d3e4835d5098c734cbc5692

    • SHA1

      19e8ef6ebf057df2261588b962426fdc1522edcf

    • SHA256

      e824798d4e56f6de50632932c3316d4b5cd8f05ef831a0ca3db00c142b788796

    • SHA512

      77d9b57e6c4680bc6aeaae72af79c69487077643ad3c53a8ee983bdf334945403db7a834de1b996235f35633bd8407f6d5918c743c469c1bb4671e116266265d

    Score
    5/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      обходик — копия/general.bat

    • Size

      934B

    • MD5

      11b20037f9d0d4b056f47ea453ad9928

    • SHA1

      27845b54b79af1c75de576df26da93fc6ba378f8

    • SHA256

      96cc24a2019ab0c6cbd5b1537a349a2aadea72a699a27029bc6a747c64c5a1b9

    • SHA512

      49358447249486700e0c01167ba4b5b60fb65e7667af4e193eba09394193d9ce1420286d56046d50064238bc266db01acf22cfc407e19270ce9442c01dc66ed3

    Score
    5/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      обходик — копия/service_discord.bat

    • Size

      1KB

    • MD5

      5660fd4c3c7c0da34dd921866de7ef60

    • SHA1

      b6c6b1d1557e9f321a91fef15b28d9ab45fe4443

    • SHA256

      375db71a4235c9596781e44b0032f6181b018f41096afa4d782f83f52793a644

    • SHA512

      31cb8524cc02aef2812faa645222cad641ecea9668daa1e4052e5164e3377e718b429634266e692189b34a52704599b55d9225b4335505ad8c63cfca98c5c139

    Score
    1/10
    • Target

      обходик — копия/service_general.bat

    • Size

      1KB

    • MD5

      cb56dd3e71d70b3c3bc7cbe0675800ba

    • SHA1

      289fb37d8906ca2245087fd6be78f4890df8da1a

    • SHA256

      5a72a39607fbeb6542b71a59ff14ab7009800fa65119c4b4fb65d296934cbd94

    • SHA512

      b586ecef1dafe6d2bad4605638d6e5ffbbe4800cb3533a721b62776a15fce58ad2794ae1efc75986a45005d068c398916baef2d8c18d801dcce9c0a58f717472

    Score
    1/10
    • Target

      обходик — копия/service_goodbye_discord.bat

    • Size

      1KB

    • MD5

      92fb081844f5e595fc0d8ad83428180b

    • SHA1

      e939783f9c56d65727686d4f42e7ddb7fb0622af

    • SHA256

      2a8e5d588288d83046df7df701400793921ba960ac60cec297fefe0c31b50268

    • SHA512

      82319b73222354e0cd318350179bd7d46554fbbf0a985c9987af5a57f4783facb0f5b792ce561a7bc23a13345f638ed03499920b0b17b0eab8c6cc3fd2c81e72

    Score
    1/10
    • Target

      обходик — копия/service_remove.bat

    • Size

      574B

    • MD5

      d39171c85f3e4560e23fd937a66fd335

    • SHA1

      0e75017263f2512974710bbfffb869a44f6d7c42

    • SHA256

      e6c71d0db937472d4612a45a9b2214369175d71c5ebfa031255ae23d4586e50a

    • SHA512

      3385ed91027b118d38f9275c72026349c58930818781b619f21281bdc43f49340727d2766e1d3748d42cb3fb9fa2011478246e2d3b531d889d1e40132fc1f857

    Score
    1/10

MITRE ATT&CK Matrix

Tasks