Overview
overview
5Static
static
5обход...rt.dll
windows7-x64
1обход...rt.dll
windows10-2004-x64
1обход...64.sys
windows10-2004-x64
1обход...n1.dll
windows7-x64
5обход...n1.dll
windows10-2004-x64
5обход...ws.exe
windows7-x64
5обход...ws.exe
windows10-2004-x64
5обход...rd.bat
windows7-x64
5обход...rd.bat
windows10-2004-x64
5обход...al.bat
windows7-x64
5обход...al.bat
windows10-2004-x64
5обход...rd.bat
windows7-x64
1обход...rd.bat
windows10-2004-x64
1обход...al.bat
windows7-x64
1обход...al.bat
windows10-2004-x64
1обход...rd.bat
windows7-x64
1обход...rd.bat
windows10-2004-x64
1обход...ve.bat
windows7-x64
1обход...ve.bat
windows10-2004-x64
1General
-
Target
b00fcf44d39868b94c9c6816320d155edf5123501f34c2e7d23670638bb73414
-
Size
1.1MB
-
Sample
241107-s325waxmhq
-
MD5
724e50c3bca382a9dfa9b0ccbf4d25a6
-
SHA1
290ee14f82939bf958d8f84b9919d3ad29b0792f
-
SHA256
b00fcf44d39868b94c9c6816320d155edf5123501f34c2e7d23670638bb73414
-
SHA512
d36ddf4a89ac68f474218ea3f276aee5cb109d427dc67f079cc67d0284a2abd877e2fcac49d5adf7265e8a8a2ead55f482390dba2679ff0d519ab2fb8732b5f5
-
SSDEEP
24576:4l4OtpmAEQ/qfxRgo3I7XZ9HL45THS6UdF5KSZ+RTLp:4yOKAE/Co3gXLryupK3Lp
Behavioral task
behavioral1
Sample
обходик — копия/bin/WinDivert.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
обходик — копия/bin/WinDivert.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
обходик — копия/bin/WinDivert64.sys
Resource
win10v2004-20241007-en
Behavioral task
behavioral4
Sample
обходик — копия/bin/cygwin1.dll
Resource
win7-20241023-en
Behavioral task
behavioral5
Sample
обходик — копия/bin/cygwin1.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral6
Sample
обходик — копия/bin/winws.exe
Resource
win7-20240903-en
Behavioral task
behavioral7
Sample
обходик — копия/bin/winws.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral8
Sample
обходик — копия/discord.bat
Resource
win7-20240903-en
Behavioral task
behavioral9
Sample
обходик — копия/discord.bat
Resource
win10v2004-20241007-en
Behavioral task
behavioral10
Sample
обходик — копия/general.bat
Resource
win7-20241010-en
Behavioral task
behavioral11
Sample
обходик — копия/general.bat
Resource
win10v2004-20241007-en
Behavioral task
behavioral12
Sample
обходик — копия/service_discord.bat
Resource
win7-20240903-en
Behavioral task
behavioral13
Sample
обходик — копия/service_discord.bat
Resource
win10v2004-20241007-en
Behavioral task
behavioral14
Sample
обходик — копия/service_general.bat
Resource
win7-20240903-en
Behavioral task
behavioral15
Sample
обходик — копия/service_general.bat
Resource
win10v2004-20241007-en
Behavioral task
behavioral16
Sample
обходик — копия/service_goodbye_discord.bat
Resource
win7-20240708-en
Behavioral task
behavioral17
Sample
обходик — копия/service_goodbye_discord.bat
Resource
win10v2004-20241007-en
Behavioral task
behavioral18
Sample
обходик — копия/service_remove.bat
Resource
win7-20240903-en
Behavioral task
behavioral19
Sample
обходик — копия/service_remove.bat
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
обходик — копия/bin/WinDivert.dll
-
Size
46KB
-
MD5
b2014d33ee645112d5dc16fe9d9fcbff
-
SHA1
aa69498562d350f2de06954b133e59fac1e57002
-
SHA256
c1e060ee19444a259b2162f8af0f3fe8c4428a1c6f694dce20de194ac8d7d9a2
-
SHA512
37014a018b9cd91b2eaeeccc7c5af3838fcae4d4fe6bb50c7ae32cd5c99423965a3e3efb29499324f6885b8f0c2ee2952cb75ab73db4e8960811abcb46801f15
-
SSDEEP
768:Qjf2rf/kxpxI+JEw2VWHDDjQSQX4zTtllgwBqWocwTicI:YuT/CXHDvVQatonTic
Score1/10 -
-
-
Target
обходик — копия/bin/WinDivert64.sys
-
Size
91KB
-
MD5
89ed5be7ea83c01d0de33d3519944aa5
-
SHA1
4c9b9c74529399abacc2284de1dead5f2332ee9b
-
SHA256
8da085332782708d8767bcace5327a6ec7283c17cfb85e40b03cd2323a90ddc2
-
SHA512
be6530fa0e26441441028b530cd6fc4f900448916e137f92613a1f886c16399d415ddd17f7f8847258cc19c63b1510f2f3068942203c50486e48eed838f9f138
-
SSDEEP
1536:AsmCCzg4Klt7jh//NiRMwoGK0tmdsAXixJz48dJ/zuXR:Atzilt/iR5ojGmdsAXoz4k/8R
Score1/10 -
-
-
Target
обходик — копия/bin/cygwin1.dll
-
Size
998KB
-
MD5
c50b50303fae4afe7248307339a00d13
-
SHA1
1b4a3f7666172809bd0d88f793ee855bd4b92938
-
SHA256
712c39a069541afa69cfcbe01b422bd67b4201eee7e94cc1327d4ed8b4fa2167
-
SHA512
123d06a0a5f891851e372881860b9d7fb8c453dcdbbca5970b9b2bf205f08f0a724595c6892f4afbbb4f85292a886dddffbf0d36dfe18d4b6eea7a5d12451762
-
SSDEEP
24576:YbYJZPZf7KMuiA7Q4lsXBmStxacrFhG+wTGiPoy1u7MHltI:YAZfmM/A7Uk6xhpmGkoy1u7MH0
Score5/10 -
-
-
Target
обходик — копия/bin/winws.exe
-
Size
234KB
-
MD5
8c624e64742bc19447d52f61edec52db
-
SHA1
1e700e2dd61b5d566a651433dc86bd95a6d54449
-
SHA256
13fd7a9c6f7c98239a61a212f69211a0f19159b2e8cdae8b1efc57d35cdcd5ad
-
SHA512
f676f7aa863fd13494186d4be597c19e49dc8245f6a98a2e9e2f1d09aa9e4cbf7a87c552e49359347b24b46cd1eddfb6edcfcbd6f4ff4d24888831ff182c952a
-
SSDEEP
3072:v8eKEoQ4poZkFUIIggeAtqCijmtvzb20QTE7Eh2mS89QB+5Us6V:vtp5GoZ7+VAtqw7S0R7E9Ou8V
Score5/10 -
-
-
Target
обходик — копия/discord.bat
-
Size
800B
-
MD5
9734ab093d3e4835d5098c734cbc5692
-
SHA1
19e8ef6ebf057df2261588b962426fdc1522edcf
-
SHA256
e824798d4e56f6de50632932c3316d4b5cd8f05ef831a0ca3db00c142b788796
-
SHA512
77d9b57e6c4680bc6aeaae72af79c69487077643ad3c53a8ee983bdf334945403db7a834de1b996235f35633bd8407f6d5918c743c469c1bb4671e116266265d
Score5/10 -
-
-
Target
обходик — копия/general.bat
-
Size
934B
-
MD5
11b20037f9d0d4b056f47ea453ad9928
-
SHA1
27845b54b79af1c75de576df26da93fc6ba378f8
-
SHA256
96cc24a2019ab0c6cbd5b1537a349a2aadea72a699a27029bc6a747c64c5a1b9
-
SHA512
49358447249486700e0c01167ba4b5b60fb65e7667af4e193eba09394193d9ce1420286d56046d50064238bc266db01acf22cfc407e19270ce9442c01dc66ed3
Score5/10 -
-
-
Target
обходик — копия/service_discord.bat
-
Size
1KB
-
MD5
5660fd4c3c7c0da34dd921866de7ef60
-
SHA1
b6c6b1d1557e9f321a91fef15b28d9ab45fe4443
-
SHA256
375db71a4235c9596781e44b0032f6181b018f41096afa4d782f83f52793a644
-
SHA512
31cb8524cc02aef2812faa645222cad641ecea9668daa1e4052e5164e3377e718b429634266e692189b34a52704599b55d9225b4335505ad8c63cfca98c5c139
Score1/10 -
-
-
Target
обходик — копия/service_general.bat
-
Size
1KB
-
MD5
cb56dd3e71d70b3c3bc7cbe0675800ba
-
SHA1
289fb37d8906ca2245087fd6be78f4890df8da1a
-
SHA256
5a72a39607fbeb6542b71a59ff14ab7009800fa65119c4b4fb65d296934cbd94
-
SHA512
b586ecef1dafe6d2bad4605638d6e5ffbbe4800cb3533a721b62776a15fce58ad2794ae1efc75986a45005d068c398916baef2d8c18d801dcce9c0a58f717472
Score1/10 -
-
-
Target
обходик — копия/service_goodbye_discord.bat
-
Size
1KB
-
MD5
92fb081844f5e595fc0d8ad83428180b
-
SHA1
e939783f9c56d65727686d4f42e7ddb7fb0622af
-
SHA256
2a8e5d588288d83046df7df701400793921ba960ac60cec297fefe0c31b50268
-
SHA512
82319b73222354e0cd318350179bd7d46554fbbf0a985c9987af5a57f4783facb0f5b792ce561a7bc23a13345f638ed03499920b0b17b0eab8c6cc3fd2c81e72
Score1/10 -
-
-
Target
обходик — копия/service_remove.bat
-
Size
574B
-
MD5
d39171c85f3e4560e23fd937a66fd335
-
SHA1
0e75017263f2512974710bbfffb869a44f6d7c42
-
SHA256
e6c71d0db937472d4612a45a9b2214369175d71c5ebfa031255ae23d4586e50a
-
SHA512
3385ed91027b118d38f9275c72026349c58930818781b619f21281bdc43f49340727d2766e1d3748d42cb3fb9fa2011478246e2d3b531d889d1e40132fc1f857
Score1/10 -