General

  • Target

    zapret-discord-youtube-1.5.2.rar

  • Size

    1.1MB

  • Sample

    241109-saqldawhjq

  • MD5

    42c369c50301073e6d7902e284c06a44

  • SHA1

    585f6269cac6d47c308efc0ac68be1901b3c4dff

  • SHA256

    ef0715e51ba23bfec00699fbb24cec3f2a88f028a9ada1c00f3a98fd00c8b375

  • SHA512

    b9154f01ab4b7d0ee840c424c5ee426a601334fd25be15a45819c227c33a0a5fb79204298adb02800068a5588fe0c067671190308a6ab777ec3219dddffef3f9

  • SSDEEP

    24576:ZIVl2ge6VZHlUcLdDhtYe82gskVUIPjOYYx+GPlCc:Zs59dLZr0U0NY+G9p

Score
5/10
upx

Malware Config

Targets

    • Target

      bin/WinDivert.dll

    • Size

      46KB

    • MD5

      b2014d33ee645112d5dc16fe9d9fcbff

    • SHA1

      aa69498562d350f2de06954b133e59fac1e57002

    • SHA256

      c1e060ee19444a259b2162f8af0f3fe8c4428a1c6f694dce20de194ac8d7d9a2

    • SHA512

      37014a018b9cd91b2eaeeccc7c5af3838fcae4d4fe6bb50c7ae32cd5c99423965a3e3efb29499324f6885b8f0c2ee2952cb75ab73db4e8960811abcb46801f15

    • SSDEEP

      768:Qjf2rf/kxpxI+JEw2VWHDDjQSQX4zTtllgwBqWocwTicI:YuT/CXHDvVQatonTic

    Score
    1/10
    • Target

      bin/WinDivert64.sys

    • Size

      91KB

    • MD5

      89ed5be7ea83c01d0de33d3519944aa5

    • SHA1

      4c9b9c74529399abacc2284de1dead5f2332ee9b

    • SHA256

      8da085332782708d8767bcace5327a6ec7283c17cfb85e40b03cd2323a90ddc2

    • SHA512

      be6530fa0e26441441028b530cd6fc4f900448916e137f92613a1f886c16399d415ddd17f7f8847258cc19c63b1510f2f3068942203c50486e48eed838f9f138

    • SSDEEP

      1536:AsmCCzg4Klt7jh//NiRMwoGK0tmdsAXixJz48dJ/zuXR:Atzilt/iR5ojGmdsAXoz4k/8R

    Score
    1/10
    • Target

      bin/cygwin1.dll

    • Size

      998KB

    • MD5

      c50b50303fae4afe7248307339a00d13

    • SHA1

      1b4a3f7666172809bd0d88f793ee855bd4b92938

    • SHA256

      712c39a069541afa69cfcbe01b422bd67b4201eee7e94cc1327d4ed8b4fa2167

    • SHA512

      123d06a0a5f891851e372881860b9d7fb8c453dcdbbca5970b9b2bf205f08f0a724595c6892f4afbbb4f85292a886dddffbf0d36dfe18d4b6eea7a5d12451762

    • SSDEEP

      24576:YbYJZPZf7KMuiA7Q4lsXBmStxacrFhG+wTGiPoy1u7MHltI:YAZfmM/A7Uk6xhpmGkoy1u7MH0

    Score
    5/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      bin/winws.exe

    • Size

      246KB

    • MD5

      444fe359ca183016b93d8bfe398d5103

    • SHA1

      61716de8152bd3a59378a6cd11f6b07988a549d5

    • SHA256

      0453fce6906402181dbff7e09b32181eb1c08bb002be89849e8992b832f43b89

    • SHA512

      d6780503164e7abd0017b94aeac824b3d25124ac84e9bfe423b78fe1f03b3eb4b719f85676ad0fd2e9227e45328a6b6abda75ed1341ea2a4332c0717720a6f72

    • SSDEEP

      3072:0Us5NqvvO9ab6+x7KYGJ1DjgvgN4tn/qzWRG53HfErKM78Kxh2m889QB+5UswNV:0x6WA6w2Rx4ttn/qD3sr0Kx9EuiNV

    Score
    5/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      discord.bat

    • Size

      694B

    • MD5

      9ceb09d08b3aabb2dafd3838dc9b63e8

    • SHA1

      0dcb4edf6bd5cb60a4595485ce6f91f7a9d83557

    • SHA256

      23447afaa2bd66c8d3faef854dcca202579244b54ac00e5ecf28f0d3117ca0c5

    • SHA512

      0800ffc7a96cb78eee4c00cada2a12a312cff77418bd80fdf3b6f0719466aac9c5ef57dae9b195ac05f3c7a12563f31b4074fe95bd5da05dda72c3e45ef325b0

    Score
    5/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      general (ALT).bat

    • Size

      828B

    • MD5

      a2877b77bd29ba5e78e63077ddd4d3b1

    • SHA1

      6682e7ab402fc93bb22d36ba79cecee403fb5643

    • SHA256

      e9d4ad516594f23aad67421f89f78183eb8658f813e5c82d4be626d0b05d1bdb

    • SHA512

      a9a17dbd3289a9c1e7d1665a306fd6b37923ae06ff563ef511c390ea5a3d271bc2dca37871b1b0a901cd5a94126d81ee0982e6ab18d0fc3b47d72271a0ba0773

    Score
    5/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      general (ALT2).bat

    • Size

      817B

    • MD5

      5f8d2d3dd4ec0a3f1cae9e1cbc394919

    • SHA1

      817362bd0f5d87ffebcf1a2364231575514e1f8f

    • SHA256

      4e2f38318fb611e63b6cb1fc391e3af1278ee687fa46b176c8a0cba642998767

    • SHA512

      9a713008b8fdf60d69624f46b2b52bdbf602ff84f20231214ca823798e260ad3aa0922ae49c06ba5e50d93978aed05eea1cdf8c86c030f3c4dd6f79868885ecb

    Score
    5/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      general (ALT3).bat

    • Size

      782B

    • MD5

      92501361059a9975e6bc7730b6558611

    • SHA1

      f23535cd52f24da6add87b86cfe1b31c5cbadde8

    • SHA256

      cad3f36aea619f1fa8e605035573d7ac85279904ebc4ae573eacebf62c97c595

    • SHA512

      aa84dbc51023f99ef4d65d14c6ca9de2d140ff6c11bf9719713e90654bfe11d62f5661b84e1210f81ecf3e462457ddbcc4fc481938650a9e8614ebdb7175b9e7

    Score
    5/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      general (ALT4).bat

    • Size

      806B

    • MD5

      8a7731decefcef4ec7fa2a64151bb4cb

    • SHA1

      a9c3d275e2a6c1cdab170c546112dc9523406858

    • SHA256

      692ddaa7cb183b3756decfb9730bab7efaa90a2b53c2fa972794756f73f99d25

    • SHA512

      b6e4a04c5388e022ec9e6e17497db48d3b7c493f69b3938059df6ba00c46507dfe014a1685b378c8cc692f439b130f288d8823624ff1ab90c405b7c188067eeb

    Score
    5/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      general (ALT5).bat

    • Size

      694B

    • MD5

      acf0049a95529a1ec5ede177f8905b4a

    • SHA1

      37fc7c0ba923524d5cac769e3c95a0013740c142

    • SHA256

      c142145e2c4210b61e007ec893109cefdf816a5eda45e85414a9e64f2b04447e

    • SHA512

      f35e5cbbe639a213dd80f2cddaa715e859be9eff2ffa83d9a6748e979cdcbc0a33a27b4f12d7d4cded36e0f0e8de85af9735cb72d6e42deda20f4061227a88a6

    Score
    5/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      general (МГТС).bat

    • Size

      822B

    • MD5

      747207b5f0f272f3641af2730a87fe6e

    • SHA1

      5fdfdeed4e7827d38e4002dd8b535e22fb687207

    • SHA256

      d8c2cad56f971f91f09f1b994d161d88bf9af8f3e20f46f55be47c06047ad574

    • SHA512

      ecaa890701e4f022e0098f2a706bad93ab3c4c7dbb15ef8993e364a6c88106cbbfd7c3f5a36fdf63af2b10580e005234d12ad03e2b57751fde5e3643866474d4

    Score
    5/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      general (МГТС2).bat

    • Size

      799B

    • MD5

      59af50dae742e0f35318fd0bd017d078

    • SHA1

      1398b1cf9eec88608e47351833e6be24a2635fb0

    • SHA256

      14c26c34621a4f4f1d40c029683bd6cca7339d4f0e9bfec7b3d189452b50f64e

    • SHA512

      ca1c4709088d77fec7e57e04396eb41aed84cf868b754253d1a40919360f21aa598035a7fc964f6dd314016ad8a4ed188a9542f934a888ede32dd9ec3259bc7f

    Score
    5/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      general.bat

    • Size

      828B

    • MD5

      96c6b973735aaa9345d11d573a5a8286

    • SHA1

      4e999d61eda13970707ccc48e32d1c1acdc1f986

    • SHA256

      4295d4ab95bdfe3e91a1a524b9c77dd0871583a871aaa42a3ca0a803eed7dc0e

    • SHA512

      8646c5b5f2f9cecb5663025ad4a0c8e495a9f220af0fad0ab4016fe1f5ff9de802e296a96436d46b9a143d657b901b673d0255961a85b3ea8c0c37a311993940

    Score
    5/10
    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Target

      service_goodbye_discord.bat

    • Size

      1KB

    • MD5

      b8bd3c68206b86e2cbb11e7b76ed9a06

    • SHA1

      38075123f33fde07aab8a356ac8137526f7b0c1d

    • SHA256

      31cea55bf006cc0028b19a06aa6aa0ca4661e4761efa6687b1af7386a2630ce9

    • SHA512

      7d108403ba77b94051d800d61eebb5785c155bc016336ad36fac1bd64e57f60df6821ba288f932a7d204de2521383148e8e7011b2812809c83ed3bbdaeb06989

    Score
    1/10
    • Target

      service_install.bat

    • Size

      3KB

    • MD5

      470d6bc5bb5175af646a97a0b1b231fe

    • SHA1

      5e2b605d284d1f80110874bf3adb0b18ff9d2da4

    • SHA256

      4b9199c0142b97cd153c5111044c663d46357c7fa18f2007026a1cf22ccaabcd

    • SHA512

      f8b2cfe6f4dc7bf2d309968cd78c820b28ecbdf4db5651cde188a1cd526ad20f9e9e7090987618af2d073f371406191c68cfe5ee7c944a5bf92266310e89a56f

    Score
    1/10
    • Target

      service_remove.bat

    • Size

      604B

    • MD5

      2c176f48e11777b556a2c54e90fc5bf4

    • SHA1

      d04632ad3125847b3398457fa8c663a9c2b75592

    • SHA256

      188daa999b8fe8ce8f92042fdcd883bda8fef130c887964d02ee152e01336808

    • SHA512

      5eed2aec67b9163c13e5e9dc55e2ba78e154d25b9ee8fa5a2538a62e3f97bdd59618e9c67315816b3239a958c9daf1f64b59d887fec2932db85ed60b36c03912

    Score
    1/10

MITRE ATT&CK Matrix

Tasks

static1

upx
Score
5/10

behavioral1

Score
1/10

behavioral2

Score
1/10

behavioral3

Score
1/10

behavioral4

upx
Score
5/10

behavioral5

upx
Score
5/10

behavioral6

upx
Score
5/10

behavioral7

upx
Score
5/10

behavioral8

upx
Score
5/10

behavioral9

upx
Score
5/10

behavioral10

upx
Score
5/10

behavioral11

upx
Score
5/10

behavioral12

upx
Score
5/10

behavioral13

upx
Score
5/10

behavioral14

upx
Score
5/10

behavioral15

upx
Score
5/10

behavioral16

upx
Score
5/10

behavioral17

upx
Score
5/10

behavioral18

upx
Score
5/10

behavioral19

upx
Score
5/10

behavioral20

upx
Score
5/10

behavioral21

upx
Score
5/10

behavioral22

upx
Score
5/10

behavioral23

upx
Score
5/10

behavioral24

upx
Score
5/10

behavioral25

upx
Score
5/10

behavioral26

Score
1/10

behavioral27

Score
1/10

behavioral28

Score
1/10

behavioral29

Score
1/10

behavioral30

Score
1/10

behavioral31

Score
1/10