General
-
Target
New WinRAR ZIP archive.zip
-
Size
358KB
-
Sample
241112-pzptla1rhy
-
MD5
87154d9468b7992fa2fee144767dd4f5
-
SHA1
fa0b67d0dbcf60ecbfa2fe12e5eeff29da38c8b4
-
SHA256
5d52f255f8ee67dd5523ad09dd47357f4eed802894f88fef9ea2aee894f42729
-
SHA512
325b16ec1119783fb39fe81e742f45602116d7efe96e30d146216e176693dd42235bd2d52a885dacc8c4aaa816f05e9cae90d15b56ca7ac539d9ada60afffd1e
-
SSDEEP
6144:F4DJMdFS831h5Y4DJuigu/1+1n8DBiTFrYQD2VIyfHSrY5rZHO932dPval6J8j:FmJMnS41h5YmJ1gG1aUBc5rYI2HBr6Y2
Static task
static1
Behavioral task
behavioral1
Sample
New WinRAR ZIP archive.zip
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
New WinRAR ZIP archive.zip
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
driver.sys
Resource
win10v2004-20241007-en
Behavioral task
behavioral4
Sample
map.exe
Resource
win7-20241010-en
Behavioral task
behavioral5
Sample
map.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral6
Sample
um.exe
Resource
win7-20241010-en
Behavioral task
behavioral7
Sample
um.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
New WinRAR ZIP archive.zip
-
Size
358KB
-
MD5
87154d9468b7992fa2fee144767dd4f5
-
SHA1
fa0b67d0dbcf60ecbfa2fe12e5eeff29da38c8b4
-
SHA256
5d52f255f8ee67dd5523ad09dd47357f4eed802894f88fef9ea2aee894f42729
-
SHA512
325b16ec1119783fb39fe81e742f45602116d7efe96e30d146216e176693dd42235bd2d52a885dacc8c4aaa816f05e9cae90d15b56ca7ac539d9ada60afffd1e
-
SSDEEP
6144:F4DJMdFS831h5Y4DJuigu/1+1n8DBiTFrYQD2VIyfHSrY5rZHO932dPval6J8j:FmJMnS41h5YmJ1gG1aUBc5rYI2HBr6Y2
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Executes dropped EXE
-
Adds Run key to start application
-
Drops file in System32 directory
-
-
-
Target
driver.sys
-
Size
17KB
-
MD5
8a17adcd8f3e544036dfdc25f2644922
-
SHA1
e03eec0ff44bb5ab27ab50acf71a89e0f15f90ad
-
SHA256
50bea91dfaff8335d4032c6a379dca922ddebaddcfde2f72b15d3a6dc2ff4e5a
-
SHA512
051efc8eaf2650b76a523a737a6726e44da45b384f1103086c29e1fde337d03e479410a08af846eb86314ba4804b7e09292f2c163bac770e1f07edf74edab7ef
-
SSDEEP
384:4e+AhSmf5h5VkR8Eb2Wb/wfT3iEx7bLDUjh0+:4e+AwmMi3iUbLDUjhT
Score1/10 -
-
-
Target
map.exe
-
Size
315KB
-
MD5
220d7af996c0bca571e964abe098aa91
-
SHA1
44bfdb294e8d09f881fd39a7313cd94dde977262
-
SHA256
e5a30ea9c9efd2d81d51f4778f2e904eb3fda2736c0028ec97d8b5d5d35548c9
-
SHA512
18af8556c1e6254a4f7cd87959203d8249a5f0dc16b73093eefc7f7ced0442738adc1e55a062aeee4cb5edd416e0aa05e101800a741afddb57a6e94ac1eefd76
-
SSDEEP
6144:UsLqdufVUNDa9dOQr1M7rU1a/NxEb52b/:PFUNDa9d71sU6o+
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
-
-
Target
um.exe
-
Size
574KB
-
MD5
57447960fde2e17e64739a0a4853aeca
-
SHA1
5c76fea05c81439f3ba79e42e6c8e6d808936793
-
SHA256
2bf2e09ccb1066a6d20f19f961efa7fd64c2cdb607d319fb7b5f82323dde5183
-
SHA512
dc22312839255e27ff54d43befbbdd26eacc2ec3890cda70d2651f8b02a81b4d497a0ba0c1e3bbde5793640bd74421f13b3e773b021ad57950a0d22d680075ba
-
SSDEEP
6144:UsLqdufVUNDaA5Cwa69QWJpUg6CapvHE99+60gK/kRteG7yVnknxeKCAgwM8zE5D:PFUNDaNtdkKk7Ckn4p1FPci
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Scheduled Task/Job
1Scheduled Task
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Scheduled Task/Job
1Scheduled Task
1