54189c71781c412ef7103f17df89a1bbf6e1b608b4f16479374191e3262d32ed

Sharing

Copy URL

Twitter E-mail

General

Target

win-bundle-master.zip
Size

34.0MB
Sample

241203-t7f9msyrbl
MD5

84bf002e85a2130c41ffb58aa90f3ac0
SHA1

ebd8f25933a72ee9da4754fb1947d04dab526d66
SHA256

54189c71781c412ef7103f17df89a1bbf6e1b608b4f16479374191e3262d32ed
SHA512

ab14d4d2eb054d6ce2be881e2c0920790135bc728f1f76b58327d09af825380b26e2cd0a8b2a8924ac41eef44829c4449b51013f6132249831fb2a00f1a1a4cd
SSDEEP

786432:XZi800+eODpfCL8UXMf0FsqwlGrob+6KvVRIxeyyTsqwlGrob+6KvVRIxeyyX:XY80AoAwUXUT9b+lVR2V9b+lVR2c

Score

6^/10

Malware Config

Targets

- Target
  
  zapret-win-bundle-master/arm64/install_arm64.cmd
- Size
  
  1KB
- MD5
  
  541ded7120e3cee2fad8447eaafe47ac
- SHA1
  
  b96173482a00e2f450d6dc719fb59930b803c3c7
- SHA256
  
  3b5b8617a5a35edd33574d291ac631e99b7386fc2d1daf7a2d814c512f17d7b7
- SHA512
  
  ae969a4540f05c19c4e2559e8ab878d7f6c60a8e187d6323c8ffb21d185a97a28eae9cb9645f4609acdfc6760311f0864d19907ddef0dfcc3c65c6058ccf3359
Score

1^/10
behavioral1 behavioral2
- Target
  
  zapret-win-bundle-master/arm64/ip2net.exe
- Size
  
  23KB
- MD5
  
  d3c67ec6e4ebedbb52c4a5560298db94
- SHA1
  
  c17fa3054e16b8e82974efdd1a432d025dae7c89
- SHA256
  
  6776a1c88636352477610ee959def8f2a6a7c7a4056135a115a78c50d6700451
- SHA512
  
  3a5b8b637bb7bb12117d556c51e38c94893f8740efbde1823326c95283a3a6bc393b2be6e52cc44d78d58b9c7f706f882c71b168a5e5c9e4b5168fd13cff0a2c
- SSDEEP
  
  384:PZPL8dHPAvlpgdkuVtrDFwww95O4NKjNYlLds6c+JdSHyC45dQxQOs4e8DOaia1J:hYdHPY6dTVt/FwweVUNeLS6cs6yCK2Qk
Score

1^/10
behavioral3 behavioral4
- Target
  
  zapret-win-bundle-master/arm64/mdig.exe
- Size
  
  119KB
- MD5
  
  2c9ae45944ac7213d8f25043a8718940
- SHA1
  
  893d5a713781e0d970b8cd0c51430e25d384bdc4
- SHA256
  
  2341517eef2df024b9bf37c7ebaf611107bcf9810c211505710963ace8359f06
- SHA512
  
  a5391596f45342050a81c9b17f2c00766da18015a0b388b7ada0c53d874e3051ce1f994edebb577f80518d626902c39ce3496a808021e1dbac8e83a4877c1d48
- SSDEEP
  
  1536:NAgGK9xg7yAkB2wJWuO52rzzaHq+DzLeOMu17/R8xSizIywgoiVtNirya8BpX/7S:NHE3klNO52rzzaHe+ljiVxtxk4rcNbn
Score

1^/10
behavioral5 behavioral6
- Target
  
  zapret-win-bundle-master/blockcheck/blockcheck.cmd
- Size
  
  194B
- MD5
  
  5763cb58e6d9b26d626dc860edf2d964
- SHA1
  
  e7a90688360deae0e0f44c2541b0aa392f622766
- SHA256
  
  5a2de13b097b1ee482f02052c72c5ed29d1541e139464a98697388f4e90cd998
- SHA512
  
  339ef0a577f6f6529d36aead691afe9eede48789908cbf30036f516842d3a100599bb3992c66663b085601e5ef8a4b0179644ba7571e23936ba9f5055d308299
Score

5^/10

discovery
- Enumerates processes with tasklist
  discovery
behavioral7 behavioral8
- Target
  
  zapret-win-bundle-master/blockcheck/zapret/blockcheck.sh
- Size
  
  51KB
- MD5
  
  9ddbecaf77d9c20696b679d3bda5bd95
- SHA1
  
  188bb0b81445b9cdcfd470a9e594fbc97e2cbbc2
- SHA256
  
  c8ca0e27212487656edce27cc26e5cdf25c2237c717ef9d90722ff54ac4ebcee
- SHA512
  
  d4accbe38147545186bbf67936ac131dd6e879fc59a502dafd55385180babb8541797da5b250745affa22e5ea6f0325c6277a74f8e45fefed979c9bd1328b854
- SSDEEP
  
  1536:nQ3Ds3LsiRjSpercIfjur6BdrfrtwWLlQLMnxXi1vIbIksApwmjx:VRjljurEdbrjjx
Score

6^/10

discovery
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral10 behavioral11 behavioral12 behavioral9
- Target
  
  zapret-win-bundle-master/blockcheck/zapret/blog.sh
- Size
  
  220B
- MD5
  
  47fcc2f9d199486b64e3f5c37e0b3920
- SHA1
  
  4a79609abab1a5837dbcf32f80655b54828f55f6
- SHA256
  
  66f32fa4470cd63a4014da8fa10af11a25862f564e53016d1b790f82c2d83760
- SHA512
  
  9c82d52c0a4389bb4c9a7b055c8ca01f3c2a3cba7942c8e76abafa58e7338059f8e07a40bf04f1086b2a340e8e0736abd76707133f119490b0edd13d54171fb4
Score

3^/10
behavioral13 behavioral14 behavioral15 behavioral16
- Target
  
  zapret-win-bundle-master/blockcheck/zapret/common/base.sh
- Size
  
  8KB
- MD5
  
  22402b14a55e574a5058b8a42b3b2a02
- SHA1
  
  4189f9bef49517dd924289f0395f249d91482e59
- SHA256
  
  ae59012a8a604382559c573ba22fa090f96c0acc20b29815f6cc20fb1873981b
- SHA512
  
  aff79f4a2a93f1e7d474ba3bedec8fe4ee066e49ac629ba45433e94305922f5945788631c0be539a2dbedb18216ed1921049480ae8a7a171e6575b37e14aa637
- SSDEEP
  
  192:Kgt3kUeq6+HoqyECECFMxXhJ+708+8NLMfdg4WPeyLYzyrONLdDL/Wu2:KgdkU6+HcECE0MxXb+70FfdnWXYzdDTo
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  zapret-win-bundle-master/blockcheck/zapret/common/dialog.sh
- Size
  
  1KB
- MD5
  
  6fd5b6525dfdd5fdff0a4919fd1a5105
- SHA1
  
  29dbdca361638b242c8bb36bb4f6b37d34494eae
- SHA256
  
  ccaf7f160b50060ca3a4044f43c30018c156636c3f4a8ad2e00e60518905a5e9
- SHA512
  
  92bcdee7f8ca1ab6e3d330e918ced08d3c26d8b192c0f62a95daf3d4994a196509f019ada6f22760941aa18660dbfe39368af3eae81ffcdb3fd6adf379225fee
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  zapret-win-bundle-master/blockcheck/zapret/common/elevate.sh
- Size
  
  530B
- MD5
  
  6a2f4103dc14704a6db57a4468d8acfe
- SHA1
  
  f1ebca0f2b3c3830e75fd0e28111b1975f025f6c
- SHA256
  
  077dd6dfe7cbd686b84788260686d9d971546e67c7734a5e42f6b42af0adf886
- SHA512
  
  b2029907320a4d6a903fc1672a185168c706077c9f60b31475b17647238ff8e71cc94faa6bdb46a10773b572e6a428796d582551ffc85acf8799338ef22d4699
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  zapret-win-bundle-master/blockcheck/zapret/common/fwtype.sh
- Size
  
  929B
- MD5
  
  870dcc207c4808cc6934d204a1f2311a
- SHA1
  
  d8444d08ced2172c645ddd346cac378df8cda0b8
- SHA256
  
  8a21e8f8fb1878bef256a467540a9fae42f9135201cbad06c1118c1f2bf69b50
- SHA512
  
  aa49a818a484f1be79bad9af6dc99cf171e940ea03b8bf7d961a9cdac2268f5066f224ee45a22c7632a522af7046c8fa8165aa994267b38a123a6e178230ac55
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  zapret-win-bundle-master/blockcheck/zapret/common/virt.sh
- Size
  
  966B
- MD5
  
  c161da3593f20e9920b48c5525ce141b
- SHA1
  
  9d27ab0bcc1193d1c2338619b7c6a1c053949a3d
- SHA256
  
  b0afe9439e4a56be386e6dbf9c78cf16197997ec13dd30d57e6ceb2c473a661b
- SHA512
  
  a1468684c920245294452a9b493a4c0adb1c01ed26e65b3fafd507b6f231580dfbb78b495dceed30d8c71453a932742b2cfe927ceb900098c573571a865ab278
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  zapret-win-bundle-master/blockcheck/zapret/ip2net/ip2net.exe
- Size
  
  90KB
- MD5
  
  b7674a72c0c8cc5d3a787d2318a077cb
- SHA1
  
  e976abe6416da78d0229c4373566afad586e959a
- SHA256
  
  f6f52d4814d3efb6ddd413b4dcd524f11effa4c95dac92c8a315476c603b515a
- SHA512
  
  7d43b04ade85c39cf82ebcc51973e53c1900f05c14ac4a85d8d4dbc962d77246a29f8f99d742b6ea28236f595f40e8dfe35b5203b4dc0274c59517dc422e7d1f
- SSDEEP
  
  1536:7qkk0SH245fEcdL5Yr5xJJSc43jwXf9cm1r8wTXuKjOwxhYlW:7qR0SdDIMcvP9cm1r8+lPxhYo
Score

1^/10
behavioral27 behavioral28
- Target
  
  zapret-win-bundle-master/blockcheck/zapret/mdig/mdig.exe
- Size
  
  124KB
- MD5
  
  57e2fbd46dfe009a1a92d6b408f2cfae
- SHA1
  
  d17f03ee5b18fdd4c01d72252b6a18b3f3c1336c
- SHA256
  
  fe83dca3e46797b00a14f3c1ec85b4ceeca2127190093a66eac3e7993cf2e370
- SHA512
  
  ef290cc912ac091d6f3dd24966c01953ebf9a27bbe7ea16f1538092964e92868e9271060dff7a0e693f59b6e5cc0737720218e9b65d21253920ad412e214d382
- SSDEEP
  
  3072:M8jsKqKANv6/tflqcT1r8d6OR0NoIdo7PB:M8a/qNl2dLqNoGo7PB
Score

1^/10
behavioral29 behavioral30
- Target
  
  zapret-win-bundle-master/blockcheck/zapret/nfq/WinDivert.dll
- Size
  
  46KB
- MD5
  
  b2014d33ee645112d5dc16fe9d9fcbff
- SHA1
  
  aa69498562d350f2de06954b133e59fac1e57002
- SHA256
  
  c1e060ee19444a259b2162f8af0f3fe8c4428a1c6f694dce20de194ac8d7d9a2
- SHA512
  
  37014a018b9cd91b2eaeeccc7c5af3838fcae4d4fe6bb50c7ae32cd5c99423965a3e3efb29499324f6885b8f0c2ee2952cb75ab73db4e8960811abcb46801f15
- SSDEEP
  
  768:Qjf2rf/kxpxI+JEw2VWHDDjQSQX4zTtllgwBqWocwTicI:YuT/CXHDvVQatonTic
Score

1^/10
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Process Discovery

T1057

Remote System Discovery

T1018

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

System Network Configuration Discovery

T1016

Internet Connection Discovery

T1016.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Enumerates processes with tasklist

Enumerates running processes

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32