0ff7b09e34e846df33ae617eac8ae1c30587e0cd6c5dac9c76eb15a371b4b574

Sharing

Copy URL

Twitter E-mail

General

Target

RawAccel_v1.6.1.zip
Size

1.4MB
Sample

250103-w7ag7sxkhs
MD5

ef51f05a4eaaa9992d5258b4cb7cc4e1
SHA1

9e8c35e8496680741209e0fe1ce3707fdfed530a
SHA256

0ff7b09e34e846df33ae617eac8ae1c30587e0cd6c5dac9c76eb15a371b4b574
SHA512

5fa9c5309f01de8200b34018d7e5e6a0a704525490fbd43e3c1aaf5ff2830104f93dcee1affc65262c1947c67c3fded225101df7483763e7af13750b3f95f82f
SSDEEP

24576:mEAHHUU41yrOA2qLLT85N/6GhMulsk0blztIRn1fa++XIYeHJJd:oHUyKAbA/6+Sk0hCmdIYSd

Score

8^/10

Malware Config

Targets

- Target
  
  RawAccel/Newtonsoft.Json.dll
- Size
  
  683KB
- MD5
  
  6815034209687816d8cf401877ec8133
- SHA1
  
  1248142eb45eed3beb0d9a2d3b8bed5fe2569b10
- SHA256
  
  7f912b28a07c226e0be3acfb2f57f050538aba0100fa1f0bf2c39f1a1f1da814
- SHA512
  
  3398094ce429ab5dcdecf2ad04803230669bb4accaef7083992e9b87afac55841ba8def2a5168358bd17e60799e55d076b0e5ca44c86b9e6c91150d3dc37c721
- SSDEEP
  
  12288:Lf9WGsSVSM2mxL2nRiOr8gUckc6V/g2GhBzj05cH:7XNL2PVh6B+Bzjmc
Score

7^/10

steam discovery phishing
- A potential corporate email address has been identified in the URL: [email protected]
  phishing
- Detected potential entity reuse from brand STEAM.
  phishing steam
behavioral1
- Target
  
  RawAccel/converter.exe
- Size
  
  192KB
- MD5
  
  11881966a4189b6066c4349e85c07f91
- SHA1
  
  d45412bea6c4dcfa346626f8c7d925329e8131aa
- SHA256
  
  0279c9fb78efe308a8dc792fbf1bbd09fe63ffb3ba2cda716fe822c60d1e4482
- SHA512
  
  2445929aac344314dd019d160a35eab1a5191644f27f57c21e71509ca4b829bcc628cc36851ebc10cec2bdf77f8b4925d46f4344677649412e8c35cb6fc01ca8
- SSDEEP
  
  3072:HK71obs9cD3WTwzi1hItVgLzWbtIphS2RH77HvAtAFjGC8olv8/lNPQB:q7iufWlIbS2RHXHvAtAFjGC8olv8/la
Score

1^/10
behavioral2
- Target
  
  RawAccel/driver/rawaccel.sys
- Size
  
  49KB
- MD5
  
  71f344ff16eef68a0805b747ea9ab85a
- SHA1
  
  3224069aaec50d57f7ff2db31064fd14f95cb9ea
- SHA256
  
  fc1d9eef1f99951f14e53e14250ef944c5dcd82117497a1eaf5ced6623b6855a
- SHA512
  
  338b2ecf11a0e62bf70f8fa55dc27ef13f7e54fd01611b4fc7c5788a612540dfe8f9ddd2688868afb326e616a9440e47ca3d703c322e993989035e611797400c
- SSDEEP
  
  768:mGFZ5+o2cZsU134/sSqGCHzn52Ene4ExHtq6Cbf2Q+IRNJ4/UOdt3s4:mGZ8oZJ40Hj554HoUqNJ4sOdtc4
Score

1^/10
behavioral3
- Target
  
  RawAccel/installer.exe
- Size
  
  60KB
- MD5
  
  7c9fe766edc6e96f0ba7f8545b32a51a
- SHA1
  
  c43950f33630cc0602b7ec3f9ffc483084df6190
- SHA256
  
  96cbd4ba183f570ba5f24aaf693f49e2227a7485a06bd176f6224c52f980a0ad
- SHA512
  
  e874f3ca3af0d0cfefde78b9978acda857c8b993a4a6dcb83008e3e79fc80081aaa31b6699e4e0bc76ece31e85692a0d74313894a0d9b03b7d9ef924bea57ede
- SSDEEP
  
  1536:1Aujzkv4P9A2NjPm3WG21KmUIFXVzxWOEW9:14gP9A2NjPmGG2SIFXVzxWO/
Score

8^/10
- Drops file in Drivers directory
behavioral4
- Target
  
  RawAccel/rawaccel.exe
- Size
  
  410KB
- MD5
  
  4af35d45d33011a4b161474e2fdc574d
- SHA1
  
  19381f3377d016e8661df26f4300fb46abfea795
- SHA256
  
  8f134f7dd9fd3dd6609b3194b4dc743f081ac8dc711e63c378e50e42d7dfcb3a
- SHA512
  
  77d38bc6302dc4868af3aa12c49b646a79bb1c74d7799018b8a154bd760f61d54c4a442fa2ee2972ec4b0bf504d36e181bba3205a00d003faf3a1c7cd57fc802
- SSDEEP
  
  3072:JbPVoEY5ll2vSHCZfgDnqCiLxBrQeu2C9+55xDTGpZib9mXfb9mx4:1NdUll26HyOiLxBrQf2qXg9mXj9mx
Score

1^/10
behavioral5
- Target
  
  RawAccel/uninstaller.exe
- Size
  
  53KB
- MD5
  
  167a45d1b7e3d03c634053f6027c43d5
- SHA1
  
  4effde6ee1d8aaf763d36e40bb97a2f455360696
- SHA256
  
  944946946b3e853dff5ad058dedbe7fb81d0c5aa2c45a39b0e2b47fd3b42f561
- SHA512
  
  443ab740d95ccb8a17317c6dcf4a117f1b1455c7b266dc3e93d62c308f332c9934d662e2fcb9472fecdcc532a2899a2e28a4d2c4922fbf540f09b00f4b7819d4
- SSDEEP
  
  768:WUZvMEHiP3xj/o4xshmrUJ1kFXnbBQ5fmPv8OfBHXu5P2hwCVEV3GPkjvS:W4mP3JDQJ1kFemPUOfVu5euCOESS
Score

1^/10
behavioral6
- Target
  
  RawAccel/wrapper.dll
- Size
  
  306KB
- MD5
  
  aa082d6cb425eb8c18fbbdc357dba9b4
- SHA1
  
  f41254ca271453b8b6dea1fe60cd98c52e27b649
- SHA256
  
  187155504c582e6d6c6e46c9cc0ce54a65cf627d3afbf73fb8d74d456b29e143
- SHA512
  
  65a693cc597558c10eee27a2a836aa5a593d68ddc5978164ee7982b218a4c58a9480ce9be6e6a917968c1c9257b72dbfc6125e7efb2eae0e6397ba66b4491fec
- SSDEEP
  
  6144:+WutAlrKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKX:tKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKm
Score

1^/10
behavioral7
- Target
  
  RawAccel/writer.exe
- Size
  
  5KB
- MD5
  
  4d0b240c4e88a88fdf7ea4e88339cc98
- SHA1
  
  9d70f3bfb5ba8fd03b4d48da166ff4870886c2ce
- SHA256
  
  33e9c1917cce05bef33df11ae7e3811adad481a340825bb2df060feb9038738a
- SHA512
  
  9191d111913fc079ecfd77ea5862e2d5d987043b16fa932e86c8403ad7b2438fda4deabaff5aee6237b7ac2e899b37d2605bcd0158bea3966fb81876cafe400a
- SSDEEP
  
  48:6QRqYzSUD0PUZ8EJiNRHTYhYlgsJrNM1p5OOlNuSey8gYzBbIIPZsFtXsuhlQyRY:/xX0s5JokhYysJe80uVmYzB8hfzNt
Score

1^/10
behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

A potential corporate email address has been identified in the URL: [email protected]

Detected potential entity reuse from brand STEAM.

Drops file in Drivers directory

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8