fc26da20c7ca8f009e2abb632bdbe0a73439e5b2c6fc97fd4fb2c9d34527c63c

Sharing

Copy URL

Twitter E-mail

General

Target

Mr.Time tool.zip
Size

10.0MB
Sample

240701-gj8yjaxfpf
MD5

c34b0a83a2f9048a7312621e9dd4373e
SHA1

1177443208cbc95e5ca70eafef7c9711537a7326
SHA256

fc26da20c7ca8f009e2abb632bdbe0a73439e5b2c6fc97fd4fb2c9d34527c63c
SHA512

3efeca6f1722ac005d50d73097adf795c0d78e5578236c5e369c123c29c77cbecc216064786ccfef44236fba6ef1da6e7e8fec716691c9eee329c7d789af8291
SSDEEP

196608:OYb4lK0DwqkixBXhcWJWBCeyxzV3IHGlLEvvBbY/OpI7WESsFqpFEejbrjtUjWC:jmDwqXXuWJWoHV3IHGlLEvps/dW38M10

Score

6^/10

discovery pyinstaller

Malware Config

Targets

- Target
  
  Mr.Time tool/Mr.Time tool.exe
- Size
  
  2.4MB
- MD5
  
  bc5143288bfb94c2b01f663cb825fdda
- SHA1
  
  3dfe1af882697fef434622dbff60e6d9e34c093e
- SHA256
  
  f27c66a7b23f8d5f3830a5f14d55f21f0f97e87b0acd8813b830d38814444127
- SHA512
  
  d29532451c843fe85dbb8ad3157b466a90ce55e783ed99177e164bdd097c12f3f6fed4ec986cb312f40e7ff21324b460443cf68bc391e9f04e6d179a1886936e
- SSDEEP
  
  49152:7igqK8cqO3dOGDA7yzwUnFLYowtzQNdzmJFjemauDZlbgdlixIU30snQLq:7i7K8DPGDOycUnpY7lQj2FKmFDzMfiLk
Score

6^/10

discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1 behavioral2
- Target
  
  Mr.Time tool/_internal/VCRUNTIME140.dll
- Size
  
  116KB
- MD5
  
  be8dbe2dc77ebe7f88f910c61aec691a
- SHA1
  
  a19f08bb2b1c1de5bb61daf9f2304531321e0e40
- SHA256
  
  4d292623516f65c80482081e62d5dadb759dc16e851de5db24c3cbb57b87db83
- SHA512
  
  0da644472b374f1da449a06623983d0477405b5229e386accadb154b43b8b083ee89f07c3f04d2c0c7501ead99ad95aecaa5873ff34c5eeb833285b598d5a655
- SSDEEP
  
  1536:+qvQ1Dj2DkX7OcujarvmdlYNABCmgrP4ddbkZIecbWcFML/UXzlghzdMFw84hzk:+qvQ1D2CreiABCmgYecbWVLUD6h+b4ho
Score

1^/10
behavioral3 behavioral4
- Target
  
  Mr.Time tool/_internal/VCRUNTIME140_1.dll
- Size
  
  48KB
- MD5
  
  f8dfa78045620cf8a732e67d1b1eb53d
- SHA1
  
  ff9a604d8c99405bfdbbf4295825d3fcbc792704
- SHA256
  
  a113f192195f245f17389e6ecbed8005990bcb2476ddad33f7c4c6c86327afe5
- SHA512
  
  ba7f8b7ab0deb7a7113124c28092b543e216ca08d1cf158d9f40a326fb69f4a2511a41a59ea8482a10c9ec4ec8ac69b70dfe9ca65e525097d93b819d498da371
- SSDEEP
  
  768:wPIyGVrxmKqOnA4j3z6Su77A+i0QLxi9z9Rtii9zn+:fBr87uW1nA8QLx+zrti+zn+
Score

1^/10
behavioral5 behavioral6
- Target
  
  Mr.Time tool/_internal/_bz2.pyd
- Size
  
  83KB
- MD5
  
  5bebc32957922fe20e927d5c4637f100
- SHA1
  
  a94ea93ee3c3d154f4f90b5c2fe072cc273376b3
- SHA256
  
  3ed0e5058d370fb14aa5469d81f96c5685559c054917c7280dd4125f21d25f62
- SHA512
  
  afbe80a73ee9bd63d9ffa4628273019400a75f75454667440f43beb253091584bf9128cbb78ae7b659ce67a5faefdba726edb37987a4fe92f082d009d523d5d6
- SSDEEP
  
  1536:i2sz7yc51BVo1QX/FPI11IK1cDm015ssO687sjkD1ISCV087Syyxt+:dsz2c5eQXB4am05spd7MkD1ISCVzL
Score

1^/10
behavioral7 behavioral8
- Target
  
  Mr.Time tool/_internal/_decimal.pyd
- Size
  
  251KB
- MD5
  
  492c0c36d8ed1b6ca2117869a09214da
- SHA1
  
  b741cae3e2c9954e726890292fa35034509ef0f6
- SHA256
  
  b8221d1c9e2c892dd6227a6042d1e49200cd5cb82adbd998e4a77f4ee0e9abf1
- SHA512
  
  b8f1c64ad94db0252d96082e73a8632412d1d73fb8095541ee423df6f00bc417a2b42c76f15d7e014e27baae0ef50311c3f768b1560db005a522373f442e4be0
- SSDEEP
  
  6144:vnXBJvhy8AJOMg4hmRWw710z4ez9qWM53pLW1AW/ZJJJWtCk1mGc:ByJJOMiRW+10EHFpNc
Score

1^/10
behavioral10 behavioral9
- Target
  
  Mr.Time tool/_internal/_hashlib.pyd
- Size
  
  64KB
- MD5
  
  da02cefd8151ecb83f697e3bd5280775
- SHA1
  
  1c5d0437eb7e87842fde55241a5f0ca7f0fc25e7
- SHA256
  
  fd77a5756a17ec0788989f73222b0e7334dd4494b8c8647b43fe554cf3cfb354
- SHA512
  
  a13bc5c481730f48808905f872d92cb8729cc52cfb4d5345153ce361e7d6586603a58b964a1ebfd77dd6222b074e5dcca176eaaefecc39f75496b1f8387a2283
- SSDEEP
  
  1536:JgHpgE4Z27b4ZWZnEmIAtISOIx7SyZUxN:i14ZeEmIAtISOIx7+
Score

1^/10
behavioral11 behavioral12
- Target
  
  Mr.Time tool/_internal/_lzma.pyd
- Size
  
  156KB
- MD5
  
  195defe58a7549117e06a57029079702
- SHA1
  
  3795b02803ca37f399d8883d30c0aa38ad77b5f2
- SHA256
  
  7bf9ff61babebd90c499a8ed9b62141f947f90d87e0bbd41a12e99d20e06954a
- SHA512
  
  c47a9b1066dd9744c51ed80215bd9645aab6cc9d6a3f9df99f618e3dd784f6c7ce6f53eabe222cf134ee649250834193d5973e6e88f8a93151886537c62e2e2b
- SSDEEP
  
  3072:Bsvkxuqgo7e2uONqG+hi+CSznfF9mNopXnmnu1ISZ1Vk:BnuFo7Jg1NYOp2uO
Score

1^/10
behavioral13 behavioral14
- Target
  
  Mr.Time tool/_internal/_queue.pyd
- Size
  
  31KB
- MD5
  
  b7e5fbd7ef3eefff8f502290c0e2b259
- SHA1
  
  9decba47b1cdb0d511b58c3146d81644e56e3611
- SHA256
  
  dbdabb5fe0ccbc8b951a2c6ec033551836b072cab756aaa56b6f22730080d173
- SHA512
  
  b7568b9df191347d1a8d305bd8ddd27cbfa064121c785fa2e6afef89ec330b60cafc366be2b22409d15c9434f5e46e36c5cbfb10783523fdcac82c30360d36f7
- SSDEEP
  
  768:xOz+R6rbVKMoNpISQUA5YiSyv86lAMxkEzc:xjgbVJoNpISQUS7SyU6dxPc
Score

1^/10
behavioral15 behavioral16
- Target
  
  Mr.Time tool/_internal/_ssl.pyd
- Size
  
  174KB
- MD5
  
  c87c5890039c3bdb55a8bc189256315f
- SHA1
  
  84ef3c2678314b7f31246471b3300da65cb7e9de
- SHA256
  
  a5d361707f7a2a2d726b20770e8a6fc25d753be30bcbcbbb683ffee7959557c2
- SHA512
  
  e750dc36ae00249ed6da1c9d816f1bd7f8bc84ddea326c0cd0410dbcfb1a945aac8c130665bfacdccd1ee2b7ac097c6ff241bfc6cc39017c9d1cde205f460c44
- SSDEEP
  
  3072:AHtmUArl7bOGLbfbmeq2wfq6XDQJsY2GvMe1ba+VRJNI7IM/H9o/PCrXuI51ISCQ:Ym5lfOGLbjBOq6XD4MejTGl
Score

1^/10
behavioral17 behavioral18
- Target
  
  Mr.Time tool/_internal/_wmi.pyd
- Size
  
  36KB
- MD5
  
  8a9a59559c614fc2bcebb50073580c88
- SHA1
  
  4e4ced93f2cb5fe6a33c1484a705e10a31d88c4d
- SHA256
  
  752fb80edb51f45d3cc1c046f3b007802432b91aef400c985640d6b276a67c12
- SHA512
  
  9b17c81ff89a41307740371cb4c2f5b0cf662392296a7ab8e5a9eba75224b5d9c36a226dce92884591636c343b8238c19ef61c1fdf50cc5aa2da86b1959db413
- SSDEEP
  
  768:9mqQhTcYv/NxO01ISCiO5YiSyvoAMxkEzef:9m7GINxO01ISCik7SyOxvef
Score

1^/10
behavioral19 behavioral20
- Target
  
  Mr.Time tool/_internal/api-ms-win-core-console-l1-1-0.dll
- Size
  
  21KB
- MD5
  
  4a8f3a1847f216b8ac3e6b53bc20bd81
- SHA1
  
  f5aadc1399a9da38087df52e509d919d743e3ea7
- SHA256
  
  29b7d786d9f421765a4f4904f79605c41e17c0a24d7f91e44c0b7b0dea489fc3
- SHA512
  
  e70d2b719517c413fa967ca1a8d224299af55d988b3cc28013aaa3677660fae9ecb6f858d31c08cd8a0888f932af1384f0eaa928c002200f0710c2d5bddced1b
- SSDEEP
  
  192:+zOGWZhWsWJWadJCsVWQ4OW4f/hHssDX01k9z3AHQH4i/vN:+zBWZhWZCsFf/FDR9zcQvv
Score

1^/10
behavioral21
- Target
  
  Mr.Time tool/_internal/api-ms-win-core-datetime-l1-1-0.dll
- Size
  
  21KB
- MD5
  
  d7ad8db12ff42d620a657127dada1d88
- SHA1
  
  0ca381c734a3a93dc5f19c58dadfdca9d1afccd8
- SHA256
  
  26054d8febab1aacf11aa5cb64055808cd33388a8e77d0b3bcbc7543b0eea3bd
- SHA512
  
  7e2d6b60adbf97b22ab4b66691e483827d5755cfc6fcb5224369ada53cbd8cda43c4694a000ea4b5cebc69a475b54df0e9694c20afd9ec62b4db7b22241bdc45
- SSDEEP
  
  192:SWZhWpWEXCVWQ4KWgfYXxwVIX01k9z3A2rZ2Co:SWZhWGVWR9zL12j
Score

1^/10
behavioral22
- Target
  
  Mr.Time tool/_internal/api-ms-win-core-debug-l1-1-0.dll
- Size
  
  21KB
- MD5
  
  c68a86c180ff1fcac90d1da9a08179c1
- SHA1
  
  c287951441c957931dc4ebbee4dc9426a4501554
- SHA256
  
  2c91c4861e88c92693a1b145ebe2f69ffb90797cd42061e2d84f3d7fc009a941
- SHA512
  
  857fbf9852596ef7263d8faf970128487413c859246f58b15cec32d11576894c47211a3bd9005f86c2a28fa6b67fba96831c4953c0fa24e2373a6daecb85e121
- SSDEEP
  
  192:JWZhW9VWJWadJCsVWQ4mWJfTBm+0U8X01k9z3Ar+bP:JWZhWiCsofTBmo8R9zY+P
Score

1^/10
behavioral23
- Target
  
  Mr.Time tool/_internal/api-ms-win-core-errorhandling-l1-1-0.dll
- Size
  
  21KB
- MD5
  
  a17ff429442d4e5298f0faf95950a77d
- SHA1
  
  522a365dad26bedc2bfe48164dc63c2c37c993c3
- SHA256
  
  8e9d1d206da69da744d77f730233344ebe7c2a392550511698a79ce2d9180b41
- SHA512
  
  7d4e31251c171b90a0c533718655c98d8737ff220bcc43f893ff42c57ab43d82e6bd13fa94def5bb4205caec68dc8178d6b2a25ad819689f25dad01be544d5ac
- SSDEEP
  
  192:hPmxD3jPWZhWUzWJWadJCsVWQ4KW8xwVIX01k9z3A2rEUOdu:hPAPWZhWUqCsLR9zLANA
Score

1^/10
behavioral24
- Target
  
  Mr.Time tool/_internal/api-ms-win-core-fibers-l1-1-0.dll
- Size
  
  21KB
- MD5
  
  73dd550364215163ea9edb537e6b3714
- SHA1
  
  c24fcadfee877d5402e2b4f8518c4f5f4a2ce4b4
- SHA256
  
  0235c78780eff0bd34fce01d1c366e5e5936ea361676cb9711a4cfff747d457a
- SHA512
  
  2406d9d44d3ed86a95248b25cf574e0c06533cd916048a2facd68f4db48e49e8e8ce1917091bcfb273d0acc210697ceb659930c896e51464c300ec06476d8cc2
- SSDEEP
  
  192:NyWZhWPWEXCVWQ4OW+shHssDX01k9z3AHQHBhuWC:QWZhWEnsFDR9zcQk
Score

1^/10
behavioral25
- Target
  
  Mr.Time tool/_internal/api-ms-win-core-file-l1-1-0.dll
- Size
  
  25KB
- MD5
  
  ecee1b7da6539c233e8dec78bfc8e1f9
- SHA1
  
  052ba049f6d8cd5579e01c9e2f85414b15e6cbf8
- SHA256
  
  249d7cd1c87738f87458b95ace4ab8f87b0de99eeefb796f6b86cba889d49b2c
- SHA512
  
  ea21fe20336b8170b2a8cd13df217e9ee87aa1d2b0ba476bee2a97c3fce57648c9ab664b9ba895d5bbbcd119f2bb6633bedc85dafbd7bf6853aa48b168a927f4
- SSDEEP
  
  192:1whDPvVr8rFTsKWZhWgWEXCVWQ4KWiOcADB6ZX01k9z3AT2s7u:WJPvVrQWZhW7KcTR9zW2s6
Score

1^/10
behavioral26
- Target
  
  Mr.Time tool/_internal/api-ms-win-core-file-l1-2-0.dll
- Size
  
  21KB
- MD5
  
  3473bc217562594b5b126d7aeb9380e9
- SHA1
  
  b551b9d9aa80be070f577376e484610e01c5171a
- SHA256
  
  0d8190fd619feb20df123931108d499132f7051f1ebb0ef246082f4c52c88b22
- SHA512
  
  036b93457ade632ad68264d81ff26ee1156038e234c606882386d6babcbe722a18e9ced1655f97caecaf5fd514e261dafe999a3e9fec00cc677e177f0bf8e203
- SSDEEP
  
  192:u7xmWZhWlWEXCVWQ4KWs8HjKDUX01k9z3AmaS+5:u1mWZhWSYpR9zX78
Score

1^/10
behavioral27
- Target
  
  Mr.Time tool/_internal/api-ms-win-core-file-l2-1-0.dll
- Size
  
  20KB
- MD5
  
  50abf0a7ee67f00f247bada185a7661c
- SHA1
  
  0cddac9ac4db3bf10a11d4b79085ef9cb3fb84a1
- SHA256
  
  f957a4c261506484b53534a9be8931c02ec1a349b3f431a858f8215cecfec3f7
- SHA512
  
  c2694bb5d103baff1264926a04d2f0fe156b8815a23c3748412a81cc307b71a9236a0e974b5549321014065e393d10228a0f0004df9ba677f03b5d244a64b528
- SSDEEP
  
  192:lC+WvhWRWYnO/VWQ4SWHvD480Hy5qnajsBkffy2:4+WvhWRUGEslECl
Score

1^/10
behavioral28
- Target
  
  Mr.Time tool/_internal/api-ms-win-core-handle-l1-1-0.dll
- Size
  
  21KB
- MD5
  
  53b1beee348ff035fef099922d69d588
- SHA1
  
  7bc23b19568e2683641116f770773f8bcf03376b
- SHA256
  
  3a52229bf8a9df9f69a450f1ed7afc0d813d478d148c20f88ec4169d19b0d592
- SHA512
  
  85c7ffa63483d69870cd69bf40e2b4ea5992d6b82607ee9bfc354c3bd5079e18cfe2ca0bcaa2fe493b42226f4a8097737116ea023823ce3ef177596dd80edcdb
- SSDEEP
  
  192:/JWZhWdWJWadJCsVWQ4OWHhNy9hHssDX01k9z3AHQHXJw:/JWZhW8CsEh6FDR9zcQ5
Score

1^/10
behavioral29
- Target
  
  Mr.Time tool/_internal/api-ms-win-core-heap-l1-1-0.dll
- Size
  
  21KB
- MD5
  
  5846d53ac41102bb6f7e1f78717fea7f
- SHA1
  
  72254f1b93f17c2c6921179c31cd19b1b4c5292d
- SHA256
  
  059dfa16c1bbe5ff3a4b5443ba5e7ad1d41e392a873b09cfef787020ca3e101f
- SHA512
  
  0c29c0f562f1cabd794d8bf7f5cef0b0213fcf52a71eb254e0122f88c6e03558cb2259caff6b46d3b055101ef5422318e48d6c7568cbf2423212b8ed4e8f0f7f
- SSDEEP
  
  192:gIxlyWZhW6WEXCVWQ4KW3YfyttuX01k9z3AwQoz/fI:gIxlyWZhWtMSR9zVQE4
Score

1^/10
behavioral30
- Target
  
  Mr.Time tool/_internal/api-ms-win-core-interlocked-l1-1-0.dll
- Size
  
  21KB
- MD5
  
  5a1569efa80fd139b561a9677a661f8a
- SHA1
  
  fb0c824688e65ed12f52fa961ef3bae5674f32af
- SHA256
  
  41c1eaf5545109e871abef7386ab1abf9d2de1762cb4720c945afa8424858b00
- SHA512
  
  1d2594c7f9757a95b41a9e6496f89c81fc96448b32cacb0c10d0db8c28a95cf33b3ad23348bcd8fb37d82bd72865d3c60944206f2e795686440de49bbcc39d7e
- SSDEEP
  
  192:NHWZhWjWEXCVWQ4iWM0JKxu3O6YX01k9z3AFs5Ks:tWZhWYj0J8R9z2s5Ks
Score

1^/10
behavioral31
- Target
  
  Mr.Time tool/_internal/api-ms-win-core-libraryloader-l1-1-0.dll
- Size
  
  21KB
- MD5
  
  5eb2d8e1b9c9bd462c808f492ef117c2
- SHA1
  
  60d398ec6e72ab670a2d9ef1b6747387c8de724e
- SHA256
  
  db85f9aae6e9a5f1664326fa3fb82fe1002a3053857724d6c8d979a07c1221a1
- SHA512
  
  df0ef770368f153104f828f1c2381bea9a79e69defd43af53bdd419b7d80144831e0c4cc8695baee9f26928f0c4a00fe4837c872313c37bce1b23e6690a93bda
- SSDEEP
  
  192:8TvuBL3BBLMWZhWNWJWadJCsVWQ4iWBRBm+0U8X01k9z3Ar6V2EzVL:8TvuBL3BiWZhWMCsGRBmo8R9zY6V2w
Score

1^/10
behavioral32

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

T1046

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Targets

Creates a large amount of network flows

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32