← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
a bunch of malicious car /management apps - www.vxdiag.net/managecenter/apps/ford/install.exe
WHITE dorkingbeauty1 2022-08-09 Modified: 2022-09-08
239
IOCs
HIGH VOLUME
Fingerprint Queries kernel debugger information Reads the cryptographic machine GUID Evasive Marks file for deletion Possibly tries to evade analysis by sleeping many times
dropped filecomparam eiddefaultvaluecomparam idreferrorcode idrefidrefshortnameclasssuspiciousentropypathdelphimaliciousauguststubstringsapi keywww.vxdiag.net/managecenter/apps/ford/install.exe
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (55 / 239 total)
All URL hostname FileHash-SHA256 domain CVE FileHash-MD5 FileHash-SHA1
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 1b9cc556bce31660f5a228c175d92a82 2022-08-09
FileHash-MD5 1ba43b9f0254889fc6e6bc37509dac58 2022-08-09
FileHash-MD5 40cd2aef2502584d705226c64c7bab18 2022-08-09
FileHash-MD5 42737137b0758bf0369100f261749dd0 2022-08-09
FileHash-MD5 4f3441a343af53c0300976fb9a4f3160 2022-08-09
FileHash-MD5 53d6916d0e2e76094c1160ea78972f42 2022-08-09
FileHash-MD5 6f9acfc26ccebdb7cb0f4322c4b9f046 2022-08-09
FileHash-MD5 73db1a02404d31eaaf6582b12d75948d 2022-08-09
FileHash-MD5 75e242cbcd975b006362833637f43629 2022-08-09
FileHash-MD5 7606ec090e888dce48fb8504f4289398 2022-08-09
FileHash-MD5 7661b236fe97fe08358d8c8a4b3da918 2022-08-09
FileHash-MD5 7e2ca690c06e72c154521ce100acefa1 2022-08-09
FileHash-MD5 7ef1f975d35c82a5e516b2c596935cb5 2022-08-09
FileHash-MD5 810cdc6851728c6a02a62d39cb187b8a 2022-08-09
FileHash-MD5 833319673b55b029406429f9b3242cc8 2022-08-09
FileHash-MD5 8f6afd0bafc72b0499c552baddbca255 2022-08-09
FileHash-MD5 91b71dbe075ec908b8b000283532e6d1 2022-08-09
FileHash-MD5 9467577295abcfb6a2e2239558c41832 2022-08-09
FileHash-MD5 94a72d877768de20a098e142115b66b6 2022-08-09
FileHash-MD5 9bade97efa55af329a2dbbcebad8f23b 2022-08-09
FileHash-MD5 9d75be10846e6dbe5fd9adc6d7cb93b4 2022-08-09
FileHash-MD5 9ea4141100b463fba7892f3fd1e675c5 2022-08-09
FileHash-MD5 a08e4342540c48f4a8bb345b81beb1f1 2022-08-09
FileHash-MD5 a51bd4d7736a8f532fce3ea153137c02 2022-08-09
FileHash-MD5 a6bc091962ac3d9b568fe73d479fda2e 2022-08-09
FileHash-MD5 aa0da7c712db1a3a6d8ab75c9337b878 2022-08-09
FileHash-MD5 afd2d5240568c445a850f05f1d73e8a4 2022-08-09
FileHash-MD5 b0ba7d5ffa7ad639b740ca3a089e6dd7 2022-08-09
FileHash-MD5 beceeb873f8e89daed608207b1349f45 2022-08-09
FileHash-MD5 cebf8f53d364ea845538ec8114dbb105 2022-08-09
FileHash-MD5 d7b37b744bb5fea5b4fea3064e6b5a35 2022-08-09
FileHash-MD5 d7e3e2193aa126fad67d407c6de1b5a5 2022-08-09
FileHash-MD5 e35fa9b1c9207b240a55dcc8a7e6e83a 2022-08-09
FileHash-MD5 e8ba695b89c523f53dbb758ca1845498 2022-08-09
FileHash-MD5 fc6683d30d9f25244a50fd5357825e79 2022-08-09
FileHash-MD5 1b9cc556bce31660f5a228c175d92a82 2022-08-09
FileHash-MD5 1ba43b9f0254889fc6e6bc37509dac58 2022-08-09
FileHash-MD5 40cd2aef2502584d705226c64c7bab18 2022-08-09
FileHash-MD5 42737137b0758bf0369100f261749dd0 2022-08-09
FileHash-MD5 4f3441a343af53c0300976fb9a4f3160 2022-08-09
FileHash-MD5 53d6916d0e2e76094c1160ea78972f42 2022-08-09
FileHash-MD5 6f9acfc26ccebdb7cb0f4322c4b9f046 2022-08-09
FileHash-MD5 7661b236fe97fe08358d8c8a4b3da918 2022-08-09
FileHash-MD5 7e2ca690c06e72c154521ce100acefa1 2022-08-09
FileHash-MD5 810cdc6851728c6a02a62d39cb187b8a 2022-08-09
FileHash-MD5 8f6afd0bafc72b0499c552baddbca255 2022-08-09
FileHash-MD5 94a72d877768de20a098e142115b66b6 2022-08-09
FileHash-MD5 9bade97efa55af329a2dbbcebad8f23b 2022-08-09
FileHash-MD5 a51bd4d7736a8f532fce3ea153137c02 2022-08-09
FileHash-MD5 b0ba7d5ffa7ad639b740ca3a089e6dd7 2022-08-09
FileHash-MD5 beceeb873f8e89daed608207b1349f45 2022-08-09
FileHash-MD5 cebf8f53d364ea845538ec8114dbb105 2022-08-09
FileHash-MD5 d7b37b744bb5fea5b4fea3064e6b5a35 2022-08-09
FileHash-MD5 e8ba695b89c523f53dbb758ca1845498 2022-08-09
FileHash-MD5 fc6683d30d9f25244a50fd5357825e79 2022-08-09
References (3)
↗ CVE-2021-22941 ↗ https://hybrid-analysis.com/sample/b6ac1bdb4a31787d8e6fa5aa8cbf2ce2538c0f63313fe4e57fdbe3ec2c869ddf ↗ https://hybrid-analysis.com/sample/b6ac1bdb4a31787d8e6fa5aa8cbf2ce2538c0f63313fe4e57fdbe3ec2c869ddf/62f124a02adc8f11be57bbe4