← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
a bunch of malicious car /management apps - www.vxdiag.net/managecenter/apps/ford/install.exe
WHITE dorkingbeauty1 2022-08-09 Modified: 2022-09-08
239
IOCs
HIGH VOLUME
Fingerprint Queries kernel debugger information Reads the cryptographic machine GUID Evasive Marks file for deletion Possibly tries to evade analysis by sleeping many times
dropped filecomparam eiddefaultvaluecomparam idreferrorcode idrefidrefshortnameclasssuspiciousentropypathdelphimaliciousauguststubstringsapi keywww.vxdiag.net/managecenter/apps/ford/install.exe
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (34 / 239 total)
All URL hostname FileHash-SHA256 domain CVE FileHash-MD5 FileHash-SHA1
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA1 12b57100ffea48c8fa7341280dd865e6eb3c38a0 2022-08-09
FileHash-SHA1 14b5f8f5119c9057df7609e8b69dadb872f0a935 2022-08-09
FileHash-SHA1 1bcb9af2c3425bbbf9ee7641ead2ec4dc02da346 2022-08-09
FileHash-SHA1 2a4adf2f6f0d4adf8a54628672bd9ea2057206ba 2022-08-09
FileHash-SHA1 443965a0b8e7d7396db3110d824b0415fdc9e203 2022-08-09
FileHash-SHA1 49dd44a002429ef0737a251aed11ffe8e0ee4452 2022-08-09
FileHash-SHA1 61bac900b004ffcac2145e35a007b43a7a4433fe 2022-08-09
FileHash-SHA1 73a569cfbbe3df09a04024d8580e74d7b5b19e14 2022-08-09
FileHash-SHA1 947bb3077465895481850da06afda43f823dd206 2022-08-09
FileHash-SHA1 9fb554bfc25ff413e6f6f25514d9ab136eab27b7 2022-08-09
FileHash-SHA1 a1a47ca5ef8807da945717caadf3101f9e4fc0b4 2022-08-09
FileHash-SHA1 a53748b2495d91b53c10c2e93256151d75e0f797 2022-08-09
FileHash-SHA1 bf8d86abd0c5fd67ee58f7062c58a66251762288 2022-08-09
FileHash-SHA1 c6589f16f30725415b77c4a34cebe1e7ce8bdc91 2022-08-09
FileHash-SHA1 d08bc6f3afb4a73a7aad906fa85bf99ae9650848 2022-08-09
FileHash-SHA1 d24b9d61a8e6961f5ce6db2cc1b8eec25746fcc2 2022-08-09
FileHash-SHA1 e19ee99a60efd7356edacc9dcf15601cdfa99272 2022-08-09
FileHash-SHA1 12b57100ffea48c8fa7341280dd865e6eb3c38a0 2022-08-09
FileHash-SHA1 14b5f8f5119c9057df7609e8b69dadb872f0a935 2022-08-09
FileHash-SHA1 1bcb9af2c3425bbbf9ee7641ead2ec4dc02da346 2022-08-09
FileHash-SHA1 2a4adf2f6f0d4adf8a54628672bd9ea2057206ba 2022-08-09
FileHash-SHA1 443965a0b8e7d7396db3110d824b0415fdc9e203 2022-08-09
FileHash-SHA1 49dd44a002429ef0737a251aed11ffe8e0ee4452 2022-08-09
FileHash-SHA1 61bac900b004ffcac2145e35a007b43a7a4433fe 2022-08-09
FileHash-SHA1 73a569cfbbe3df09a04024d8580e74d7b5b19e14 2022-08-09
FileHash-SHA1 947bb3077465895481850da06afda43f823dd206 2022-08-09
FileHash-SHA1 9fb554bfc25ff413e6f6f25514d9ab136eab27b7 2022-08-09
FileHash-SHA1 a1a47ca5ef8807da945717caadf3101f9e4fc0b4 2022-08-09
FileHash-SHA1 a53748b2495d91b53c10c2e93256151d75e0f797 2022-08-09
FileHash-SHA1 bf8d86abd0c5fd67ee58f7062c58a66251762288 2022-08-09
FileHash-SHA1 c6589f16f30725415b77c4a34cebe1e7ce8bdc91 2022-08-09
FileHash-SHA1 d08bc6f3afb4a73a7aad906fa85bf99ae9650848 2022-08-09
FileHash-SHA1 d24b9d61a8e6961f5ce6db2cc1b8eec25746fcc2 2022-08-09
FileHash-SHA1 e19ee99a60efd7356edacc9dcf15601cdfa99272 2022-08-09
References (3)
↗ CVE-2021-22941 ↗ https://hybrid-analysis.com/sample/b6ac1bdb4a31787d8e6fa5aa8cbf2ce2538c0f63313fe4e57fdbe3ec2c869ddf ↗ https://hybrid-analysis.com/sample/b6ac1bdb4a31787d8e6fa5aa8cbf2ce2538c0f63313fe4e57fdbe3ec2c869ddf/62f124a02adc8f11be57bbe4