← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
a bunch of malicious car /management apps - www.vxdiag.net/managecenter/apps/ford/install.exe
WHITE dorkingbeauty1 2022-08-09 Modified: 2022-09-08
239
IOCs
HIGH VOLUME
Fingerprint Queries kernel debugger information Reads the cryptographic machine GUID Evasive Marks file for deletion Possibly tries to evade analysis by sleeping many times
dropped filecomparam eiddefaultvaluecomparam idreferrorcode idrefidrefshortnameclasssuspiciousentropypathdelphimaliciousauguststubstringsapi keywww.vxdiag.net/managecenter/apps/ford/install.exe
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (62 / 239 total)
All URL hostname FileHash-SHA256 domain CVE FileHash-MD5 FileHash-SHA1
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 07f902f6131c3162c6504f988d2ed48329d848215b65d81ce62e01102ad2550e 2022-08-09
FileHash-SHA256 5c11059168376699dc9e1b89540f766037b9560809475107cce2ae0d77ac39cb 2022-08-09
FileHash-SHA256 83a3bd71238363d919ab89e6b038b499a7429d24ff2ea2eadb12b9752c6370ce 2022-08-09
FileHash-SHA256 b6ac1bdb4a31787d8e6fa5aa8cbf2ce2538c0f63313fe4e57fdbe3ec2c869ddf 2022-08-09
FileHash-SHA256 f194fadb068ac3215258a3c4aabecb60283bd1b6d0bc5f86eb66fc49f870b783 2022-08-09
FileHash-SHA256 0527e6680d1c03b707c84ec5a1da924bec95b43e13d1fc667dd9dde86f38824a 2022-08-09
FileHash-SHA256 0c11d1ee71156f12c5920a95fb468877ba21c08c728e2274d36fab469889168e 2022-08-09
FileHash-SHA256 338bb144cfa5f9a892daba51052542456a502d5508f78e61b2c8c40174b22dca 2022-08-09
FileHash-SHA256 3df0e9404586d10168fca2a956d7a686a1d9230b53fca8f5d3a0b3cefe88be48 2022-08-09
FileHash-SHA256 448db8d548b548e21fae5d4bf9e517f4abe1f38164dc7fe37349ac42cf66aadb 2022-08-09
FileHash-SHA256 675ef174c155fbc53e86a0c453c72446b8bc5d78a5c6e2ed8fba850d5d52d0cc 2022-08-09
FileHash-SHA256 6c83a7f005b24a5374213c5dd4958360007a8ef3d129c2c94383b8503a7440ce 2022-08-09
FileHash-SHA256 860638d549f9035a92e1b7701c7c2b7a2dfcc03364da8c8923468dd94a595ac4 2022-08-09
FileHash-SHA256 a1bb82444c58318f365748a5f7211e6544174856f8faaf30d0280e96ae4eaa27 2022-08-09
FileHash-SHA256 a9778221578032b2f7c28236cb7e511c04caa317f0538a69d693792b6c155632 2022-08-09
FileHash-SHA256 b9837296bd8996cfd4c00b206a4156a3529c688e1a5dca550805187f7c2b16c1 2022-08-09
FileHash-SHA256 b9c9da1f7359d7a78c79fbd6b8776a3dd56096eea9ab26e82dacd7c97de3fc69 2022-08-09
FileHash-SHA256 ca2b30f65f9bf7f07593cb14e676315a8c59c457b0e5859f7c7a4a4d41f3cdb1 2022-08-09
FileHash-SHA256 d5a891f5365336ff62c087b1954a6d1460f1b9430d02bc2c4cf394ad80d7f119 2022-08-09
FileHash-SHA256 d967611a59329587df8832a7c667b182e56f4dbd219ce8441f0ff6b88ac85b85 2022-08-09
FileHash-SHA256 f26b57af21aaca770221eb060b43c7e946803238703ac1e95d54259a33729e2c 2022-08-09
FileHash-SHA256 fd7ffa5afe7b62194bf13462160455f811c0f65bee96927b78f400ab3c32d711 2022-08-09
FileHash-SHA256 012920aa0b759db96baf0bd3d6e071382499cc060dc9dbc7b35f50afcaf42a1d 2022-08-09
FileHash-SHA256 02f31b9814d88efc4728e47b1b1c1ea9e7c74f6ec0b6affd888e15fa418cefb3 2022-08-09
FileHash-SHA256 1bf0c04c6bcefb3796e1d3e8781a0ec1fc3179fe17d978a2e1b6f5b50a3cc58d 2022-08-09
FileHash-SHA256 2071d875a0e1b464d1d5970a8471900d07b163702ffff8fcc83c977c5f018e84 2022-08-09
FileHash-SHA256 257e51eebe16fc5498dd473a4d84f3de45e5588b498b4bab96e23941d942731d 2022-08-09
FileHash-SHA256 2d7eb64b7f1837ee8e4244e0f99c7a3eba731014195730a82d2c5bfb417ae339 2022-08-09
FileHash-SHA256 31e38a83b081f11f29afc8438782f3807b57468afe964e0335b6a74482f5abc7 2022-08-09
FileHash-SHA256 3d0ee82b254b3a54de02ab9ebe0c52e34dd8dd2eacd76edd28b8bf835db4e4aa 2022-08-09
FileHash-SHA256 6e352d97c8f3d1f074fe01266238f7695833f90ca62780f053f0bdfdc8897c8e 2022-08-09
FileHash-SHA256 706e8b5bd77c188c02cadbac1646c745d5eebdfbaafe86dc859de5ea44d34607 2022-08-09
FileHash-SHA256 85e967a0e539c748dfbca0d4d50a3dab472ac11d4d7f1e0f0710d1056410e6f8 2022-08-09
FileHash-SHA256 94eff85d5f1c82e4a8dffe315a6f2c04196fada820963fceacc06db40eab5083 2022-08-09
FileHash-SHA256 9b9294a737a1aec41fa9c41a21a918662d221d7db09b0b84a1f51856066b4421 2022-08-09
FileHash-SHA256 a2c341aa4203b822ab19784ea43dac51a75064561bc16067a139a586d724ce3c 2022-08-09
FileHash-SHA256 b1200ac56d9a8c6c97662e716c0fc0f5c377cf04b2f2ed7e3edddb9cdca15a7a 2022-08-09
FileHash-SHA256 b78d96000754ce786e22ec7894473cf6382b90bfad14b3ffa85e2aa9577b9ad0 2022-08-09
FileHash-SHA256 eca212c2f21203694473484120efa2bed4c7c51176de7b3f08979498b96790aa 2022-08-09
FileHash-SHA256 f0a1cddf9986935f490336e1a2e6721ecab24425320f56cf30484efdab12e8c9 2022-08-09
FileHash-SHA256 f85e7047d02a1fa07c0072cafe2932b4ecab993597992a6216ccbda3c3d03e67 2022-08-09
FileHash-SHA256 04fe18eaf826525821e72f6a69f0a4eff729f4a676d8159e54964f7df7c8395d 2022-08-09
FileHash-SHA256 08db2f38e8b537114ac7dcdd109b98219992f2712afce36ff35fe5249d6f7bb4 2022-08-09
FileHash-SHA256 5c11059168376699dc9e1b89540f766037b9560809475107cce2ae0d77ac39cb 2022-08-09
FileHash-SHA256 0527e6680d1c03b707c84ec5a1da924bec95b43e13d1fc667dd9dde86f38824a 2022-08-09
FileHash-SHA256 0c11d1ee71156f12c5920a95fb468877ba21c08c728e2274d36fab469889168e 2022-08-09
FileHash-SHA256 338bb144cfa5f9a892daba51052542456a502d5508f78e61b2c8c40174b22dca 2022-08-09
FileHash-SHA256 448db8d548b548e21fae5d4bf9e517f4abe1f38164dc7fe37349ac42cf66aadb 2022-08-09
FileHash-SHA256 6c83a7f005b24a5374213c5dd4958360007a8ef3d129c2c94383b8503a7440ce 2022-08-09
FileHash-SHA256 83a3bd71238363d919ab89e6b038b499a7429d24ff2ea2eadb12b9752c6370ce 2022-08-09
FileHash-SHA256 860638d549f9035a92e1b7701c7c2b7a2dfcc03364da8c8923468dd94a595ac4 2022-08-09
FileHash-SHA256 a1bb82444c58318f365748a5f7211e6544174856f8faaf30d0280e96ae4eaa27 2022-08-09
FileHash-SHA256 a9778221578032b2f7c28236cb7e511c04caa317f0538a69d693792b6c155632 2022-08-09
FileHash-SHA256 b6ac1bdb4a31787d8e6fa5aa8cbf2ce2538c0f63313fe4e57fdbe3ec2c869ddf 2022-08-09
FileHash-SHA256 b9837296bd8996cfd4c00b206a4156a3529c688e1a5dca550805187f7c2b16c1 2022-08-09
FileHash-SHA256 b9c9da1f7359d7a78c79fbd6b8776a3dd56096eea9ab26e82dacd7c97de3fc69 2022-08-09
FileHash-SHA256 ca2b30f65f9bf7f07593cb14e676315a8c59c457b0e5859f7c7a4a4d41f3cdb1 2022-08-09
FileHash-SHA256 d5a891f5365336ff62c087b1954a6d1460f1b9430d02bc2c4cf394ad80d7f119 2022-08-09
FileHash-SHA256 d967611a59329587df8832a7c667b182e56f4dbd219ce8441f0ff6b88ac85b85 2022-08-09
FileHash-SHA256 f194fadb068ac3215258a3c4aabecb60283bd1b6d0bc5f86eb66fc49f870b783 2022-08-09
FileHash-SHA256 f26b57af21aaca770221eb060b43c7e946803238703ac1e95d54259a33729e2c 2022-08-09
FileHash-SHA256 fd7ffa5afe7b62194bf13462160455f811c0f65bee96927b78f400ab3c32d711 2022-08-09
References (3)
↗ CVE-2021-22941 ↗ https://hybrid-analysis.com/sample/b6ac1bdb4a31787d8e6fa5aa8cbf2ce2538c0f63313fe4e57fdbe3ec2c869ddf ↗ https://hybrid-analysis.com/sample/b6ac1bdb4a31787d8e6fa5aa8cbf2ce2538c0f63313fe4e57fdbe3ec2c869ddf/62f124a02adc8f11be57bbe4