General
-
Target
2024.1.16.exe
-
Size
2.5MB
-
Sample
240116-da7gkabfck
-
MD5
204f66cb1239e818b3da66467fb8c56e
-
SHA1
2cb75997d95201d21ffaaffc52ffed3f6e3bcfa7
-
SHA256
b95918223f9ace3d071e44550fd34f34c180b81e28f5e79cc4eba55006c8a6b0
-
SHA512
bc4407bac87a50ff4d7218270c41cbfa95f14c896ca334326a18dba3db991c0fcd60f9090fa40bd96e4592642559f3e64f2ed0459058650571212ed6e719675d
-
SSDEEP
49152:TiCX7Aztt3jc4YXB7Xzik+778+6RnRKXP4oqv2vyIE1:TimAZ5jEEkJRePJ+x1
Malware Config
Targets
-
-
Target
2024.1.16.exe
-
Size
2.5MB
-
MD5
204f66cb1239e818b3da66467fb8c56e
-
SHA1
2cb75997d95201d21ffaaffc52ffed3f6e3bcfa7
-
SHA256
b95918223f9ace3d071e44550fd34f34c180b81e28f5e79cc4eba55006c8a6b0
-
SHA512
bc4407bac87a50ff4d7218270c41cbfa95f14c896ca334326a18dba3db991c0fcd60f9090fa40bd96e4592642559f3e64f2ed0459058650571212ed6e719675d
-
SSDEEP
49152:TiCX7Aztt3jc4YXB7Xzik+778+6RnRKXP4oqv2vyIE1:TimAZ5jEEkJRePJ+x1
Score8/10-
Disables RegEdit via registry modification
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1