a1eb07454ea5adab102dea131a43042b47ab37320077a33c28988f40a7e23d4e

General
Target

a1eb07454ea5adab102dea131a43042b47ab37320077a33c28988f40a7e23d4e

Size

46KB

Sample

200121-p3fehv18v6

Score
10 /10
MD5

91a8a49c123faff51b1052519bacd4fa

SHA1

7c1bf5bfcf3b0cfcae7d2eff93b57a0e1432db50

SHA256

a1eb07454ea5adab102dea131a43042b47ab37320077a33c28988f40a7e23d4e

SHA512

b4e4716ade6cdcd1276db1ec35e5901944e1b7df09c7a36815291bee7b3c218943b1b9a19595483d7bba931994e9d397d2e4954e0382bd48b842bd85ade1cae0

Malware Config
Targets
Target

a1eb07454ea5adab102dea131a43042b47ab37320077a33c28988f40a7e23d4e

MD5

91a8a49c123faff51b1052519bacd4fa

Filesize

46KB

Score
10 /10
SHA1

7c1bf5bfcf3b0cfcae7d2eff93b57a0e1432db50

SHA256

a1eb07454ea5adab102dea131a43042b47ab37320077a33c28988f40a7e23d4e

SHA512

b4e4716ade6cdcd1276db1ec35e5901944e1b7df09c7a36815291bee7b3c218943b1b9a19595483d7bba931994e9d397d2e4954e0382bd48b842bd85ade1cae0

Tags

Signatures

  • Process spawned unexpected child process

  • Executes dropped EXE

  • Checks whether UAC is enabled

    Tags

    TTPs

    System Information Discovery
  • Drops autorun.inf file

    Tags

    TTPs

    Replication Through Removable Media
  • Sets desktop wallpaper using registry

    Tags

    TTPs

    Defacement Modify Registry
  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Execution
          Exfiltration
            Impact
            Initial Access
              Persistence
                Privilege Escalation
                  Tasks

                  task1

                  1/10