General

  • Target

    d718ea92106894c1bfb2273ed7e71c9ad7cec01fa0ae4c2571e5a762e1f26e8d

  • Size

    1.9MB

  • Sample

    220129-ses73acddr

  • MD5

    0136a8111fc94be154aea13dd4c78b53

  • SHA1

    ad64b56532d990da2c4cf17e61232fdca8884f37

  • SHA256

    d718ea92106894c1bfb2273ed7e71c9ad7cec01fa0ae4c2571e5a762e1f26e8d

  • SHA512

    0ea71a818a16196873f9f526b647300563f1bb7cfbfa1507effdf0f790b76b5b14909aa60f1f0f97a7252d58be8816156912579faba9501a6a2fa8f09cbc3d77

Malware Config

Targets

    • Target

      d718ea92106894c1bfb2273ed7e71c9ad7cec01fa0ae4c2571e5a762e1f26e8d

    • Size

      1.9MB

    • MD5

      0136a8111fc94be154aea13dd4c78b53

    • SHA1

      ad64b56532d990da2c4cf17e61232fdca8884f37

    • SHA256

      d718ea92106894c1bfb2273ed7e71c9ad7cec01fa0ae4c2571e5a762e1f26e8d

    • SHA512

      0ea71a818a16196873f9f526b647300563f1bb7cfbfa1507effdf0f790b76b5b14909aa60f1f0f97a7252d58be8816156912579faba9501a6a2fa8f09cbc3d77

    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Hidden Files and Directories

2
T1158

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

Hidden Files and Directories

2
T1158

Modify Registry

5
T1112

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Tasks