General

  • Target

    gunzipped.exe

  • Size

    773KB

  • Sample

    220315-wfrmeaebf5

  • MD5

    fd5a0326a71e89b2ff144ea336fac113

  • SHA1

    aa6b046a0ed889b59cdb0ee9a957c4c6d542e233

  • SHA256

    bda50ff249b947617d9551c717e78131ed32bf77db9dc5b7591d3e1af6cb2f1a

  • SHA512

    51a75041b8fe9dab9cb51e28b39a497eff7ccb4c81311223ec92492cd3ddcfb6bc91ebf555f61a8b25423d81fd692920b44980ab306acb3b8451b633f297b800

Malware Config

Targets

    • Target

      gunzipped.exe

    • Size

      773KB

    • MD5

      fd5a0326a71e89b2ff144ea336fac113

    • SHA1

      aa6b046a0ed889b59cdb0ee9a957c4c6d542e233

    • SHA256

      bda50ff249b947617d9551c717e78131ed32bf77db9dc5b7591d3e1af6cb2f1a

    • SHA512

      51a75041b8fe9dab9cb51e28b39a497eff7ccb4c81311223ec92492cd3ddcfb6bc91ebf555f61a8b25423d81fd692920b44980ab306acb3b8451b633f297b800

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

2
T1060

Privilege Escalation

Bypass User Account Control

1
T1088

Defense Evasion

Bypass User Account Control

1
T1088

Disabling Security Tools

3
T1089

Modify Registry

6
T1112

Discovery

System Information Discovery

1
T1082

Collection

Email Collection

1
T1114

Tasks