Resubmissions

24-03-2022 13:27

220324-qqhvcsecen 10

24-03-2022 13:00

220324-p8slvadhej 10

General

  • Target

    252f1a88526683b9dd18c1a7371533e989578b5118975adf93cd8a0891e3cbef

  • Size

    48.1MB

  • Sample

    220324-qqhvcsecen

  • MD5

    034a5f1dcf1f3c5eb599f43af6866a5b

  • SHA1

    caeed5dfc862a892e6331d2e732f25c163b4bb10

  • SHA256

    252f1a88526683b9dd18c1a7371533e989578b5118975adf93cd8a0891e3cbef

  • SHA512

    a1501596ade4264b34deb90063f8a8602f4f7c89a2d00c018a3ccd774f6c5d07e58f165d62bf45f8d50ec5cd80a20d22de62aa9e70d56e569e3252f28b7325cf

Score
10/10

Malware Config

Targets

    • Target

      Win32/Backdoor.Win32.APT34.PoisonFrogC2.7z

    • Size

      8.8MB

    • MD5

      3b6d4a4934ede73be196aa8a9bd83dc7

    • SHA1

      6b91821f2be5586d6e10036d8fb6d52ad710124e

    • SHA256

      00d7aa1301eb8fd81297223562b2bdcaaad25413698295cf189508f7be8e5e25

    • SHA512

      9e0dad6f810b420f3247a631d101359c0e2217a744fad6c1e92967fbdf1a8f4638f8a4818723def3f96a116ae8fd0fcecd8e035b2ddbeeab11e15c793559f069

    Score
    10/10
    • Registers COM server for autorun

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v6

Tasks