General

  • Target

    bb98b537116e5c2c271f38ce9ca0ddd3c65bf0c1439f7e034172cd35d6bd70ff

  • Size

    3.5MB

  • Sample

    220703-xja99scffk

  • MD5

    3ac5bd39e4c89c96bd1b696ed8f8a7f3

  • SHA1

    04bc0547c96ad7bf541d737504e9c80a19efe7fe

  • SHA256

    bb98b537116e5c2c271f38ce9ca0ddd3c65bf0c1439f7e034172cd35d6bd70ff

  • SHA512

    dfa65f2505881e1b5c3ad5d7f7b45eb0e34b875ffb98cee386a551ae0fff2e8277e8c36287a25ae88cf679161513cd24f9dfdd473709f212f6c0983c4b08ef1b

Score
8/10

Malware Config

Targets

    • Target

      bb98b537116e5c2c271f38ce9ca0ddd3c65bf0c1439f7e034172cd35d6bd70ff

    • Size

      3.5MB

    • MD5

      3ac5bd39e4c89c96bd1b696ed8f8a7f3

    • SHA1

      04bc0547c96ad7bf541d737504e9c80a19efe7fe

    • SHA256

      bb98b537116e5c2c271f38ce9ca0ddd3c65bf0c1439f7e034172cd35d6bd70ff

    • SHA512

      dfa65f2505881e1b5c3ad5d7f7b45eb0e34b875ffb98cee386a551ae0fff2e8277e8c36287a25ae88cf679161513cd24f9dfdd473709f212f6c0983c4b08ef1b

    Score
    6/10
    • Adds Run key to start application

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Replication Through Removable Media

1
T1091

Persistence

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

Modify Registry

1
T1112

Lateral Movement

Replication Through Removable Media

1
T1091

Tasks