General

  • Target

    11c52275674fc0e46d9b0bc457325c3078c1456eb8d318c2f3a8749622c34cc4

  • Size

    988KB

  • Sample

    221002-y1ppnahbc5

  • MD5

    01929dc6a6c275ad014cc8b40f4c7878

  • SHA1

    d6f1f9a3ece3fa0d00b4d763a58c77de7e9fdb3c

  • SHA256

    11c52275674fc0e46d9b0bc457325c3078c1456eb8d318c2f3a8749622c34cc4

  • SHA512

    558c1833fbac3e4176275707eaba13e2e2a4022ee8f00817b502d0f3d7bd475bf3573b60672173361b9140b8959dc0531691e4525347998790ac5580fde8f03e

Malware Config

Targets

    • Target

      11c52275674fc0e46d9b0bc457325c3078c1456eb8d318c2f3a8749622c34cc4

    • Size

      988KB

    • MD5

      01929dc6a6c275ad014cc8b40f4c7878

    • SHA1

      d6f1f9a3ece3fa0d00b4d763a58c77de7e9fdb3c

    • SHA256

      11c52275674fc0e46d9b0bc457325c3078c1456eb8d318c2f3a8749622c34cc4

    • SHA512

      558c1833fbac3e4176275707eaba13e2e2a4022ee8f00817b502d0f3d7bd475bf3573b60672173361b9140b8959dc0531691e4525347998790ac5580fde8f03e

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Detected potential entity reuse from brand microsoft.

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

        Execution

          Exfiltration

            Impact

              Initial Access

                Lateral Movement

                  Privilege Escalation