General

  • Target

    ecf9ce345d03547056b276e7b45af498210ca29a5895e2a19af4710ad072d3ac

  • Size

    289KB

  • Sample

    221003-kdaqbsfah2

  • MD5

    5725a7142c9aae016bf49d3a827a5d97

  • SHA1

    16b86d45da91715d65035ad968fec0b9074c3e7e

  • SHA256

    ecf9ce345d03547056b276e7b45af498210ca29a5895e2a19af4710ad072d3ac

  • SHA512

    55abe0ee5fab60c98f26c5ffa9b81e11c9c52e5cc35358d470fbb0fc852c5c696ed8103e9a3f1d913791a82f527ed0332a6a072775b8ca48b54f0052c3feb1e5

  • SSDEEP

    6144:t/0uo5P7yKRUWNjNhCHM1S9K/LdC+aAP7Y4:tJCfUa4H2Sy9zF

Malware Config

Targets

    • Target

      ecf9ce345d03547056b276e7b45af498210ca29a5895e2a19af4710ad072d3ac

    • Size

      289KB

    • MD5

      5725a7142c9aae016bf49d3a827a5d97

    • SHA1

      16b86d45da91715d65035ad968fec0b9074c3e7e

    • SHA256

      ecf9ce345d03547056b276e7b45af498210ca29a5895e2a19af4710ad072d3ac

    • SHA512

      55abe0ee5fab60c98f26c5ffa9b81e11c9c52e5cc35358d470fbb0fc852c5c696ed8103e9a3f1d913791a82f527ed0332a6a072775b8ca48b54f0052c3feb1e5

    • SSDEEP

      6144:t/0uo5P7yKRUWNjNhCHM1S9K/LdC+aAP7Y4:tJCfUa4H2Sy9zF

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Detected potential entity reuse from brand microsoft.

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

        Execution

          Exfiltration

            Impact

              Initial Access

                Lateral Movement

                  Privilege Escalation

                    Tasks