General

  • Target

    ecf55f571260e76c43b9269b169bbb40957a2250b2bbc21ec6030e539a381bd1

  • Size

    837KB

  • Sample

    221011-v13dzafec3

  • MD5

    1b00f44bf93b231fe0b821b8e0ea4600

  • SHA1

    908d4519deb69181b8e9fbbf1a0d2b78d18a68ae

  • SHA256

    ecf55f571260e76c43b9269b169bbb40957a2250b2bbc21ec6030e539a381bd1

  • SHA512

    6ef3f79aec0f029cdb9152f1d4ddba4a4754917269602c7438e73d244ef35cfe56b40eeccb6d21f6c2d12084dfb007b995da1ccacaf03ce382fe31e9ce1d0e57

  • SSDEEP

    6144:Aryx/TLLJ9UogjOXziTJYoKw0QRuEFe+A5NP5Ku1bMS:Aryx/D7gjOXuTJT0QR9roNd11

Malware Config

Targets

    • Target

      ecf55f571260e76c43b9269b169bbb40957a2250b2bbc21ec6030e539a381bd1

    • Size

      837KB

    • MD5

      1b00f44bf93b231fe0b821b8e0ea4600

    • SHA1

      908d4519deb69181b8e9fbbf1a0d2b78d18a68ae

    • SHA256

      ecf55f571260e76c43b9269b169bbb40957a2250b2bbc21ec6030e539a381bd1

    • SHA512

      6ef3f79aec0f029cdb9152f1d4ddba4a4754917269602c7438e73d244ef35cfe56b40eeccb6d21f6c2d12084dfb007b995da1ccacaf03ce382fe31e9ce1d0e57

    • SSDEEP

      6144:Aryx/TLLJ9UogjOXziTJYoKw0QRuEFe+A5NP5Ku1bMS:Aryx/D7gjOXuTJT0QR9roNd11

    • Adds policy Run key to start application

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Deletes itself

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks