General

  • Target

    a586779fe7825ac3963f700f56783163643cf1fdda13f081d36a813566a41acb

  • Size

    48KB

  • Sample

    221106-jqw9esdbcl

  • MD5

    12493d8568e0e4718f1cb98b9c926630

  • SHA1

    23e6dfb75a7be7e3c6dd1abcbf517e3cca1dc3b5

  • SHA256

    a586779fe7825ac3963f700f56783163643cf1fdda13f081d36a813566a41acb

  • SHA512

    c1ffd90560134997c71098609827345e661ed908d410fc46924dc25c8751e2b5c518a33a0aba86d48855ea3691c0349b2473867d7433086264afa43629aeacf5

  • SSDEEP

    768:zCIVwtym3OJt4vze9LfTUd+0yTXHa6a5+QEyTTbJXse:2I03OLuc0c0yb67WyPbRse

Malware Config

Targets

    • Target

      a586779fe7825ac3963f700f56783163643cf1fdda13f081d36a813566a41acb

    • Size

      48KB

    • MD5

      12493d8568e0e4718f1cb98b9c926630

    • SHA1

      23e6dfb75a7be7e3c6dd1abcbf517e3cca1dc3b5

    • SHA256

      a586779fe7825ac3963f700f56783163643cf1fdda13f081d36a813566a41acb

    • SHA512

      c1ffd90560134997c71098609827345e661ed908d410fc46924dc25c8751e2b5c518a33a0aba86d48855ea3691c0349b2473867d7433086264afa43629aeacf5

    • SSDEEP

      768:zCIVwtym3OJt4vze9LfTUd+0yTXHa6a5+QEyTTbJXse:2I03OLuc0c0yb67WyPbRse

    • Possible privilege escalation attempt

    • Modifies file permissions

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

File Permissions Modification

1
T1222

Modify Registry

1
T1112

Tasks