General

  • Target

    0f98884a4b61823751e4d15411c716e503b1532b81f14d0862d5eedea5d3ebee

  • Size

    60KB

  • Sample

    221107-gcqhlsdcam

  • MD5

    04889728c050d67be39f3fe3b4122376

  • SHA1

    dc31aa70c065b9d7d34a758c38a4a23db500f7d9

  • SHA256

    0f98884a4b61823751e4d15411c716e503b1532b81f14d0862d5eedea5d3ebee

  • SHA512

    e0655018923fec9cd6f2d061fc7b39c89fd6484b950569ac12ed8d4243900cf85cd0c05493133ffe8b10eabb080919f0ea95fde1b80bdfbd1a48f8e3cba6175e

  • SSDEEP

    768:j846E20pHTcEthIScmbPu5Q3Nen+4RN5EvjuHwWs4eNE1tV7xaUlvXM:j8TRI7dbPusNen+4RN5uK0ZMvl/M

Malware Config

Targets

    • Target

      0f98884a4b61823751e4d15411c716e503b1532b81f14d0862d5eedea5d3ebee

    • Size

      60KB

    • MD5

      04889728c050d67be39f3fe3b4122376

    • SHA1

      dc31aa70c065b9d7d34a758c38a4a23db500f7d9

    • SHA256

      0f98884a4b61823751e4d15411c716e503b1532b81f14d0862d5eedea5d3ebee

    • SHA512

      e0655018923fec9cd6f2d061fc7b39c89fd6484b950569ac12ed8d4243900cf85cd0c05493133ffe8b10eabb080919f0ea95fde1b80bdfbd1a48f8e3cba6175e

    • SSDEEP

      768:j846E20pHTcEthIScmbPu5Q3Nen+4RN5EvjuHwWs4eNE1tV7xaUlvXM:j8TRI7dbPusNen+4RN5uK0ZMvl/M

    • Possible privilege escalation attempt

    • Modifies file permissions

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

File Permissions Modification

1
T1222

Modify Registry

1
T1112

Tasks