General

  • Target

    1c0f70233f236eb78acb22555211391647c9391db724697a2128c1364e8e97a4

  • Size

    3.3MB

  • Sample

    221127-tkx9mseb7s

  • MD5

    ee794142ef0700efa402bf7af68086ee

  • SHA1

    9f73c61754585a8d3aff07d5cf4fcacd4d17254f

  • SHA256

    1c0f70233f236eb78acb22555211391647c9391db724697a2128c1364e8e97a4

  • SHA512

    f3c6c6ce6bfa67a05a37fde4ae358e296d114be2143e8cb625402fa46ffd0afe5e8302c9762ee7eb58fbcdc2ff9f1e1e8170ac327cb6c8bbced7fcd0b81597dc

  • SSDEEP

    49152:zTvrQRdw+m31CVpRJa+fuRLr/XugjR3+TN0ZVmkmvF9AQTDGrmdkNVN9o:zTvrQ/m31Kf0LxR3+N0/L2eG

Malware Config

Targets

    • Target

      1c0f70233f236eb78acb22555211391647c9391db724697a2128c1364e8e97a4

    • Size

      3.3MB

    • MD5

      ee794142ef0700efa402bf7af68086ee

    • SHA1

      9f73c61754585a8d3aff07d5cf4fcacd4d17254f

    • SHA256

      1c0f70233f236eb78acb22555211391647c9391db724697a2128c1364e8e97a4

    • SHA512

      f3c6c6ce6bfa67a05a37fde4ae358e296d114be2143e8cb625402fa46ffd0afe5e8302c9762ee7eb58fbcdc2ff9f1e1e8170ac327cb6c8bbced7fcd0b81597dc

    • SSDEEP

      49152:zTvrQRdw+m31CVpRJa+fuRLr/XugjR3+TN0ZVmkmvF9AQTDGrmdkNVN9o:zTvrQ/m31Kf0LxR3+N0/L2eG

    • Modifies AppInit DLL entries

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

1
T1012

Tasks