General

  • Target

    c372f1e3c38c8d2dcb4b1af0485799d47c1352d4698e768e0b1d212233a9ec0f

  • Size

    408KB

  • Sample

    221204-wfj8bscb32

  • MD5

    a252c018a5357ec2df827435ba96eda6

  • SHA1

    a40776701581c15a430041c1c0418ec8303cd91e

  • SHA256

    c372f1e3c38c8d2dcb4b1af0485799d47c1352d4698e768e0b1d212233a9ec0f

  • SHA512

    86959b93ea66ba973c9b32c8a5772bee01f498dbf5a762bff4b91e07c0758bb0f7f1dcd601f99c6a9b295fdf7797282f1e432b51bca00885cef03ce10b4202a9

  • SSDEEP

    12288:OoyFKlh/lB83lHpRUDQBBZkVm8NMprKwrK0L:OybB8VHnU8BBZSNQXK0L

Malware Config

Targets

    • Target

      c372f1e3c38c8d2dcb4b1af0485799d47c1352d4698e768e0b1d212233a9ec0f

    • Size

      408KB

    • MD5

      a252c018a5357ec2df827435ba96eda6

    • SHA1

      a40776701581c15a430041c1c0418ec8303cd91e

    • SHA256

      c372f1e3c38c8d2dcb4b1af0485799d47c1352d4698e768e0b1d212233a9ec0f

    • SHA512

      86959b93ea66ba973c9b32c8a5772bee01f498dbf5a762bff4b91e07c0758bb0f7f1dcd601f99c6a9b295fdf7797282f1e432b51bca00885cef03ce10b4202a9

    • SSDEEP

      12288:OoyFKlh/lB83lHpRUDQBBZkVm8NMprKwrK0L:OybB8VHnU8BBZSNQXK0L

    • Windows security bypass

    • Disables taskbar notifications via registry modification

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Adds Run key to start application

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

Disabling Security Tools

2
T1089

Modify Registry

3
T1112

Tasks