General

  • Target

    8928b5c31c747de0a33cf7696c63ffc1b9f50e6684d901a2c99c878f0e50777a

  • Size

    100KB

  • Sample

    221205-whjdtacb28

  • MD5

    40aeda25090fe30fecce295689bbe2d0

  • SHA1

    6b44c9a3637ea08b1f6c550940481be23d9598ae

  • SHA256

    8928b5c31c747de0a33cf7696c63ffc1b9f50e6684d901a2c99c878f0e50777a

  • SHA512

    b6591fb7fc8321c687e025c62a7e32aa555c6be277f4d1d6b1d481ac386073a3f22a139e102749b1d47df369b77b2108f572ff1bf44de145b87ee2cbab5b89ab

  • SSDEEP

    768:N8t/grRTARvWagDWTrjMaoyFlAl5XVmdGTbjgoKkFYnv35BMCv:UgNATgDUrjYSALXVm6/FY5r

Score
10/10

Malware Config

Targets

    • Target

      8928b5c31c747de0a33cf7696c63ffc1b9f50e6684d901a2c99c878f0e50777a

    • Size

      100KB

    • MD5

      40aeda25090fe30fecce295689bbe2d0

    • SHA1

      6b44c9a3637ea08b1f6c550940481be23d9598ae

    • SHA256

      8928b5c31c747de0a33cf7696c63ffc1b9f50e6684d901a2c99c878f0e50777a

    • SHA512

      b6591fb7fc8321c687e025c62a7e32aa555c6be277f4d1d6b1d481ac386073a3f22a139e102749b1d47df369b77b2108f572ff1bf44de145b87ee2cbab5b89ab

    • SSDEEP

      768:N8t/grRTARvWagDWTrjMaoyFlAl5XVmdGTbjgoKkFYnv35BMCv:UgNATgDUrjYSALXVm6/FY5r

    Score
    10/10
    • Modifies WinLogon for persistence

    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Disables RegEdit via registry modification

    • Disables cmd.exe use via registry modification

    • Executes dropped EXE

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks