General

  • Target

    42175739beca9ccb6506dad8acec5ac1.exe

  • Size

    1.1MB

  • Sample

    230106-y8d8wsfc4w

  • MD5

    42175739beca9ccb6506dad8acec5ac1

  • SHA1

    6b3c387289b36008d27c2d4e1254fa590129fcdb

  • SHA256

    13b5294a05516f2e597a4e671dc3656a315115b71b58c62b6626cc8b0a0a705e

  • SHA512

    1f8d8d0d31870c8b0a1926bb3ce8ddb7b520928abd2ff815762b6be372e61c31295d77db9857b48ec3fa9f9a13df8d6fc6891b8a078fe7f17a989e20cde417f3

  • SSDEEP

    24576:o7btwMlf5ERIOUMhBPEL3uQw/MmUGnuXIznKcwmTbNq:o7qMTECWETNWNTbNq

Malware Config

Targets

    • Target

      42175739beca9ccb6506dad8acec5ac1.exe

    • Size

      1.1MB

    • MD5

      42175739beca9ccb6506dad8acec5ac1

    • SHA1

      6b3c387289b36008d27c2d4e1254fa590129fcdb

    • SHA256

      13b5294a05516f2e597a4e671dc3656a315115b71b58c62b6626cc8b0a0a705e

    • SHA512

      1f8d8d0d31870c8b0a1926bb3ce8ddb7b520928abd2ff815762b6be372e61c31295d77db9857b48ec3fa9f9a13df8d6fc6891b8a078fe7f17a989e20cde417f3

    • SSDEEP

      24576:o7btwMlf5ERIOUMhBPEL3uQw/MmUGnuXIznKcwmTbNq:o7qMTECWETNWNTbNq

    • Blocklisted process makes network request

    • Sets DLL path for service in the registry

    • Sets service image path in registry

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks