General
-
Target
c287d7d7a9823044c92054586502c04d884e16bfcb354f8604bda813c48223e1
-
Size
938KB
-
Sample
230318-148ytadh64
-
MD5
fa2d87f88bdc45ca9fcbd520325090ff
-
SHA1
f7e2ee624349cd9a74727a2e4949251c24dead42
-
SHA256
c287d7d7a9823044c92054586502c04d884e16bfcb354f8604bda813c48223e1
-
SHA512
c8ba462343796ff24b65121ef928fdd59781b1ca49cf63419f760071956bc8fdc5761a9e871a5f415e1a3a44948232c268e5ec52010b6cf2a7c864d8aac0d361
-
SSDEEP
24576:uEx45zxI+KjmeNBPOm27xdCbcs0j7Qhiztpo:yzxIrnBPOm27xwbcL7AsP
Behavioral task
behavioral1
Sample
c287d7d7a9823044c92054586502c04d884e16bfcb354f8604bda813c48223e1.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
c287d7d7a9823044c92054586502c04d884e16bfcb354f8604bda813c48223e1
-
Size
938KB
-
MD5
fa2d87f88bdc45ca9fcbd520325090ff
-
SHA1
f7e2ee624349cd9a74727a2e4949251c24dead42
-
SHA256
c287d7d7a9823044c92054586502c04d884e16bfcb354f8604bda813c48223e1
-
SHA512
c8ba462343796ff24b65121ef928fdd59781b1ca49cf63419f760071956bc8fdc5761a9e871a5f415e1a3a44948232c268e5ec52010b6cf2a7c864d8aac0d361
-
SSDEEP
24576:uEx45zxI+KjmeNBPOm27xdCbcs0j7Qhiztpo:yzxIrnBPOm27xwbcL7AsP
-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Disables taskbar notifications via registry modification
-
Possible privilege escalation attempt
-
Deletes itself
-
Executes dropped EXE
-
Modifies file permissions
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
MITRE ATT&CK Matrix ATT&CK v6
Persistence
Hidden Files and Directories
4Change Default File Association
1Registry Run Keys / Startup Folder
1Defense Evasion
Hidden Files and Directories
4Modify Registry
10Bypass User Account Control
1Disabling Security Tools
1File Permissions Modification
1