General
-
Target
17bf3a0625b50f11075d68c6128cadd55ffece940838ffb83c2bef190ad3951c
-
Size
942KB
-
Sample
230318-16qv1sdh73
-
MD5
40db798e1e044154347164972296419e
-
SHA1
927585af32d7dea9dc178685b8f0c3bb8af4a6bc
-
SHA256
17bf3a0625b50f11075d68c6128cadd55ffece940838ffb83c2bef190ad3951c
-
SHA512
63a7227b606b2cef753eb4b48a75c779b5b32cd0a8610d0dbe4dde3280bcbdf79e5a11ea5a7daf3f27cbc3661a3419ed754083171ee60aa104bd2db0a2ed76c3
-
SSDEEP
24576:lEx45zxI+uKykuDOfnTwpmWUtdIsL+PNsQriute:dzxIQuDOvTwpmW/sLpKJ
Behavioral task
behavioral1
Sample
17bf3a0625b50f11075d68c6128cadd55ffece940838ffb83c2bef190ad3951c.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
17bf3a0625b50f11075d68c6128cadd55ffece940838ffb83c2bef190ad3951c
-
Size
942KB
-
MD5
40db798e1e044154347164972296419e
-
SHA1
927585af32d7dea9dc178685b8f0c3bb8af4a6bc
-
SHA256
17bf3a0625b50f11075d68c6128cadd55ffece940838ffb83c2bef190ad3951c
-
SHA512
63a7227b606b2cef753eb4b48a75c779b5b32cd0a8610d0dbe4dde3280bcbdf79e5a11ea5a7daf3f27cbc3661a3419ed754083171ee60aa104bd2db0a2ed76c3
-
SSDEEP
24576:lEx45zxI+uKykuDOfnTwpmWUtdIsL+PNsQriute:dzxIQuDOvTwpmW/sLpKJ
-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Disables taskbar notifications via registry modification
-
Possible privilege escalation attempt
-
Deletes itself
-
Executes dropped EXE
-
Modifies file permissions
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
MITRE ATT&CK Matrix ATT&CK v6
Persistence
Hidden Files and Directories
4Change Default File Association
1Registry Run Keys / Startup Folder
1Defense Evasion
Hidden Files and Directories
4Modify Registry
10Bypass User Account Control
1Disabling Security Tools
1File Permissions Modification
1