General

  • Target

    TLauncher.exe

  • Size

    6.3MB

  • Sample

    230320-195hkshf31

  • MD5

    0205bb0fb0d149193e660beca102503c

  • SHA1

    cb1500280ecf6cad312a8aa564e51d1d48747f15

  • SHA256

    cc21b7adf6ad6107d4e54003a24ad443eac3233f90a8481441e98ab6cb014ac8

  • SHA512

    0fc461ce1255deaaf8a403058d6b0f48a28476986b93a352c43e2afb8a6b270ed46f704468471ae76755ff8eb873423fc9fba860feeb24903d42b6b244673f68

  • SSDEEP

    196608:XGkbjT5n8kfd8cHHomRS2BZ2OhxGXmzUca:2c58comRSHOhx9M

Malware Config

Targets

    • Target

      TLauncher.exe

    • Size

      6.3MB

    • MD5

      0205bb0fb0d149193e660beca102503c

    • SHA1

      cb1500280ecf6cad312a8aa564e51d1d48747f15

    • SHA256

      cc21b7adf6ad6107d4e54003a24ad443eac3233f90a8481441e98ab6cb014ac8

    • SHA512

      0fc461ce1255deaaf8a403058d6b0f48a28476986b93a352c43e2afb8a6b270ed46f704468471ae76755ff8eb873423fc9fba860feeb24903d42b6b244673f68

    • SSDEEP

      196608:XGkbjT5n8kfd8cHHomRS2BZ2OhxGXmzUca:2c58comRSHOhx9M

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

1
T1060

Browser Extensions

1
T1176

Defense Evasion

Modify Registry

3
T1112

Discovery

Query Registry

4
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

4
T1082

Tasks