General

  • Target

    download.jpeg

  • Size

    7KB

  • Sample

    230331-zdlvxsdc25

  • MD5

    1261a49a0b2a35937454121e6c0f1729

  • SHA1

    50d82cbc7a2376912e38063eeb7b5fc473ee0181

  • SHA256

    4c32958ef571871a34db5d9cbf8e14227b532d6a34f418322abc172dfa647f22

  • SHA512

    b5535c908c1561a01591c236e484ea055016efa16bcbbfa1a66e7c8c201d09b1f50bd2b1d42ace425aea466ce2ce4a05a094fb58f7f9e4df8a09750677e88c3c

  • SSDEEP

    192:PxivXyw//cJ/tiJFaVMA0wPRuGfrC8yHxzAnMBO5e1Vd:PQKXT/V/0ww8SAnMV1P

Malware Config

Targets

    • Target

      download.jpeg

    • Size

      7KB

    • MD5

      1261a49a0b2a35937454121e6c0f1729

    • SHA1

      50d82cbc7a2376912e38063eeb7b5fc473ee0181

    • SHA256

      4c32958ef571871a34db5d9cbf8e14227b532d6a34f418322abc172dfa647f22

    • SHA512

      b5535c908c1561a01591c236e484ea055016efa16bcbbfa1a66e7c8c201d09b1f50bd2b1d42ace425aea466ce2ce4a05a094fb58f7f9e4df8a09750677e88c3c

    • SSDEEP

      192:PxivXyw//cJ/tiJFaVMA0wPRuGfrC8yHxzAnMBO5e1Vd:PQKXT/V/0ww8SAnMV1P

    • Modifies visibility of file extensions in Explorer

    • Modifies Installed Components in the registry

    • Drops startup file

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Sets desktop wallpaper using registry

MITRE ATT&CK Enterprise v6

Tasks