General
-
Target
d1eab4228896dc93ed620ff880bf2edf7aa9171d9f46952d1d9f06258ccc4d5c
-
Size
1.4MB
-
Sample
230801-q5jp7shc3z
-
MD5
aaedfd744749cd0d44255bf07af45945
-
SHA1
040cec6bde2239884fcfd2402306c6ec13d062c5
-
SHA256
d1eab4228896dc93ed620ff880bf2edf7aa9171d9f46952d1d9f06258ccc4d5c
-
SHA512
ffa6c812b6b618f32356683f18c1f3d8df37d75e5808310414b209c2ed45b2e3a8329407031a37d33346c6408f559a0c08eff2b3d460e28cb720b6d4d364d971
-
SSDEEP
24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk
Malware Config
Targets
-
-
Target
d1eab4228896dc93ed620ff880bf2edf7aa9171d9f46952d1d9f06258ccc4d5c
-
Size
1.4MB
-
MD5
aaedfd744749cd0d44255bf07af45945
-
SHA1
040cec6bde2239884fcfd2402306c6ec13d062c5
-
SHA256
d1eab4228896dc93ed620ff880bf2edf7aa9171d9f46952d1d9f06258ccc4d5c
-
SHA512
ffa6c812b6b618f32356683f18c1f3d8df37d75e5808310414b209c2ed45b2e3a8329407031a37d33346c6408f559a0c08eff2b3d460e28cb720b6d4d364d971
-
SSDEEP
24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk
Score8/10-
Modifies Windows Firewall
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1