General
-
Target
a0dd6c30fe2cdb9496dc68c0ab3e84f528267a654304b1d01fe5557b012578b1
-
Size
1.4MB
-
Sample
230804-bjjqraaa3y
-
MD5
6fefa11a5bfb58b6c0f990fd6b3a7683
-
SHA1
a056f7ed95670f4c0dc042118099a7959709c70c
-
SHA256
a0dd6c30fe2cdb9496dc68c0ab3e84f528267a654304b1d01fe5557b012578b1
-
SHA512
c043caea6b4752c97d9397fafa0a1b695324a55571d3b59fea91e1bd75f6d7b87c94fe78fa3ff396392ea1cf4145ec86fa85af1a93cb9573186cabfd4b2e4bb5
-
SSDEEP
24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk
Malware Config
Targets
-
-
Target
a0dd6c30fe2cdb9496dc68c0ab3e84f528267a654304b1d01fe5557b012578b1
-
Size
1.4MB
-
MD5
6fefa11a5bfb58b6c0f990fd6b3a7683
-
SHA1
a056f7ed95670f4c0dc042118099a7959709c70c
-
SHA256
a0dd6c30fe2cdb9496dc68c0ab3e84f528267a654304b1d01fe5557b012578b1
-
SHA512
c043caea6b4752c97d9397fafa0a1b695324a55571d3b59fea91e1bd75f6d7b87c94fe78fa3ff396392ea1cf4145ec86fa85af1a93cb9573186cabfd4b2e4bb5
-
SSDEEP
24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk
Score8/10-
Modifies Windows Firewall
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1