General
-
Target
15cba76812a5b7bc6da2a63484e8e95868a5060345c2844f69f40be2befc473b
-
Size
1.4MB
-
Sample
230805-16newsgd2y
-
MD5
77d77db6a2a5c89fddefe5ecae9eec43
-
SHA1
c1461215a19ebfab63d6c1a07c57c1778a6d64e8
-
SHA256
15cba76812a5b7bc6da2a63484e8e95868a5060345c2844f69f40be2befc473b
-
SHA512
eb8b78a877e5fa873d69599fd5f51f378f5deaeee99dcfec5471591d21955d8c0a8b7ad64197564fae6e9834b2e5d3e88c9b32522c82adc4cecd77edf6f5c8ad
-
SSDEEP
24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk
Malware Config
Targets
-
-
Target
15cba76812a5b7bc6da2a63484e8e95868a5060345c2844f69f40be2befc473b
-
Size
1.4MB
-
MD5
77d77db6a2a5c89fddefe5ecae9eec43
-
SHA1
c1461215a19ebfab63d6c1a07c57c1778a6d64e8
-
SHA256
15cba76812a5b7bc6da2a63484e8e95868a5060345c2844f69f40be2befc473b
-
SHA512
eb8b78a877e5fa873d69599fd5f51f378f5deaeee99dcfec5471591d21955d8c0a8b7ad64197564fae6e9834b2e5d3e88c9b32522c82adc4cecd77edf6f5c8ad
-
SSDEEP
24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk
Score8/10-
Modifies Windows Firewall
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1