Resubmissions

23/09/2023, 20:25

230923-y681gsca67 8

23/09/2023, 20:16

230923-y2al5aac5z 8

General

  • Target

    Unconfirmed 226848.exe

  • Size

    2.0MB

  • Sample

    230923-y2al5aac5z

  • MD5

    7177f798d7ec4dc325205fdd9c5fa753

  • SHA1

    accb343313902a997bfa5028fa27da69f0cc820a

  • SHA256

    a914d414ff94b74b685a180608462ff13dcae3586da797c34a0eb1b02dabf828

  • SHA512

    5548a3c96175e9f674c07cb67f59ad800b43766b0e075b1f245b53f924fb024157789e4d6cb6490dc9b70c3015731417863c39d9c41f0eb1a161c5d00925dc50

  • SSDEEP

    49152:2FP13ycDr/sbG33MZ9w+2/+F6dtrYvVOPyUgPq:2T3y/b0H/+F6deGXd

Malware Config

Targets

    • Target

      Unconfirmed 226848.exe

    • Size

      2.0MB

    • MD5

      7177f798d7ec4dc325205fdd9c5fa753

    • SHA1

      accb343313902a997bfa5028fa27da69f0cc820a

    • SHA256

      a914d414ff94b74b685a180608462ff13dcae3586da797c34a0eb1b02dabf828

    • SHA512

      5548a3c96175e9f674c07cb67f59ad800b43766b0e075b1f245b53f924fb024157789e4d6cb6490dc9b70c3015731417863c39d9c41f0eb1a161c5d00925dc50

    • SSDEEP

      49152:2FP13ycDr/sbG33MZ9w+2/+F6dtrYvVOPyUgPq:2T3y/b0H/+F6deGXd

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks