General
-
Target
85a57bb3801c013526929c5a1733eb2a20354f02fdcdb878428b6ff519b0b21d
-
Size
7.9MB
-
Sample
231117-xe2lnacg26
-
MD5
e2c5d569f851209d7a8c5cffcf3cf082
-
SHA1
82b1c453494e0190d4b4c8a66c5663a0e0826288
-
SHA256
85a57bb3801c013526929c5a1733eb2a20354f02fdcdb878428b6ff519b0b21d
-
SHA512
a069b15eee09f25027adaf99c45b7a5012c531d981c4b2c8c7673ac88c09e7b2b28fd8be8cc169395aa75ef07c21ac11dd8eef70da03f18aea858da55d3fc100
-
SSDEEP
196608:TOc3ngwaOmuH3PHJeqslY64iKjkVgfakqgrox:TO4ghYfJe/74iKjk+fangEx
Malware Config
Targets
-
-
Target
85a57bb3801c013526929c5a1733eb2a20354f02fdcdb878428b6ff519b0b21d
-
Size
7.9MB
-
MD5
e2c5d569f851209d7a8c5cffcf3cf082
-
SHA1
82b1c453494e0190d4b4c8a66c5663a0e0826288
-
SHA256
85a57bb3801c013526929c5a1733eb2a20354f02fdcdb878428b6ff519b0b21d
-
SHA512
a069b15eee09f25027adaf99c45b7a5012c531d981c4b2c8c7673ac88c09e7b2b28fd8be8cc169395aa75ef07c21ac11dd8eef70da03f18aea858da55d3fc100
-
SSDEEP
196608:TOc3ngwaOmuH3PHJeqslY64iKjkVgfakqgrox:TO4ghYfJe/74iKjk+fangEx
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
File and Directory Permissions Modification
1Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1