General

  • Target

    ImageLoggerV7.exe

  • Size

    74.7MB

  • Sample

    231126-n5n9kshb7s

  • MD5

    7096f78ead4c287ea1fed8255826e504

  • SHA1

    fc46b41a518fa443d844be065da86a9a4ea5892d

  • SHA256

    93e605a508299aa068f63da6a0b610f72fd37e964d017287cf7f76b2260571f0

  • SHA512

    400a1ab5030c0b389c3455c172658ed8b2bd9ea124d355fce134b6c6eca9b511c6898af2ac9c4c5497a7bf770f36661d8510cdd4c514a782ac3440179b228a10

  • SSDEEP

    1572864:bI2MueQpjkkSk8IpG7V+VPhqSSE7ARjRHlWWpyppiZzI+hR1XWTQZj4AN1S:8ZueqwkSkB05awS8Rd0eg2zd7XLus1S

Malware Config

Targets

    • Target

      ImageLoggerV7.exe

    • Size

      74.7MB

    • MD5

      7096f78ead4c287ea1fed8255826e504

    • SHA1

      fc46b41a518fa443d844be065da86a9a4ea5892d

    • SHA256

      93e605a508299aa068f63da6a0b610f72fd37e964d017287cf7f76b2260571f0

    • SHA512

      400a1ab5030c0b389c3455c172658ed8b2bd9ea124d355fce134b6c6eca9b511c6898af2ac9c4c5497a7bf770f36661d8510cdd4c514a782ac3440179b228a10

    • SSDEEP

      1572864:bI2MueQpjkkSk8IpG7V+VPhqSSE7ARjRHlWWpyppiZzI+hR1XWTQZj4AN1S:8ZueqwkSkB05awS8Rd0eg2zd7XLus1S

    • Enumerates VirtualBox DLL files

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks