General

  • Target

    source_prepared.exe

  • Size

    78.6MB

  • Sample

    231126-qscq5ahf5v

  • MD5

    603d17e46d48d3ae6ef27acc8d11c002

  • SHA1

    824ce062ccecce8a83b5a654ec64f182e68425c6

  • SHA256

    9f2bfc17f6e1be6e4ef4259fa6776cc598aa654b61dbc30023aeb952d0698c76

  • SHA512

    3ab783d7640ed5a7cbec6e427d8644b777d13a5b582bc649ca386d435daf02eb7b14cd2dd27fb40067861f3542755fa9a19254ad37e20e201854ffb496af04a3

  • SSDEEP

    1572864:Y2MbiJR5Q3j0xSk8IpG7V+VPhqcLE73jC0WlsnghowmaOllpW2awBBxXBqX:YZbC+ySkB05awciujsghfxOllpzawBnY

Malware Config

Targets

    • Target

      source_prepared.exe

    • Size

      78.6MB

    • MD5

      603d17e46d48d3ae6ef27acc8d11c002

    • SHA1

      824ce062ccecce8a83b5a654ec64f182e68425c6

    • SHA256

      9f2bfc17f6e1be6e4ef4259fa6776cc598aa654b61dbc30023aeb952d0698c76

    • SHA512

      3ab783d7640ed5a7cbec6e427d8644b777d13a5b582bc649ca386d435daf02eb7b14cd2dd27fb40067861f3542755fa9a19254ad37e20e201854ffb496af04a3

    • SSDEEP

      1572864:Y2MbiJR5Q3j0xSk8IpG7V+VPhqcLE73jC0WlsnghowmaOllpW2awBBxXBqX:YZbC+ySkB05awciujsghfxOllpzawBnY

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks