General

  • Target

    11.zip

  • Size

    5.4MB

  • Sample

    231209-p58tnaabb9

  • MD5

    6accc69ceda7b41de52d28c9481df3a2

  • SHA1

    b8bd4a1d3b1e518006956055091c797e1d4cd4ed

  • SHA256

    2dff803a0f9202e08a9cb461af673224ce63d463457783cf6def3d6edce0096c

  • SHA512

    7f17453b33936dda8026e71ccb86b55ecc7252390e9db7547789cc62085586ada087a43387bced41f4b5a0fa3d1bb9abbfbe126e1ea8975988ac47ee81a58004

  • SSDEEP

    98304:qKuxuS4W9LMu/qh5lZ+AirrsmrD+B0PSvv7LiXLAstzcnas9XuXwTBvzXRUxacNi:BuxuS4WL/qdZTiJXg0EvniXc8zca8GwX

Malware Config

Targets

    • Target

      11.exe

    • Size

      5.6MB

    • MD5

      c29986126b0a39bd9541b2e68bd8f062

    • SHA1

      7348dbd3031311ecfd2c577a829ef02c505a3246

    • SHA256

      7ac3b87bb176064acb64df32140f4853cda01e39dd7f99c349b4c03ce4a54aef

    • SHA512

      d7a013a37f6ba16e9e1583dafe775aaec308a5aba8ac4b4f6b3b30170e4bd8f28154ea1bccebb65fa6800cfb37a41a3d56f3a67f3b2b1e0ff512e4947707ccaf

    • SSDEEP

      98304:CxGhH1R4Ar8ZczjnZRHjE4Wko+31hznQSK2MnTobkDg6dfv0zLbRq05p:3hVRLZnZljEn/8Zfvtbu5fvSL9x

    • Disables RegEdit via registry modification

    • Disables Task Manager via registry modification

    • Sets file execution options in registry

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks