Resubmissions

11-12-2023 04:22

231211-ezqe1seba6 10

General

  • Target

    Source Prepared.zip

  • Size

    75.7MB

  • Sample

    231211-ezqe1seba6

  • MD5

    bdf4a795f4eb03d1b5284c801e119b3e

  • SHA1

    c0aaf3813a9a53c4790d4f325408aa9d40fe645f

  • SHA256

    2db3fa48b0da161c95da3dc682dbecf28633e372c43dac9668574eee8dce8dd3

  • SHA512

    4d97aa1dddc6c5adf861b63ed39add25e1ba2f0e19112a2b50a41e125a2959238fb0ede6f8b21e5cfe8c3e05966453b336e39e08536a4eea974f45f9e8c63306

  • SSDEEP

    1572864:h2yxH8d4YmQchaJNKvztG5dg/V9w1HCPxBRJLUkjU91cVw54IhfUbHm:h2i64Ym/QDGkU/41w3RJLUkNVw54Iabm

Malware Config

Targets

    • Target

      Source Prepared.zip

    • Size

      75.7MB

    • MD5

      bdf4a795f4eb03d1b5284c801e119b3e

    • SHA1

      c0aaf3813a9a53c4790d4f325408aa9d40fe645f

    • SHA256

      2db3fa48b0da161c95da3dc682dbecf28633e372c43dac9668574eee8dce8dd3

    • SHA512

      4d97aa1dddc6c5adf861b63ed39add25e1ba2f0e19112a2b50a41e125a2959238fb0ede6f8b21e5cfe8c3e05966453b336e39e08536a4eea974f45f9e8c63306

    • SSDEEP

      1572864:h2yxH8d4YmQchaJNKvztG5dg/V9w1HCPxBRJLUkjU91cVw54IhfUbHm:h2i64Ym/QDGkU/41w3RJLUkNVw54Iabm

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Legitimate hosting services abused for malware hosting/C2

    • Target

      source_prepared.exe

    • Size

      76.1MB

    • MD5

      61c3e35cca3c2d464e7c60488976325d

    • SHA1

      82f93661c75ec16cf97f6bbe2a4f9d59f0d5b656

    • SHA256

      8119aa85b94bcbe62f657a24ab9b5e3fab400cba6f085e86ee53b9035d96d608

    • SHA512

      14144177a2abb9bfee7949831a05577aa15e3f4de8cf20269dc967f0fcd0ac2eabed0a777a84e021904d6b4994f89441034eb51f743ca3c59425dd75df1821eb

    • SSDEEP

      1572864:geQpj2UkSk8IpG7V+VPhqgtgWUBtgWqchjRMBnsWE5mxXMIciWy9ZFZj:geqjkSkB05awtWUgW9dMBnsWEtIciX9N

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks