General

  • Target

    source_prepared.exe

  • Size

    73.9MB

  • Sample

    231224-mg8smseae5

  • MD5

    210c68681ae7f19abfc8e737ae794fab

  • SHA1

    680728c4031ac2ef4d2e7a277d203efd77ac9835

  • SHA256

    38cb82693f0872440eac61c673e9f65136d854ba421842ab9fb4ed76c45a2df9

  • SHA512

    87ed87496c99cc7773029a48666298ca75e81cf7a92cd3448be36fd3c0b22b1470b608cad22b3bd2334959db1cd5e12f64dfed7b85bbe7e08c8a09f2b71c7a10

  • SSDEEP

    1572864:D2MueQpj2pSk8IpG7V+VPhqILE7D1jRMyWWpyppiZzI+hRUWHAZT5B:DZueqkSkB05awIK1dMReg2zdeqA/

Malware Config

Targets

    • Target

      source_prepared.exe

    • Size

      73.9MB

    • MD5

      210c68681ae7f19abfc8e737ae794fab

    • SHA1

      680728c4031ac2ef4d2e7a277d203efd77ac9835

    • SHA256

      38cb82693f0872440eac61c673e9f65136d854ba421842ab9fb4ed76c45a2df9

    • SHA512

      87ed87496c99cc7773029a48666298ca75e81cf7a92cd3448be36fd3c0b22b1470b608cad22b3bd2334959db1cd5e12f64dfed7b85bbe7e08c8a09f2b71c7a10

    • SSDEEP

      1572864:D2MueQpj2pSk8IpG7V+VPhqILE7D1jRMyWWpyppiZzI+hRUWHAZT5B:DZueqkSkB05awIK1dMReg2zdeqA/

    • Enumerates VirtualBox DLL files

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks