General
-
Target
0d56245a7ee90baf5613df85c37e0517
-
Size
1.1MB
-
Sample
231225-htg38safe6
-
MD5
0d56245a7ee90baf5613df85c37e0517
-
SHA1
603f4f9126b44ea81f00f37e494e40f04fc89438
-
SHA256
a09594c17a8372257fb8cecd0fabef4962ed689ac7462048d48abf93805eef8f
-
SHA512
77c134f7db7019c68456c414a021bf2e6d3f69b6363208ed1a514a2165c2bc1ea26e3d385e49e411b46255915095f4058faa90f67e5fc17f8175023081b84a3b
-
SSDEEP
24576:xGr/Cm+X18zVkUetVI5ut/VkP+x6IS0CDm:QE1yZuvS0CS
Malware Config
Targets
-
-
Target
0d56245a7ee90baf5613df85c37e0517
-
Size
1.1MB
-
MD5
0d56245a7ee90baf5613df85c37e0517
-
SHA1
603f4f9126b44ea81f00f37e494e40f04fc89438
-
SHA256
a09594c17a8372257fb8cecd0fabef4962ed689ac7462048d48abf93805eef8f
-
SHA512
77c134f7db7019c68456c414a021bf2e6d3f69b6363208ed1a514a2165c2bc1ea26e3d385e49e411b46255915095f4058faa90f67e5fc17f8175023081b84a3b
-
SSDEEP
24576:xGr/Cm+X18zVkUetVI5ut/VkP+x6IS0CDm:QE1yZuvS0CS
Score10/10-
Modifies visibility of file extensions in Explorer
-
Disables use of System Restore points
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
3