General
-
Target
2be023437c9ac2ee5cf5ff59f2755695
-
Size
121KB
-
Sample
231231-hclp4aabb8
-
MD5
2be023437c9ac2ee5cf5ff59f2755695
-
SHA1
fce23cea7072b64f26e93c4d22e110313e373c45
-
SHA256
95b9b425ba1ba1a3033854240482ebafbe574717fe656b6642e13a29acdf683b
-
SHA512
3a0a6c0a88466eed5facb3ff19e33fc302e7c0e7d09595001df7261a63bb3507eb70b98c2ba1d5aea6c23d4fa4146b5daf0292954550093146f072822c553cf5
-
SSDEEP
3072:QCbOc4Mx4WckUmgAsOxIYcNmqr5pHkDdKblcd8A5RxfF70H5:Q9qxf+ArxIYgrHgKRcN5RxN70H5
Malware Config
Targets
-
-
Target
2be023437c9ac2ee5cf5ff59f2755695
-
Size
121KB
-
MD5
2be023437c9ac2ee5cf5ff59f2755695
-
SHA1
fce23cea7072b64f26e93c4d22e110313e373c45
-
SHA256
95b9b425ba1ba1a3033854240482ebafbe574717fe656b6642e13a29acdf683b
-
SHA512
3a0a6c0a88466eed5facb3ff19e33fc302e7c0e7d09595001df7261a63bb3507eb70b98c2ba1d5aea6c23d4fa4146b5daf0292954550093146f072822c553cf5
-
SSDEEP
3072:QCbOc4Mx4WckUmgAsOxIYcNmqr5pHkDdKblcd8A5RxfF70H5:Q9qxf+ArxIYgrHgKRcN5RxN70H5
Score8/10-
Sets file execution options in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Checks for any installed AV software in registry
-
Checks whether UAC is enabled
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
3