General
-
Target
375eef7af2dc0120024cb76e3b8f37ac
-
Size
184KB
-
Sample
231231-qed22agaal
-
MD5
375eef7af2dc0120024cb76e3b8f37ac
-
SHA1
29416ab3e57f77f0a6e804bfae95f3259eb5ee84
-
SHA256
dacf062c795698d8ad961e3a26ce8774a395fa4c0fccc86971e330b7c50ebe0f
-
SHA512
b89a0ab7835b01caae06eeda7c1a83c44b8679de7ee7b8558012100f7b3634cbc6b4dd10c65f785fe4f802b7a41d6abace4bca3dc4d9f08882b84059f18066d5
-
SSDEEP
3072:1p2jqvElYkRFzYRkfTEctFbToNoL+/pBHViXxRkp8YN0Tod7VI87BfR7K+TZcTgm:1Qqv6RFzYRKTEiFXbL+/nRp8Yp7jNFQ
Malware Config
Targets
-
-
Target
375eef7af2dc0120024cb76e3b8f37ac
-
Size
184KB
-
MD5
375eef7af2dc0120024cb76e3b8f37ac
-
SHA1
29416ab3e57f77f0a6e804bfae95f3259eb5ee84
-
SHA256
dacf062c795698d8ad961e3a26ce8774a395fa4c0fccc86971e330b7c50ebe0f
-
SHA512
b89a0ab7835b01caae06eeda7c1a83c44b8679de7ee7b8558012100f7b3634cbc6b4dd10c65f785fe4f802b7a41d6abace4bca3dc4d9f08882b84059f18066d5
-
SSDEEP
3072:1p2jqvElYkRFzYRkfTEctFbToNoL+/pBHViXxRkp8YN0Tod7VI87BfR7K+TZcTgm:1Qqv6RFzYRKTEiFXbL+/nRp8Yp7jNFQ
Score10/10-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Sets service image path in registry
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
3Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
3Create or Modify System Process
1Windows Service
1