General

  • Target

    375eef7af2dc0120024cb76e3b8f37ac

  • Size

    184KB

  • Sample

    231231-qed22agaal

  • MD5

    375eef7af2dc0120024cb76e3b8f37ac

  • SHA1

    29416ab3e57f77f0a6e804bfae95f3259eb5ee84

  • SHA256

    dacf062c795698d8ad961e3a26ce8774a395fa4c0fccc86971e330b7c50ebe0f

  • SHA512

    b89a0ab7835b01caae06eeda7c1a83c44b8679de7ee7b8558012100f7b3634cbc6b4dd10c65f785fe4f802b7a41d6abace4bca3dc4d9f08882b84059f18066d5

  • SSDEEP

    3072:1p2jqvElYkRFzYRkfTEctFbToNoL+/pBHViXxRkp8YN0Tod7VI87BfR7K+TZcTgm:1Qqv6RFzYRKTEiFXbL+/nRp8Yp7jNFQ

Score
10/10

Malware Config

Targets

    • Target

      375eef7af2dc0120024cb76e3b8f37ac

    • Size

      184KB

    • MD5

      375eef7af2dc0120024cb76e3b8f37ac

    • SHA1

      29416ab3e57f77f0a6e804bfae95f3259eb5ee84

    • SHA256

      dacf062c795698d8ad961e3a26ce8774a395fa4c0fccc86971e330b7c50ebe0f

    • SHA512

      b89a0ab7835b01caae06eeda7c1a83c44b8679de7ee7b8558012100f7b3634cbc6b4dd10c65f785fe4f802b7a41d6abace4bca3dc4d9f08882b84059f18066d5

    • SSDEEP

      3072:1p2jqvElYkRFzYRkfTEctFbToNoL+/pBHViXxRkp8YN0Tod7VI87BfR7K+TZcTgm:1Qqv6RFzYRKTEiFXbL+/nRp8Yp7jNFQ

    Score
    10/10
    • Modifies firewall policy service

    • Adds policy Run key to start application

    • Sets service image path in registry

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks