General
-
Target
4939e3970031f5fa049b2fae68069b52
-
Size
4.5MB
-
Sample
240107-rtsz6sabc2
-
MD5
4939e3970031f5fa049b2fae68069b52
-
SHA1
758e7a8c35d3a0503191bb1272a9a97e88be6544
-
SHA256
693c98209d73e643781f4c8b0b143d61143c8f256f479311def7cbadbee1888e
-
SHA512
caddf036d6826d6a7ff353ae556a78941b5990982409c35b46887ac3ace2432af43b93fe3194a339e392af4527e49ff928bd8d53ed2928b45bb113ae2d40e24c
-
SSDEEP
98304:vU1FB2INAL29YBwDKeEoGBAcxpba5mgWUZMXfCcNn6w4GZwAGPzx:vUTK29LOroZyamvUZMXfrN6w4G6xzx
Malware Config
Targets
-
-
Target
4939e3970031f5fa049b2fae68069b52
-
Size
4.5MB
-
MD5
4939e3970031f5fa049b2fae68069b52
-
SHA1
758e7a8c35d3a0503191bb1272a9a97e88be6544
-
SHA256
693c98209d73e643781f4c8b0b143d61143c8f256f479311def7cbadbee1888e
-
SHA512
caddf036d6826d6a7ff353ae556a78941b5990982409c35b46887ac3ace2432af43b93fe3194a339e392af4527e49ff928bd8d53ed2928b45bb113ae2d40e24c
-
SSDEEP
98304:vU1FB2INAL29YBwDKeEoGBAcxpba5mgWUZMXfCcNn6w4GZwAGPzx:vUTK29LOroZyamvUZMXfrN6w4G6xzx
Score8/10-
Stops running service(s)
-
Uses Session Manager for persistence
Creates Session Manager registry key to run executable early in system boot.
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1