General
-
Target
a193e4b273ce369338408e550ecd76d5.exe
-
Size
512KB
-
Sample
240107-x93gfadee8
-
MD5
a193e4b273ce369338408e550ecd76d5
-
SHA1
87441d6e9bbc39d72223e46f0a8391ecf21f5692
-
SHA256
729fc5a004f4f978a1bb2ea3e7ee8ea12e1896be1cab5ea5afc21f6cee495c43
-
SHA512
fe01e7cf10467f8093fcb72abe72e5b4da2361b9af9d556be7977a8e58c3dc27d9d1e39b6facd0b127433af9d7b46b4cc28cf348fe1cb641cd4dd63d0f4f30ce
-
SSDEEP
6144:1VY0W0sVVZ/dkq5BCoFaJ2i5Lf24C07N5OvSLTUF6pQxI6Upe2cBnTu19bcodj67:1gDhdkq5BCoC5LfWSLTUQpr2Zu19Qm5C
Static task
static1
Behavioral task
behavioral1
Sample
a193e4b273ce369338408e550ecd76d5.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
a193e4b273ce369338408e550ecd76d5.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
a193e4b273ce369338408e550ecd76d5.exe
-
Size
512KB
-
MD5
a193e4b273ce369338408e550ecd76d5
-
SHA1
87441d6e9bbc39d72223e46f0a8391ecf21f5692
-
SHA256
729fc5a004f4f978a1bb2ea3e7ee8ea12e1896be1cab5ea5afc21f6cee495c43
-
SHA512
fe01e7cf10467f8093fcb72abe72e5b4da2361b9af9d556be7977a8e58c3dc27d9d1e39b6facd0b127433af9d7b46b4cc28cf348fe1cb641cd4dd63d0f4f30ce
-
SSDEEP
6144:1VY0W0sVVZ/dkq5BCoFaJ2i5Lf24C07N5OvSLTUF6pQxI6Upe2cBnTu19bcodj67:1gDhdkq5BCoC5LfWSLTUQpr2Zu19Qm5C
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Disables RegEdit via registry modification
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Modifies WinLogon
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Impair Defenses
2Disable or Modify Tools
2Modify Registry
7