General

  • Target

    a0c3da4da1e51fb53c47a0681f14ca9a.exe

  • Size

    168KB

  • Sample

    240107-xz79yadbf5

  • MD5

    a0c3da4da1e51fb53c47a0681f14ca9a

  • SHA1

    bbdac448bf011102d939af1d38375b6c73cab9b6

  • SHA256

    9fe5a19eed753466edb638b3a8d55fb3a574af29aea75266729a8b89e747d223

  • SHA512

    ca8fc2631a3ad61f8bfcdf4d94911bd5a8257b62b1a5fa23c77d7a0b84537c79eebc3c6a8a83f2c39f329381ff94d7db994aea9efe7f13862a1df58b054906cb

  • SSDEEP

    3072:kBS9OH5a/MGN5beMnzVP4vr3/vOY1TDZz7gvXVdxN7VBfUWU1kX:kBSkfO5iMzJo3+Y1Th7qTPTks

Malware Config

Targets

    • Target

      a0c3da4da1e51fb53c47a0681f14ca9a.exe

    • Size

      168KB

    • MD5

      a0c3da4da1e51fb53c47a0681f14ca9a

    • SHA1

      bbdac448bf011102d939af1d38375b6c73cab9b6

    • SHA256

      9fe5a19eed753466edb638b3a8d55fb3a574af29aea75266729a8b89e747d223

    • SHA512

      ca8fc2631a3ad61f8bfcdf4d94911bd5a8257b62b1a5fa23c77d7a0b84537c79eebc3c6a8a83f2c39f329381ff94d7db994aea9efe7f13862a1df58b054906cb

    • SSDEEP

      3072:kBS9OH5a/MGN5beMnzVP4vr3/vOY1TDZz7gvXVdxN7VBfUWU1kX:kBSkfO5iMzJo3+Y1Th7qTPTks

    • Modifies firewall policy service

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks