General

  • Target

    4a6b32277355b9f4a17a4d0177095fa6

  • Size

    2.6MB

  • Sample

    240108-excq5sahep

  • MD5

    4a6b32277355b9f4a17a4d0177095fa6

  • SHA1

    9e5b9db22bfe88d2b5a2eff98b89555dbbf4039f

  • SHA256

    370c762b6bc10785dabf7beebb6994d15000281c3a285524c604629cc0f80576

  • SHA512

    4a28aaffba16589a206f73f9dfa1b4dd663109de8e831a2517f28a57d2c64b09ec844864c74fba3f59a998475010fcd1cb7ca70869fd9f2b6657c74ad877ccfc

  • SSDEEP

    49152:bX8ferQZbd2ohLbOnBVj6yBw1z/HJfSoMfjDsgUp8Z6r8:xrQZ1O16y2VpfcbDsgo8

Score
10/10

Malware Config

Targets

    • Target

      4a6b32277355b9f4a17a4d0177095fa6

    • Size

      2.6MB

    • MD5

      4a6b32277355b9f4a17a4d0177095fa6

    • SHA1

      9e5b9db22bfe88d2b5a2eff98b89555dbbf4039f

    • SHA256

      370c762b6bc10785dabf7beebb6994d15000281c3a285524c604629cc0f80576

    • SHA512

      4a28aaffba16589a206f73f9dfa1b4dd663109de8e831a2517f28a57d2c64b09ec844864c74fba3f59a998475010fcd1cb7ca70869fd9f2b6657c74ad877ccfc

    • SSDEEP

      49152:bX8ferQZbd2ohLbOnBVj6yBw1z/HJfSoMfjDsgUp8Z6r8:xrQZ1O16y2VpfcbDsgo8

    Score
    10/10
    • Modifies visibility of file extensions in Explorer

    • Blocks application from running via registry modification

      Adds application to list of disallowed applications.

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks