General
-
Target
ee6b88cc461522da447d37a2215db4fbc8173415b7500415e87fca4074ca9a96
-
Size
2.2MB
-
Sample
240118-ydxrragaen
-
MD5
e8d9f5064a245b92ae4115d40a3728af
-
SHA1
b6ab0071fff33365a3a3dfabbb3ff94360f20188
-
SHA256
ee6b88cc461522da447d37a2215db4fbc8173415b7500415e87fca4074ca9a96
-
SHA512
f0c16513cb55ea3e00b89c7bc85cb65e356af1535d23db5078ce0ec4d8b5494985baee267ae5f8625feaa8849c5741224b00bae46ecfe187efcb84c91839e7e1
-
SSDEEP
49152:19UJj87k/a4nQkh6ZISIyR7fJATyIeOgWfPfyDLmd/DIuJxThJqEB6ZmKYGCsWH1:m8D4nQkhSRtATyIe+fPf6Lmd/DI0xT5Z
Malware Config
Targets
-
-
Target
ee6b88cc461522da447d37a2215db4fbc8173415b7500415e87fca4074ca9a96
-
Size
2.2MB
-
MD5
e8d9f5064a245b92ae4115d40a3728af
-
SHA1
b6ab0071fff33365a3a3dfabbb3ff94360f20188
-
SHA256
ee6b88cc461522da447d37a2215db4fbc8173415b7500415e87fca4074ca9a96
-
SHA512
f0c16513cb55ea3e00b89c7bc85cb65e356af1535d23db5078ce0ec4d8b5494985baee267ae5f8625feaa8849c5741224b00bae46ecfe187efcb84c91839e7e1
-
SSDEEP
49152:19UJj87k/a4nQkh6ZISIyR7fJATyIeOgWfPfyDLmd/DIuJxThJqEB6ZmKYGCsWH1:m8D4nQkhSRtATyIe+fPf6Lmd/DI0xT5Z
Score8/10-
Downloads MZ/PE file
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Defense Evasion
Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1