General

  • Target

    8af84f8d39f48976448c2be647ca2789

  • Size

    84KB

  • Sample

    240203-a9tszafeem

  • MD5

    8af84f8d39f48976448c2be647ca2789

  • SHA1

    ae7a2bf8af3911bc1538ae90e5336b47d23d87b8

  • SHA256

    5707159146a77ac06aa9208504823c06c98e8e899f2ed71493f453d0e4fad3b7

  • SHA512

    588e6a4605802b9628dc8fd16bd0021252b2618159554c564d0e2459ba28e0415144ec232cc7103e8b51cd53837cff6dcbf4bc6e158d2fa3acefb1c5c4fb93cd

  • SSDEEP

    1536:7u4nPGyZSiVVnDfSIEd6zplQosy//rNjWFMiDIPA49v05xL1godLjUEE:7fu+VDyd4ntsyhjWFLIPagk7E

Malware Config

Targets

    • Target

      8af84f8d39f48976448c2be647ca2789

    • Size

      84KB

    • MD5

      8af84f8d39f48976448c2be647ca2789

    • SHA1

      ae7a2bf8af3911bc1538ae90e5336b47d23d87b8

    • SHA256

      5707159146a77ac06aa9208504823c06c98e8e899f2ed71493f453d0e4fad3b7

    • SHA512

      588e6a4605802b9628dc8fd16bd0021252b2618159554c564d0e2459ba28e0415144ec232cc7103e8b51cd53837cff6dcbf4bc6e158d2fa3acefb1c5c4fb93cd

    • SSDEEP

      1536:7u4nPGyZSiVVnDfSIEd6zplQosy//rNjWFMiDIPA49v05xL1godLjUEE:7fu+VDyd4ntsyhjWFLIPagk7E

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks