Resubmissions

04/02/2024, 21:22

240204-z8afdabbc2 8

04/02/2024, 21:17

240204-z4z58sdack 7

General

  • Target

    Old-TLauncher.exe

  • Size

    8.9MB

  • Sample

    240204-z8afdabbc2

  • MD5

    505731086d2f448e68c025a7003efe00

  • SHA1

    e8358cf87df55712a7b6998d1816e94b57f3b7c1

  • SHA256

    978dfe8f0fbb57398366e2302055b58fa641258f53db6909fca2b5a1e87ff3c5

  • SHA512

    856ad2f0caa72c15b20831c7e1d8917329907381e1e95ce470ff3592755804cc17cd507c105d49fdecbc418a2c3f2b01e1be2ce15dc981aeb7f39ce2889cb4d4

  • SSDEEP

    196608:vRAQAHQHWFm5kAiFWnuf6J/+Ift24xJN+vwvasDU6sU0s:LUn6nDJ/+v4xJprUB4

Malware Config

Targets

    • Target

      Old-TLauncher.exe

    • Size

      8.9MB

    • MD5

      505731086d2f448e68c025a7003efe00

    • SHA1

      e8358cf87df55712a7b6998d1816e94b57f3b7c1

    • SHA256

      978dfe8f0fbb57398366e2302055b58fa641258f53db6909fca2b5a1e87ff3c5

    • SHA512

      856ad2f0caa72c15b20831c7e1d8917329907381e1e95ce470ff3592755804cc17cd507c105d49fdecbc418a2c3f2b01e1be2ce15dc981aeb7f39ce2889cb4d4

    • SSDEEP

      196608:vRAQAHQHWFm5kAiFWnuf6J/+Ift24xJN+vwvasDU6sU0s:LUn6nDJ/+v4xJprUB4

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks