General
-
Target
EasyConnectInstaller.exe
-
Size
26.2MB
-
Sample
240222-q4xknsae2y
-
MD5
421d6a237c728a82dd2ba79f1e0c3cc0
-
SHA1
7a0e2e2afdaf2dbca48827ae660ca65bfdbe5141
-
SHA256
2c56cc6fab26984a12f794ed5a8c9de6122c3b1a92bb7e00d763c78caf58d169
-
SHA512
b5efbcc35acde2e1380e9e614e1d5e933c3b10a3f586b39ec7dcdd10571ee64b16b7303d13e1938d5b6e1573d65b81b80ad2ecea30b669701a2e6c04fbc92332
-
SSDEEP
786432:OMA/NUxnkvZbfocYDotqxE80Z5eQfjI7y4gpgN/i65e9:Ciubo7dxE8icQb+yw49
Static task
static1
Behavioral task
behavioral1
Sample
EasyConnectInstaller.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
EasyConnectInstaller.exe
Resource
win10v2004-20240221-en
Malware Config
Targets
-
-
Target
EasyConnectInstaller.exe
-
Size
26.2MB
-
MD5
421d6a237c728a82dd2ba79f1e0c3cc0
-
SHA1
7a0e2e2afdaf2dbca48827ae660ca65bfdbe5141
-
SHA256
2c56cc6fab26984a12f794ed5a8c9de6122c3b1a92bb7e00d763c78caf58d169
-
SHA512
b5efbcc35acde2e1380e9e614e1d5e933c3b10a3f586b39ec7dcdd10571ee64b16b7303d13e1938d5b6e1573d65b81b80ad2ecea30b669701a2e6c04fbc92332
-
SSDEEP
786432:OMA/NUxnkvZbfocYDotqxE80Z5eQfjI7y4gpgN/i65e9:Ciubo7dxE8icQb+yw49
-
Drops file in Drivers directory
-
Manipulates Digital Signatures
Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Browser Extensions
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Subvert Trust Controls
2SIP and Trust Provider Hijacking
1Install Root Certificate
1Modify Registry
3