General

  • Target

    letsview-setup-saas-a.exe

  • Size

    2.4MB

  • Sample

    240223-sdhpyace7t

  • MD5

    852dc0ab014f67ef4a792ce1dbcdaca6

  • SHA1

    f1d5ff7dc88a70a096c12c8c766fc0eeb4528750

  • SHA256

    23c46aa032018c8769053f10fe844376df8df15b496c04c59f04097e274e59f7

  • SHA512

    af3d77d44246a05eb7484a8d4d2ac6e6346ec690539cf82e79059b2cca197e6167fd73c7e7b2ea1a86369d11be597b3a79cd802ec1db78bee3c403eb1903e915

  • SSDEEP

    49152:t+iLgXBxC4o+JMv2Dpjm0zV4LTGnk/lD/lZyWVu8s0:t+5rFDpjmEZK9

Malware Config

Targets

    • Target

      letsview-setup-saas-a.exe

    • Size

      2.4MB

    • MD5

      852dc0ab014f67ef4a792ce1dbcdaca6

    • SHA1

      f1d5ff7dc88a70a096c12c8c766fc0eeb4528750

    • SHA256

      23c46aa032018c8769053f10fe844376df8df15b496c04c59f04097e274e59f7

    • SHA512

      af3d77d44246a05eb7484a8d4d2ac6e6346ec690539cf82e79059b2cca197e6167fd73c7e7b2ea1a86369d11be597b3a79cd802ec1db78bee3c403eb1903e915

    • SSDEEP

      49152:t+iLgXBxC4o+JMv2Dpjm0zV4LTGnk/lD/lZyWVu8s0:t+5rFDpjmEZK9

    • Creates new service(s)

    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • Stops running service(s)

    • Modifies file permissions

    • Downloads MZ/PE file

    • Modifies Windows Firewall

MITRE ATT&CK Enterprise v15

Tasks