General
-
Target
a9f3273080e0da16806650602141d883
-
Size
3.3MB
-
Sample
240227-xxw4wshd4t
-
MD5
a9f3273080e0da16806650602141d883
-
SHA1
27a8fdc85809a4352b56454b39ab60fcf5fe9152
-
SHA256
cc766424b7aa2d9fa11934dabb9be55f8938b001eb72692d447fd696d8eaef1e
-
SHA512
9805cbae68904e1c019d308275ce90b291935fc28be92b5250fe77f63eeab8896fae195cd6de2fc2dd10cbb99e75fcb28b61ca1b9054864f9cb66b7d0c5fc8f2
-
SSDEEP
98304:phQzyHkfFHatOcwBM1ALO9qcb98sQT46YMQ+a0:puW4Ha4bBWL98sB6YMQv
Malware Config
Targets
-
-
Target
a9f3273080e0da16806650602141d883
-
Size
3.3MB
-
MD5
a9f3273080e0da16806650602141d883
-
SHA1
27a8fdc85809a4352b56454b39ab60fcf5fe9152
-
SHA256
cc766424b7aa2d9fa11934dabb9be55f8938b001eb72692d447fd696d8eaef1e
-
SHA512
9805cbae68904e1c019d308275ce90b291935fc28be92b5250fe77f63eeab8896fae195cd6de2fc2dd10cbb99e75fcb28b61ca1b9054864f9cb66b7d0c5fc8f2
-
SSDEEP
98304:phQzyHkfFHatOcwBM1ALO9qcb98sQT46YMQ+a0:puW4Ha4bBWL98sB6YMQv
Score8/10-
Stops running service(s)
-
Uses Session Manager for persistence
Creates Session Manager registry key to run executable early in system boot.
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
1Windows Service
1Scheduled Task/Job
1