General

  • Target

    Bigscreen_Screenshot.jpg

  • Size

    93KB

  • Sample

    240302-vbm8rafe62

  • MD5

    b8be06e35c01af51882a3591dbe78832

  • SHA1

    00cbdadfb93b0623ec8cf028261a70535fae6f73

  • SHA256

    7333b7733890cf98b7e57a2471a75bcb9538766db83a367482d4c36b2b57d3f0

  • SHA512

    f4aaa9e0ccbd4ea64db6e990263ae60f525b8539081c77d15ffbd20bcbdac78f5f65178671c0bf0c45107b009a8fd2251bfbefd52946a33e1720b5a46fee8d56

  • SSDEEP

    1536:3XagSHVcEiRf7vmi/wkOJW+nHMgZpdGco05CAIWRm7ji0OiQbID1TRh5FU2d:HrGcEiRCi/sdHMgZp8cXIo5DiQMD1TRZ

Malware Config

Targets

    • Target

      Bigscreen_Screenshot.jpg

    • Size

      93KB

    • MD5

      b8be06e35c01af51882a3591dbe78832

    • SHA1

      00cbdadfb93b0623ec8cf028261a70535fae6f73

    • SHA256

      7333b7733890cf98b7e57a2471a75bcb9538766db83a367482d4c36b2b57d3f0

    • SHA512

      f4aaa9e0ccbd4ea64db6e990263ae60f525b8539081c77d15ffbd20bcbdac78f5f65178671c0bf0c45107b009a8fd2251bfbefd52946a33e1720b5a46fee8d56

    • SSDEEP

      1536:3XagSHVcEiRf7vmi/wkOJW+nHMgZpdGco05CAIWRm7ji0OiQbID1TRh5FU2d:HrGcEiRCi/sdHMgZp8cXIo5DiQMD1TRZ

    • Downloads MZ/PE file

    • Modifies Installed Components in the registry

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks