Resubmissions

03-03-2024 11:27

240303-nkmj9ahg51 7

02-03-2024 09:29

240302-lf8wkscd47 7

02-03-2024 09:24

240302-ldgdjscd26 7

02-03-2024 09:19

240302-laarlacc93 7

General

  • Target

    TLauncher-2.86-Installer-1.0.1.exe

  • Size

    21.7MB

  • Sample

    240303-nkmj9ahg51

  • MD5

    f643be370cc9763a17f7746b1b6a0243

  • SHA1

    c65391f59a6e1421d783eaf43eb9661cfd476f82

  • SHA256

    5ab5f39d143b6ff77df2fd5026ac8e4788edfd3de27a4e1fa4b420a7d2f61d38

  • SHA512

    5ce377dc1a4a59723cf2b969c0cadb3197e5bf61d0064e2e8c94a0be9d4fd1cd9b33e05078a17e89f54b763e180be32ce14b46949a58ff47e5df18183291142f

  • SSDEEP

    393216:WXYwVCtYto0fs/dQETVlOBbpFEj9GZdqV56HpkbGCST7yuk9sLx:WowVCWTHExiTTqqHpMsV

Malware Config

Targets

    • Target

      TLauncher-2.86-Installer-1.0.1.exe

    • Size

      21.7MB

    • MD5

      f643be370cc9763a17f7746b1b6a0243

    • SHA1

      c65391f59a6e1421d783eaf43eb9661cfd476f82

    • SHA256

      5ab5f39d143b6ff77df2fd5026ac8e4788edfd3de27a4e1fa4b420a7d2f61d38

    • SHA512

      5ce377dc1a4a59723cf2b969c0cadb3197e5bf61d0064e2e8c94a0be9d4fd1cd9b33e05078a17e89f54b763e180be32ce14b46949a58ff47e5df18183291142f

    • SSDEEP

      393216:WXYwVCtYto0fs/dQETVlOBbpFEj9GZdqV56HpkbGCST7yuk9sLx:WowVCWTHExiTTqqHpMsV

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Modifies file permissions

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Checks for any installed AV software in registry

    • Checks whether UAC is enabled

    • Downloads MZ/PE file

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Legitimate hosting services abused for malware hosting/C2

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks