General

  • Target

    3d58f5ca2ffb62a9649de5bab8a38aa02313a1acafe1cd2b47512b289cce4ad9

  • Size

    941KB

  • Sample

    240305-aya7gsaa52

  • MD5

    2a7562b974db6cd02c93d68e5acadb32

  • SHA1

    15f6a6a76c5057763473de3da5bede7aacce9767

  • SHA256

    3d58f5ca2ffb62a9649de5bab8a38aa02313a1acafe1cd2b47512b289cce4ad9

  • SHA512

    03c7bfc2317daf55e458ec31845a25af9f14dcd24f900897d66aa8401377badb69ac35e56f21773a5409438ff2e986c6c08e60dd8805cee246f3512c159dbb9c

  • SSDEEP

    24576:+Ex45zxI+y2HE1I/S37iH5lIyyx1f5l/:izxIOHhS37iHzIyg/l

Malware Config

Targets

    • Target

      3d58f5ca2ffb62a9649de5bab8a38aa02313a1acafe1cd2b47512b289cce4ad9

    • Size

      941KB

    • MD5

      2a7562b974db6cd02c93d68e5acadb32

    • SHA1

      15f6a6a76c5057763473de3da5bede7aacce9767

    • SHA256

      3d58f5ca2ffb62a9649de5bab8a38aa02313a1acafe1cd2b47512b289cce4ad9

    • SHA512

      03c7bfc2317daf55e458ec31845a25af9f14dcd24f900897d66aa8401377badb69ac35e56f21773a5409438ff2e986c6c08e60dd8805cee246f3512c159dbb9c

    • SSDEEP

      24576:+Ex45zxI+y2HE1I/S37iH5lIyyx1f5l/:izxIOHhS37iHzIyg/l

    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • UAC bypass

    • Disables taskbar notifications via registry modification

    • Possible privilege escalation attempt

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Deletes itself

    • Executes dropped EXE

    • Modifies file permissions

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

MITRE ATT&CK Enterprise v15

Tasks