General

  • Target

    be968b4ae0db04dff9eb238f51721401f619306479b031c5607990bb603fb0ee

  • Size

    24KB

  • Sample

    240311-alv15afb47

  • MD5

    d4ad258d7f1ee59c0c0dd035908cb4d3

  • SHA1

    6299209cc85fd1aa05afd82bd161f0cdac1cee97

  • SHA256

    be968b4ae0db04dff9eb238f51721401f619306479b031c5607990bb603fb0ee

  • SHA512

    16787216b62235540e30649b30f5bf156de062e8c167349aebb6fe7d8909a8ef2dc1f7826917971a9caf59bbcea11a4812927e7827927d8e0e240a3f2e81de13

  • SSDEEP

    768:jIUGI8g5Q/lvi2vJ8wxBnxZ9V7S5BNpBoG0vJILNgZjJyL:j4Rga9vJX9rV72XSG0viJgZjUL

Malware Config

Targets

    • Target

      be968b4ae0db04dff9eb238f51721401f619306479b031c5607990bb603fb0ee

    • Size

      24KB

    • MD5

      d4ad258d7f1ee59c0c0dd035908cb4d3

    • SHA1

      6299209cc85fd1aa05afd82bd161f0cdac1cee97

    • SHA256

      be968b4ae0db04dff9eb238f51721401f619306479b031c5607990bb603fb0ee

    • SHA512

      16787216b62235540e30649b30f5bf156de062e8c167349aebb6fe7d8909a8ef2dc1f7826917971a9caf59bbcea11a4812927e7827927d8e0e240a3f2e81de13

    • SSDEEP

      768:jIUGI8g5Q/lvi2vJ8wxBnxZ9V7S5BNpBoG0vJILNgZjJyL:j4Rga9vJX9rV72XSG0viJgZjUL

    • Windows security bypass

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Windows security modification

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks