Resubmissions

11-03-2024 09:51

240311-lvqzbahb5s 10

11-03-2024 09:41

240311-lnzymsgh8s 10

General

  • Target

    MrsMajor2.0-main.zip

  • Size

    19.7MB

  • Sample

    240311-lvqzbahb5s

  • MD5

    89aa6864c707f6f807714ab587c6557b

  • SHA1

    c7ab8a280c95b45fedb236eaa7f83bd844be118e

  • SHA256

    c859e7b6801f5b595b0aa77b3e03476888f0242044514af63c50f8fd8cb4eb26

  • SHA512

    092e52498e19b844e7d877c5795c3e2d1a2e2f72e97f9b5978abcb3da7299308108de896f130c5dba6c382df31ecf14b3fc798d26fca3b9ee05d73fe42fbf139

  • SSDEEP

    393216:pObYcuKh1Qg75KUy2ZVQbUHmoYPDWFesJ0CMPIjpmUv4GTMeG6jHvSCeEWHtGvnY:kuKhCg7sjIC0PKWFesax8uGQeHjHvSzR

Malware Config

Targets

    • Target

      MrsMajor2.0.exe

    • Size

      25.6MB

    • MD5

      247a35851fdee53a1696715d67bd0905

    • SHA1

      d2e86020e1d48e527e81e550f06c651328bd58a4

    • SHA256

      5dd4ea169cabf9226f54bb53e63ea6a1b5880a0d1222242aee378efb6255b57d

    • SHA512

      a173801aaef4fab608d99b52223b5b2400d69b91edcbf33c21fcb47bd832eef9d771dfd36da350a502a371ed1739c869a7c2b4dca456c93f2feed9ac9c647c7c

    • SSDEEP

      786432:7VQ4fX8siQIZwastE9oGH5UcnaAVBmn163+L2:7ywXwdwRQo2O1L2

    • Modifies WinLogon for persistence

    • UAC bypass

    • Disables RegEdit via registry modification

    • Disables Task Manager via registry modification

    • Possible privilege escalation attempt

    • Executes dropped EXE

    • Modifies file permissions

    • Modifies system executable filetype association

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks