General
-
Target
c8a07afa28063eca5500fe7a6be8d3da
-
Size
3.6MB
-
Sample
240314-prjbvacb2s
-
MD5
c8a07afa28063eca5500fe7a6be8d3da
-
SHA1
a53b813a2059e6f756221ae4e1ed78a625f45fd7
-
SHA256
1d32a325b6330329374bfb6dc894d89a6b59b807ea227204dd7e1fa7b1690f5e
-
SHA512
1df7b3a8f187b0e71fc19e95b016274a6f3665e79f0c8900b6dea4986e3ed2c00a4d16c96e47a973aa6e718d85aaf7b48769a3beef8b7c53b3db084f793ab382
-
SSDEEP
98304:w3e3/BoEA8rTfZN2fbJoUVGwSdOIoFo0fy1RV/7MlQbJH:4UC77tGwjFFoJRVT7H
Malware Config
Targets
-
-
Target
c8a07afa28063eca5500fe7a6be8d3da
-
Size
3.6MB
-
MD5
c8a07afa28063eca5500fe7a6be8d3da
-
SHA1
a53b813a2059e6f756221ae4e1ed78a625f45fd7
-
SHA256
1d32a325b6330329374bfb6dc894d89a6b59b807ea227204dd7e1fa7b1690f5e
-
SHA512
1df7b3a8f187b0e71fc19e95b016274a6f3665e79f0c8900b6dea4986e3ed2c00a4d16c96e47a973aa6e718d85aaf7b48769a3beef8b7c53b3db084f793ab382
-
SSDEEP
98304:w3e3/BoEA8rTfZN2fbJoUVGwSdOIoFo0fy1RV/7MlQbJH:4UC77tGwjFFoJRVT7H
Score8/10-
Modifies Windows Firewall
-
Stops running service(s)
-
Uses Session Manager for persistence
Creates Session Manager registry key to run executable early in system boot.
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
2Windows Service
2Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Create or Modify System Process
2Windows Service
2Scheduled Task/Job
1