General

  • Target

    jre-7-windows-x64.exe

  • Size

    20.3MB

  • Sample

    240322-r7mqbafb2z

  • MD5

    fad81d5c5ab9657cf469a84660602387

  • SHA1

    f0957d48fc9fb27f86f784b33549e90905640595

  • SHA256

    48bcc7986670ec7c4b66d813759b1cc463e5d3aa063a6ec730692f4a97da59ee

  • SHA512

    8553456df231d9ebc85fc2eb787bf71a5a8a77cc0f6e29efc8d8b009e85550a29f4f565cf86e82fc5231aa4bcff35b1020336665d807d6120f86a126f20ce5df

  • SSDEEP

    393216:JiVHmSlH/eOVLTawl/Npr8sTfh2nR23H9cus0YDn0z10yGti:JiVplfJeqxfhjX9cu6bZi

Malware Config

Targets

    • Target

      jre-7-windows-x64.exe

    • Size

      20.3MB

    • MD5

      fad81d5c5ab9657cf469a84660602387

    • SHA1

      f0957d48fc9fb27f86f784b33549e90905640595

    • SHA256

      48bcc7986670ec7c4b66d813759b1cc463e5d3aa063a6ec730692f4a97da59ee

    • SHA512

      8553456df231d9ebc85fc2eb787bf71a5a8a77cc0f6e29efc8d8b009e85550a29f4f565cf86e82fc5231aa4bcff35b1020336665d807d6120f86a126f20ce5df

    • SSDEEP

      393216:JiVHmSlH/eOVLTawl/Npr8sTfh2nR23H9cus0YDn0z10yGti:JiVplfJeqxfhjX9cu6bZi

    • Modifies Installed Components in the registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks