General
-
Target
checking_v15.exe
-
Size
9.7MB
-
Sample
240323-tk2l3ahd76
-
MD5
9f219eb0d3e15f7c34b3c8c712e57299
-
SHA1
e821fb4c40e9f5dc0f535da97e1a4ed2842b14b8
-
SHA256
7fbacb03769bbe4bd800c97f330682ef7cb43d63a31a370da2a93f579d0831cf
-
SHA512
6fc56f4cae5cedfcafed2e6b26edc8325e5b29b7eeff4f72843a3be494906246eade8339d0bfad1f4d045e27e6b420ccaeb363470f3de0d727e4cf5cd19dbe75
-
SSDEEP
196608:wwoMmD0FCbiy6moAOshoKMuIkhVJstRL5Di6nVJSGM1PJkVXyRVl:Lo9D5biy3/OshouIkPqtRL5xVJ03eyRz
Malware Config
Targets
-
-
Target
checking_v15.exe
-
Size
9.7MB
-
MD5
9f219eb0d3e15f7c34b3c8c712e57299
-
SHA1
e821fb4c40e9f5dc0f535da97e1a4ed2842b14b8
-
SHA256
7fbacb03769bbe4bd800c97f330682ef7cb43d63a31a370da2a93f579d0831cf
-
SHA512
6fc56f4cae5cedfcafed2e6b26edc8325e5b29b7eeff4f72843a3be494906246eade8339d0bfad1f4d045e27e6b420ccaeb363470f3de0d727e4cf5cd19dbe75
-
SSDEEP
196608:wwoMmD0FCbiy6moAOshoKMuIkhVJstRL5Di6nVJSGM1PJkVXyRVl:Lo9D5biy3/OshouIkPqtRL5xVJ03eyRz
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Browser Extensions
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2