General

  • Target

    1f144a203b184e91beaaddcd28f35272b3f86759799b36e1897c5e7120d21902

  • Size

    212KB

  • Sample

    240323-w277aadb7x

  • MD5

    37f2b960bfec3a8dfcf9dd2ba2419176

  • SHA1

    9a302b0cee4298ea53ee0f949bae133b80e7d63f

  • SHA256

    1f144a203b184e91beaaddcd28f35272b3f86759799b36e1897c5e7120d21902

  • SHA512

    7edccc3e2619c4c60b021666e67aca5a58c0c82f5253b9126e87ec1ee6251bfcc6776393d422d61dcb5c0204a6f8d4f8a8c4a56813aa0c22a5fabdb1e703729e

  • SSDEEP

    6144:avwFEWVn/nWv9Hgd0HNjp7J3yTSeaxCMBRIL:avcVnQWMj7J3AJgBM

Malware Config

Targets

    • Target

      1f144a203b184e91beaaddcd28f35272b3f86759799b36e1897c5e7120d21902

    • Size

      212KB

    • MD5

      37f2b960bfec3a8dfcf9dd2ba2419176

    • SHA1

      9a302b0cee4298ea53ee0f949bae133b80e7d63f

    • SHA256

      1f144a203b184e91beaaddcd28f35272b3f86759799b36e1897c5e7120d21902

    • SHA512

      7edccc3e2619c4c60b021666e67aca5a58c0c82f5253b9126e87ec1ee6251bfcc6776393d422d61dcb5c0204a6f8d4f8a8c4a56813aa0c22a5fabdb1e703729e

    • SSDEEP

      6144:avwFEWVn/nWv9Hgd0HNjp7J3yTSeaxCMBRIL:avcVnQWMj7J3AJgBM

    • UPX dump on OEP (original entry point)

    • Drops file in Drivers directory

    • Sets service image path in registry

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks