General
-
Target
de8e57ce36c3b6d7a08e9d8291d64f34
-
Size
274KB
-
Sample
240325-v11kdaea88
-
MD5
de8e57ce36c3b6d7a08e9d8291d64f34
-
SHA1
eb9dc8c686c18c4d88bcbc74805cf73a4f760122
-
SHA256
c069224235b4f48f9835b50a00d791a0d2e98a34c2073b60a51aea2e1c9bfbd2
-
SHA512
59df4e64cf95770a4e64990f8346c9f9376fcfd31d2c8c3bca315683c70959b1a5f4c0f8d7e4a3d389e87bf384133c83b7c0b2ba68838bea9ba33fa572cd74ed
-
SSDEEP
6144:5dZ8oLDWKzjZcYrieLvzbNqWf2WeNR51WHhDxw2Qvgx4:7LpzjeWLfmRHMhDxw2n
Static task
static1
Behavioral task
behavioral1
Sample
de8e57ce36c3b6d7a08e9d8291d64f34.exe
Resource
win7-20240215-en
Malware Config
Targets
-
-
Target
de8e57ce36c3b6d7a08e9d8291d64f34
-
Size
274KB
-
MD5
de8e57ce36c3b6d7a08e9d8291d64f34
-
SHA1
eb9dc8c686c18c4d88bcbc74805cf73a4f760122
-
SHA256
c069224235b4f48f9835b50a00d791a0d2e98a34c2073b60a51aea2e1c9bfbd2
-
SHA512
59df4e64cf95770a4e64990f8346c9f9376fcfd31d2c8c3bca315683c70959b1a5f4c0f8d7e4a3d389e87bf384133c83b7c0b2ba68838bea9ba33fa572cd74ed
-
SSDEEP
6144:5dZ8oLDWKzjZcYrieLvzbNqWf2WeNR51WHhDxw2Qvgx4:7LpzjeWLfmRHMhDxw2n
-
Modifies security service
-
Disables taskbar notifications via registry modification
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2