General
-
Target
e11b07de217fd3393260f882361ec1a7
-
Size
288KB
-
Sample
240327-h7xe3sad4s
-
MD5
e11b07de217fd3393260f882361ec1a7
-
SHA1
b1ecd38e2e1911986a8b5ac3aaa627925161ac8d
-
SHA256
7cd00e06d5562d0fe748c83413fc3374f7b6a4d10e1d32f9df8c7c6e4d7a71bc
-
SHA512
cf29a20f2a1c8d4495b30d02144260c2ae80db824973b2140eb3efd30ea31fa217525edcea41ba4a560ac1fefebfc98dc8f8bf9fb975b11abcf35a6ed407e3c3
-
SSDEEP
6144:xX8JXHMQUXu+9qjCTWeqKas8hiAHlkyvbhA5qLXtE8VZP6lnrlZdgpP:uBM7u+xWEAyeAGy8V168P
Static task
static1
Behavioral task
behavioral1
Sample
e11b07de217fd3393260f882361ec1a7.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
e11b07de217fd3393260f882361ec1a7.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
e11b07de217fd3393260f882361ec1a7
-
Size
288KB
-
MD5
e11b07de217fd3393260f882361ec1a7
-
SHA1
b1ecd38e2e1911986a8b5ac3aaa627925161ac8d
-
SHA256
7cd00e06d5562d0fe748c83413fc3374f7b6a4d10e1d32f9df8c7c6e4d7a71bc
-
SHA512
cf29a20f2a1c8d4495b30d02144260c2ae80db824973b2140eb3efd30ea31fa217525edcea41ba4a560ac1fefebfc98dc8f8bf9fb975b11abcf35a6ed407e3c3
-
SSDEEP
6144:xX8JXHMQUXu+9qjCTWeqKas8hiAHlkyvbhA5qLXtE8VZP6lnrlZdgpP:uBM7u+xWEAyeAGy8V168P
-
Modifies security service
-
Disables taskbar notifications via registry modification
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Privilege Escalation
Create or Modify System Process
1Windows Service
1Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2