General
-
Target
malwaredatabase-old
-
Size
452KB
-
Sample
240328-vmcw6abc71
-
MD5
b6178c310cfa71e67f3acb4cf9ab1a37
-
SHA1
b21fd431c78584f3f151a460600c3f23fc7ccb53
-
SHA256
401c1e7e98850e1ebfed464a0cf4c1030219bddcf722aae49b7614c8089c6c9c
-
SHA512
57cdf8510ff3f26b40ee6734b62d42bdadfebcd9847fa58b01e434361fa413a822831f96a78119ef99243fed1caa7b970380920f90d595933ffa86ad08a90bd1
-
SSDEEP
12288:SfOLVSgE29xxspm0n1vuz3h97vZJT3CqQrhryfQNRPaCieMjdvCJv1Vi0ZVtqPhk:Sf/PnD
Static task
static1
Behavioral task
behavioral1
Sample
malwaredatabase-old
Resource
win10-20240221-en
Malware Config
Targets
-
-
Target
malwaredatabase-old
-
Size
452KB
-
MD5
b6178c310cfa71e67f3acb4cf9ab1a37
-
SHA1
b21fd431c78584f3f151a460600c3f23fc7ccb53
-
SHA256
401c1e7e98850e1ebfed464a0cf4c1030219bddcf722aae49b7614c8089c6c9c
-
SHA512
57cdf8510ff3f26b40ee6734b62d42bdadfebcd9847fa58b01e434361fa413a822831f96a78119ef99243fed1caa7b970380920f90d595933ffa86ad08a90bd1
-
SSDEEP
12288:SfOLVSgE29xxspm0n1vuz3h97vZJT3CqQrhryfQNRPaCieMjdvCJv1Vi0ZVtqPhk:Sf/PnD
Score10/10-
Disables Task Manager via registry modification
-
Downloads MZ/PE file
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Sets desktop wallpaper using registry
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1