General

  • Target

    sample

  • Size

    81KB

  • Sample

    240404-pxkrvsfh4t

  • MD5

    aa347d449610de497065ebc3f6f224c9

  • SHA1

    656ea8f823c5f2a720f5a943ca80fb6dad6b410d

  • SHA256

    de1151786574f3252a8c9865635de87d821cd01dc8e8594e1736d39ba3ebef59

  • SHA512

    fd61a64fe8cc370b8944176b2e67c39dec67daef7bf36b9208706aa83565db0017105bef5ecbb835388148dabef2e9a83f43d4408a439d3e1e339ed06d0908c7

  • SSDEEP

    1536:rqcEYq4NOFYl80Q1A8KQkeSVN0NtsxZclXOo:+cEYqmO0Q1qmT

Malware Config

Targets

    • Target

      sample

    • Size

      81KB

    • MD5

      aa347d449610de497065ebc3f6f224c9

    • SHA1

      656ea8f823c5f2a720f5a943ca80fb6dad6b410d

    • SHA256

      de1151786574f3252a8c9865635de87d821cd01dc8e8594e1736d39ba3ebef59

    • SHA512

      fd61a64fe8cc370b8944176b2e67c39dec67daef7bf36b9208706aa83565db0017105bef5ecbb835388148dabef2e9a83f43d4408a439d3e1e339ed06d0908c7

    • SSDEEP

      1536:rqcEYq4NOFYl80Q1A8KQkeSVN0NtsxZclXOo:+cEYqmO0Q1qmT

    • Downloads MZ/PE file

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks