General

  • Target

    view

  • Size

    83KB

  • Sample

    240412-jzqs1aca41

  • MD5

    b6bba6942cf456eae055f49baf661162

  • SHA1

    c3d3b1c9fb4b63ac5bb5bd739bb22773c21ffb2c

  • SHA256

    83e73f0246e0ac8483c91d62eb5b0470cf30f66cf3fe29c82512a43fed42d6f8

  • SHA512

    960fda042c97a7b90452d06b264bc4a1e7b2fdab6c7a5c1e5a7e098f753ac17dbbb80d89734109cfbc97671703753c21b038f0655cccf2d49cae0f0c3e7c81bf

  • SSDEEP

    1536:RoqeXZVWKyYFiOOCV8Y1u34bHwCPeAjW9+15RTv:yDGGsqTv

Score
7/10

Malware Config

Targets

    • Target

      view

    • Size

      83KB

    • MD5

      b6bba6942cf456eae055f49baf661162

    • SHA1

      c3d3b1c9fb4b63ac5bb5bd739bb22773c21ffb2c

    • SHA256

      83e73f0246e0ac8483c91d62eb5b0470cf30f66cf3fe29c82512a43fed42d6f8

    • SHA512

      960fda042c97a7b90452d06b264bc4a1e7b2fdab6c7a5c1e5a7e098f753ac17dbbb80d89734109cfbc97671703753c21b038f0655cccf2d49cae0f0c3e7c81bf

    • SSDEEP

      1536:RoqeXZVWKyYFiOOCV8Y1u34bHwCPeAjW9+15RTv:yDGGsqTv

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

    • Themida packer

      Detects Themida, an advanced Windows software protection system.

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks