General
-
Target
OperaSetup.exe
-
Size
5.1MB
-
Sample
240426-27nbysea83
-
MD5
7cb2c11c1433f6560439cfb41bc28a3b
-
SHA1
7380a1eeec6717167710db3384c6fcbabe3ded8a
-
SHA256
1bac804e989cca3a8776d0241a45d2175df95a255a144121e60626cb0dd0dce8
-
SHA512
effdd3f8ea4acaae9bd3faaa004e468411037f28f63a21668c6b7de6e3f62629aa5ebd040b1d15b9cb44f5a88ddb0cb5d649e4b7b4f44bf031a5279c3b664ba5
-
SSDEEP
98304:90NFI6666666666666666666666666666666x666666666666666fwwwwwwwwwwG:PPMki6zio75L3pf3dedO4keCIwkoYbgm
Static task
static1
Behavioral task
behavioral1
Sample
OperaSetup.exe
Resource
win10v2004-20240426-en
Malware Config
Targets
-
-
Target
OperaSetup.exe
-
Size
5.1MB
-
MD5
7cb2c11c1433f6560439cfb41bc28a3b
-
SHA1
7380a1eeec6717167710db3384c6fcbabe3ded8a
-
SHA256
1bac804e989cca3a8776d0241a45d2175df95a255a144121e60626cb0dd0dce8
-
SHA512
effdd3f8ea4acaae9bd3faaa004e468411037f28f63a21668c6b7de6e3f62629aa5ebd040b1d15b9cb44f5a88ddb0cb5d649e4b7b4f44bf031a5279c3b664ba5
-
SSDEEP
98304:90NFI6666666666666666666666666666666x666666666666666fwwwwwwwwwwG:PPMki6zio75L3pf3dedO4keCIwkoYbgm
Score9/10-
Modifies boot configuration data using bcdedit
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Legitimate hosting services abused for malware hosting/C2
-
MITRE ATT&CK Matrix ATT&CK v13
Defense Evasion
File and Directory Permissions Modification
1Impair Defenses
1Disable or Modify Tools
1Modify Registry
2Subvert Trust Controls
1Install Root Certificate
1