General
-
Target
MBSetup.exe
-
Size
2.5MB
-
Sample
240427-zfs21sgd4v
-
MD5
b6d8b7e6f74196f62caba2ca77a7ae91
-
SHA1
6ac9c99f084b5772440e2f135b8d5365f7f45314
-
SHA256
74b0bf9c17091ab1c6c61af0aefbc599f1ecc0fff6dee0144a3dfd5cd1f5e18f
-
SHA512
ad58bc7b626a13606e3f44df7188b2420e0f31ecb55632eac4b6a05dc1574f1ec1b0ef6b52e11832713c6f8f91c807fe3a815699d0748284993ecc54f2823044
-
SSDEEP
49152:/5wZat2ranBQjvaq/Gtl8StQyfvE0Z3R0nxiIq2ddBzOnX:/5wZauUBQjvL0SKtQRq2cnX
Static task
static1
Behavioral task
behavioral1
Sample
MBSetup.exe
Resource
win10v2004-20240419-en
Malware Config
Targets
-
-
Target
MBSetup.exe
-
Size
2.5MB
-
MD5
b6d8b7e6f74196f62caba2ca77a7ae91
-
SHA1
6ac9c99f084b5772440e2f135b8d5365f7f45314
-
SHA256
74b0bf9c17091ab1c6c61af0aefbc599f1ecc0fff6dee0144a3dfd5cd1f5e18f
-
SHA512
ad58bc7b626a13606e3f44df7188b2420e0f31ecb55632eac4b6a05dc1574f1ec1b0ef6b52e11832713c6f8f91c807fe3a815699d0748284993ecc54f2823044
-
SSDEEP
49152:/5wZat2ranBQjvaq/Gtl8StQyfvE0Z3R0nxiIq2ddBzOnX:/5wZauUBQjvL0SKtQRq2cnX
Score10/10-
Adds autorun key to be loaded by Explorer.exe on startup
-
Drops file in Drivers directory
-
Manipulates Digital Signatures
Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Adds Run key to start application
-
Modifies Installed Components in the registry
-
Sets file execution options in registry
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
5Registry Run Keys / Startup Folder
5Browser Extensions
1Event Triggered Execution
1Change Default File Association
1Privilege Escalation
Boot or Logon Autostart Execution
5Registry Run Keys / Startup Folder
5Event Triggered Execution
1Change Default File Association
1