General

  • Target

    Java_Runtime_Environment_(32bit)_v8_Update_51.exe

  • Size

    35.6MB

  • Sample

    240428-rqhd9shf57

  • MD5

    8f061e42a33d2017af3f0f7d5245d4eb

  • SHA1

    e0e42aaeedbb77a19809004a576496dcdcf99ed5

  • SHA256

    59b134a5e245582cf832732bca256a3c39b50d81ace3e2c6b37c71dfba99e077

  • SHA512

    41279f05588bda2627677402aa4e56af4eeb6c92c9804f8e5e092daa21868649ad29d64efe9059e150b29a01a8510e27781833c23d3e02d81323524d2971e1b6

  • SSDEEP

    786432:xAP94qj9fGRpAJkolSM03oq8D80oz96O4oUTXM6ioA+hxsQdmPEU5gCzL:xZqjIpANWY989zAoUOozuQd+xL

Malware Config

Targets

    • Target

      Java_Runtime_Environment_(32bit)_v8_Update_51.exe

    • Size

      35.6MB

    • MD5

      8f061e42a33d2017af3f0f7d5245d4eb

    • SHA1

      e0e42aaeedbb77a19809004a576496dcdcf99ed5

    • SHA256

      59b134a5e245582cf832732bca256a3c39b50d81ace3e2c6b37c71dfba99e077

    • SHA512

      41279f05588bda2627677402aa4e56af4eeb6c92c9804f8e5e092daa21868649ad29d64efe9059e150b29a01a8510e27781833c23d3e02d81323524d2971e1b6

    • SSDEEP

      786432:xAP94qj9fGRpAJkolSM03oq8D80oz96O4oUTXM6ioA+hxsQdmPEU5gCzL:xZqjIpANWY989zAoUOozuQd+xL

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Blocklisted process makes network request

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks