General

  • Target

    TLauncher.exe

  • Size

    8.9MB

  • Sample

    240428-s7mkzsba88

  • MD5

    505731086d2f448e68c025a7003efe00

  • SHA1

    e8358cf87df55712a7b6998d1816e94b57f3b7c1

  • SHA256

    978dfe8f0fbb57398366e2302055b58fa641258f53db6909fca2b5a1e87ff3c5

  • SHA512

    856ad2f0caa72c15b20831c7e1d8917329907381e1e95ce470ff3592755804cc17cd507c105d49fdecbc418a2c3f2b01e1be2ce15dc981aeb7f39ce2889cb4d4

  • SSDEEP

    196608:vRAQAHQHWFm5kAiFWnuf6J/+Ift24xJN+vwvasDU6sU0s:LUn6nDJ/+v4xJprUB4

Malware Config

Targets

    • Target

      TLauncher.exe

    • Size

      8.9MB

    • MD5

      505731086d2f448e68c025a7003efe00

    • SHA1

      e8358cf87df55712a7b6998d1816e94b57f3b7c1

    • SHA256

      978dfe8f0fbb57398366e2302055b58fa641258f53db6909fca2b5a1e87ff3c5

    • SHA512

      856ad2f0caa72c15b20831c7e1d8917329907381e1e95ce470ff3592755804cc17cd507c105d49fdecbc418a2c3f2b01e1be2ce15dc981aeb7f39ce2889cb4d4

    • SSDEEP

      196608:vRAQAHQHWFm5kAiFWnuf6J/+Ift24xJN+vwvasDU6sU0s:LUn6nDJ/+v4xJprUB4

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

    • Registers COM server for autorun

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks