Resubmissions

22-05-2024 22:30

240522-2e8gesbe22 8

22-05-2024 22:27

240522-2c5mrabc3z 8

General

  • Target

    Support.Client.exe

  • Size

    84KB

  • Sample

    240522-2c5mrabc3z

  • MD5

    77d5598838a91a3b31773f0203a5f430

  • SHA1

    95ce1a451278b3a6f9a7f4d7c5b1a091e33125ef

  • SHA256

    1a7788ccb3bf8bfdb822b1a955c3b64e6ff49956340eac63321be3f7a4f89b26

  • SHA512

    3f439bc8bc64fbbb706260fa55ffcbc406400fae855975de144afeff140a58c09320ec38456e78c03f5babfaa6d571ea059cc44323f36d63d82bc9ebe2280b40

  • SSDEEP

    1536:+azWlKzJVcNp++yQNS6xNNCT2l8NE8llbpTaCJRpsWr6cdaQTJSvYYS7Q8x5:yFNpo6rIKlUE8fbkqRfbaQlaYYS5

Score
8/10

Malware Config

Targets

    • Target

      Support.Client.exe

    • Size

      84KB

    • MD5

      77d5598838a91a3b31773f0203a5f430

    • SHA1

      95ce1a451278b3a6f9a7f4d7c5b1a091e33125ef

    • SHA256

      1a7788ccb3bf8bfdb822b1a955c3b64e6ff49956340eac63321be3f7a4f89b26

    • SHA512

      3f439bc8bc64fbbb706260fa55ffcbc406400fae855975de144afeff140a58c09320ec38456e78c03f5babfaa6d571ea059cc44323f36d63d82bc9ebe2280b40

    • SSDEEP

      1536:+azWlKzJVcNp++yQNS6xNNCT2l8NE8llbpTaCJRpsWr6cdaQTJSvYYS7Q8x5:yFNpo6rIKlUE8fbkqRfbaQlaYYS5

    Score
    8/10
    • Downloads MZ/PE file

    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • Sets service image path in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks