General

  • Target

    myproject.exe

  • Size

    8.5MB

  • Sample

    240522-r17rxaef9y

  • MD5

    b1c9915350548c5412418b00608c6834

  • SHA1

    f07b6d060b352179ff528a1e905c88b6894b5c88

  • SHA256

    145ebf3ca4c85cd024ff94f8df61e11d97e21092776796fe4c953fe15c566dc9

  • SHA512

    83097a6b41350a040c7fd486679f4780e428b17b46468f9d8612ea62f28c76d30bbcbb2cecccd2de91ecd3378c32efbf76537b3e9f2fb46b825db51c5e5fc510

  • SSDEEP

    49152:GBCl/d5JcSY2e28mLayjTDQXi4jI0JV8sFJnH4sGKvujxtZN+LuXBpej7KX5ErgW:vTKZC3QzusF5aV2ie0Er5DHxE0r

Malware Config

Targets

    • Target

      myproject.exe

    • Size

      8.5MB

    • MD5

      b1c9915350548c5412418b00608c6834

    • SHA1

      f07b6d060b352179ff528a1e905c88b6894b5c88

    • SHA256

      145ebf3ca4c85cd024ff94f8df61e11d97e21092776796fe4c953fe15c566dc9

    • SHA512

      83097a6b41350a040c7fd486679f4780e428b17b46468f9d8612ea62f28c76d30bbcbb2cecccd2de91ecd3378c32efbf76537b3e9f2fb46b825db51c5e5fc510

    • SSDEEP

      49152:GBCl/d5JcSY2e28mLayjTDQXi4jI0JV8sFJnH4sGKvujxtZN+LuXBpej7KX5ErgW:vTKZC3QzusF5aV2ie0Er5DHxE0r

    • Downloads MZ/PE file

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks