General

  • Target

    test.html

  • Size

    1KB

  • Sample

    240522-wa6t5sag83

  • MD5

    a3e921a77c95bd00ae71e4fc825e85b8

  • SHA1

    fdde8701472838752c78e2086a1d0634283cb6b7

  • SHA256

    3af410143ecaa06d537a0b35f1682efa49e12100c551286bbc951b1ff1bf1cf5

  • SHA512

    91db10d078aa520247e518db6b371d86e4ccdaba7ce4922c6fbd2f831c44b475e0617c1827a5981befba5a372ed7df5055e297544c7204ec9094f8d0b6948a85

Malware Config

Targets

    • Target

      test.html

    • Size

      1KB

    • MD5

      a3e921a77c95bd00ae71e4fc825e85b8

    • SHA1

      fdde8701472838752c78e2086a1d0634283cb6b7

    • SHA256

      3af410143ecaa06d537a0b35f1682efa49e12100c551286bbc951b1ff1bf1cf5

    • SHA512

      91db10d078aa520247e518db6b371d86e4ccdaba7ce4922c6fbd2f831c44b475e0617c1827a5981befba5a372ed7df5055e297544c7204ec9094f8d0b6948a85

    • Downloads MZ/PE file

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks