Resubmissions

23-05-2024 08:59

240523-kxqwnabd7s 7

23-05-2024 08:47

240523-kqa7mabb9z 10

General

  • Target

    ERICA-2.0.225-setup.exe

  • Size

    88.1MB

  • Sample

    240523-kqa7mabb9z

  • MD5

    abd8206a60f21b728d9b5fdcb6659b7d

  • SHA1

    a1baf5dd7880d0e0f197dfce759d3303a3e1056f

  • SHA256

    18aff447c435b8c8d88d2758720a8936eac149eeb3b2527e00f94b9c2d2df60e

  • SHA512

    b55a1af986dffcd8a507c4ccad974f8319be07204568e5ecc2506efa3bbcefa5b9d66bb7465ee6a0934c43ac9da8794be5e65f6083d43cad1bc282f959872b34

  • SSDEEP

    1572864:iMoxt6r5rKwtwrIdLGINdaktrhUMcc0fe0GHq+g/KYa7KHKYEAY1aat8HP:ipxt6VrzCINdPtrHluqq+g/KYrHKt1HY

Malware Config

Targets

    • Target

      ERICA-2.0.225-setup.exe

    • Size

      88.1MB

    • MD5

      abd8206a60f21b728d9b5fdcb6659b7d

    • SHA1

      a1baf5dd7880d0e0f197dfce759d3303a3e1056f

    • SHA256

      18aff447c435b8c8d88d2758720a8936eac149eeb3b2527e00f94b9c2d2df60e

    • SHA512

      b55a1af986dffcd8a507c4ccad974f8319be07204568e5ecc2506efa3bbcefa5b9d66bb7465ee6a0934c43ac9da8794be5e65f6083d43cad1bc282f959872b34

    • SSDEEP

      1572864:iMoxt6r5rKwtwrIdLGINdaktrhUMcc0fe0GHq+g/KYa7KHKYEAY1aat8HP:ipxt6VrzCINdPtrHluqq+g/KYrHKt1HY

    • Suspicious use of NtCreateProcessExOtherParentProcess

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks