General
-
Target
5065aa805d2e1b4ee3166269dcf627abe6156198145445e346ae6be07a5dd2fd
-
Size
480KB
-
Sample
240525-1fby6sbc2t
-
MD5
5dcc7ecefe457322632d1036592e8001
-
SHA1
befa0edc98aea5cdada21b8bb149450b3d6bdeb3
-
SHA256
5065aa805d2e1b4ee3166269dcf627abe6156198145445e346ae6be07a5dd2fd
-
SHA512
495193cf89184779bdc2d16fcc9e5540d4498edba50a23bbc7a74c136999f54c805281914a909aec76c37e2962ff6798c387687004b374921f0dd6094b1a0b98
-
SSDEEP
6144:pjFRiOcXH6XWD0w1tizmtnktLJ6znvxNcCI+1jDIlnJ9+1aTEPTnOK4JKElDnN:nRDc3yWDNU+YUznzNjElWaT07NQtDN
Static task
static1
Behavioral task
behavioral1
Sample
5065aa805d2e1b4ee3166269dcf627abe6156198145445e346ae6be07a5dd2fd.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
5065aa805d2e1b4ee3166269dcf627abe6156198145445e346ae6be07a5dd2fd.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
5065aa805d2e1b4ee3166269dcf627abe6156198145445e346ae6be07a5dd2fd
-
Size
480KB
-
MD5
5dcc7ecefe457322632d1036592e8001
-
SHA1
befa0edc98aea5cdada21b8bb149450b3d6bdeb3
-
SHA256
5065aa805d2e1b4ee3166269dcf627abe6156198145445e346ae6be07a5dd2fd
-
SHA512
495193cf89184779bdc2d16fcc9e5540d4498edba50a23bbc7a74c136999f54c805281914a909aec76c37e2962ff6798c387687004b374921f0dd6094b1a0b98
-
SSDEEP
6144:pjFRiOcXH6XWD0w1tizmtnktLJ6znvxNcCI+1jDIlnJ9+1aTEPTnOK4JKElDnN:nRDc3yWDNU+YUznzNjElWaT07NQtDN
Score10/10-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Sets service image path in registry
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
3Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
3Create or Modify System Process
1Windows Service
1