General

  • Target

    5065aa805d2e1b4ee3166269dcf627abe6156198145445e346ae6be07a5dd2fd

  • Size

    480KB

  • Sample

    240525-1fby6sbc2t

  • MD5

    5dcc7ecefe457322632d1036592e8001

  • SHA1

    befa0edc98aea5cdada21b8bb149450b3d6bdeb3

  • SHA256

    5065aa805d2e1b4ee3166269dcf627abe6156198145445e346ae6be07a5dd2fd

  • SHA512

    495193cf89184779bdc2d16fcc9e5540d4498edba50a23bbc7a74c136999f54c805281914a909aec76c37e2962ff6798c387687004b374921f0dd6094b1a0b98

  • SSDEEP

    6144:pjFRiOcXH6XWD0w1tizmtnktLJ6znvxNcCI+1jDIlnJ9+1aTEPTnOK4JKElDnN:nRDc3yWDNU+YUznzNjElWaT07NQtDN

Score
10/10

Malware Config

Targets

    • Target

      5065aa805d2e1b4ee3166269dcf627abe6156198145445e346ae6be07a5dd2fd

    • Size

      480KB

    • MD5

      5dcc7ecefe457322632d1036592e8001

    • SHA1

      befa0edc98aea5cdada21b8bb149450b3d6bdeb3

    • SHA256

      5065aa805d2e1b4ee3166269dcf627abe6156198145445e346ae6be07a5dd2fd

    • SHA512

      495193cf89184779bdc2d16fcc9e5540d4498edba50a23bbc7a74c136999f54c805281914a909aec76c37e2962ff6798c387687004b374921f0dd6094b1a0b98

    • SSDEEP

      6144:pjFRiOcXH6XWD0w1tizmtnktLJ6znvxNcCI+1jDIlnJ9+1aTEPTnOK4JKElDnN:nRDc3yWDNU+YUznzNjElWaT07NQtDN

    Score
    10/10
    • Modifies firewall policy service

    • Adds policy Run key to start application

    • Sets service image path in registry

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks