General

  • Target

    6e156b26c265f81495405d28a1a0be5241e30aa2ed3af2b00ad34c5a39b8a45a

  • Size

    3.6MB

  • Sample

    240525-2w46bsec44

  • MD5

    52d149f49e5c00a7ffc5d63186b367cc

  • SHA1

    4232aa590ae0dab80ea9a8a5d0caf30f51a6248e

  • SHA256

    6e156b26c265f81495405d28a1a0be5241e30aa2ed3af2b00ad34c5a39b8a45a

  • SHA512

    2e38901afa81af5ca3363d039815f37eac7e919bb2407694ecfc1f7f01e364c6267ea22e5552843cec3432cf76c8092352b0816eb1e2b1d6d2e8a6b4dd1a503a

  • SSDEEP

    98304:UdByXcdnlLwOrI5Vfeg91hZOhkRpsinjv:Udien+OrFuBR6cv

Score
10/10

Malware Config

Targets

    • Target

      6e156b26c265f81495405d28a1a0be5241e30aa2ed3af2b00ad34c5a39b8a45a

    • Size

      3.6MB

    • MD5

      52d149f49e5c00a7ffc5d63186b367cc

    • SHA1

      4232aa590ae0dab80ea9a8a5d0caf30f51a6248e

    • SHA256

      6e156b26c265f81495405d28a1a0be5241e30aa2ed3af2b00ad34c5a39b8a45a

    • SHA512

      2e38901afa81af5ca3363d039815f37eac7e919bb2407694ecfc1f7f01e364c6267ea22e5552843cec3432cf76c8092352b0816eb1e2b1d6d2e8a6b4dd1a503a

    • SSDEEP

      98304:UdByXcdnlLwOrI5Vfeg91hZOhkRpsinjv:Udien+OrFuBR6cv

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks