General
-
Target
6e156b26c265f81495405d28a1a0be5241e30aa2ed3af2b00ad34c5a39b8a45a
-
Size
3.6MB
-
Sample
240525-2w46bsec44
-
MD5
52d149f49e5c00a7ffc5d63186b367cc
-
SHA1
4232aa590ae0dab80ea9a8a5d0caf30f51a6248e
-
SHA256
6e156b26c265f81495405d28a1a0be5241e30aa2ed3af2b00ad34c5a39b8a45a
-
SHA512
2e38901afa81af5ca3363d039815f37eac7e919bb2407694ecfc1f7f01e364c6267ea22e5552843cec3432cf76c8092352b0816eb1e2b1d6d2e8a6b4dd1a503a
-
SSDEEP
98304:UdByXcdnlLwOrI5Vfeg91hZOhkRpsinjv:Udien+OrFuBR6cv
Static task
static1
Behavioral task
behavioral1
Sample
6e156b26c265f81495405d28a1a0be5241e30aa2ed3af2b00ad34c5a39b8a45a.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
6e156b26c265f81495405d28a1a0be5241e30aa2ed3af2b00ad34c5a39b8a45a.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
6e156b26c265f81495405d28a1a0be5241e30aa2ed3af2b00ad34c5a39b8a45a
-
Size
3.6MB
-
MD5
52d149f49e5c00a7ffc5d63186b367cc
-
SHA1
4232aa590ae0dab80ea9a8a5d0caf30f51a6248e
-
SHA256
6e156b26c265f81495405d28a1a0be5241e30aa2ed3af2b00ad34c5a39b8a45a
-
SHA512
2e38901afa81af5ca3363d039815f37eac7e919bb2407694ecfc1f7f01e364c6267ea22e5552843cec3432cf76c8092352b0816eb1e2b1d6d2e8a6b4dd1a503a
-
SSDEEP
98304:UdByXcdnlLwOrI5Vfeg91hZOhkRpsinjv:Udien+OrFuBR6cv
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1