General

  • Target

    c1a98677e5010170ae3dc09d4c2108cf8abbc2016874b73a37d2322ff2d84e88

  • Size

    3.6MB

  • Sample

    240526-c39a7acf43

  • MD5

    1badab25d0555b2b8100daa1529a6eac

  • SHA1

    ef4919f4d6f5cf7123e1632bf92cdbeab93a0437

  • SHA256

    c1a98677e5010170ae3dc09d4c2108cf8abbc2016874b73a37d2322ff2d84e88

  • SHA512

    798957e9f0a2201cfc813c02d52792a694ed6b687792cdcd37101f757a55a26c01676cce6799b3ccc01d597028fbabdf03e77c92b28ce988785aaecfa32f5671

  • SSDEEP

    98304:ddByXcdnlLwOrI5Vfeg91hZOhkRpsinjO:ddien+OrFuBR6cO

Score
10/10

Malware Config

Targets

    • Target

      c1a98677e5010170ae3dc09d4c2108cf8abbc2016874b73a37d2322ff2d84e88

    • Size

      3.6MB

    • MD5

      1badab25d0555b2b8100daa1529a6eac

    • SHA1

      ef4919f4d6f5cf7123e1632bf92cdbeab93a0437

    • SHA256

      c1a98677e5010170ae3dc09d4c2108cf8abbc2016874b73a37d2322ff2d84e88

    • SHA512

      798957e9f0a2201cfc813c02d52792a694ed6b687792cdcd37101f757a55a26c01676cce6799b3ccc01d597028fbabdf03e77c92b28ce988785aaecfa32f5671

    • SSDEEP

      98304:ddByXcdnlLwOrI5Vfeg91hZOhkRpsinjO:ddien+OrFuBR6cO

    Score
    10/10
    • Modifies visiblity of hidden/system files in Explorer

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks