General

  • Target

    cbf13f442677b2d57e6085be216ef25fa9b492cb875870bf2a5d82600a71a5df

  • Size

    65KB

  • Sample

    240526-dja5qadc69

  • MD5

    0489acee8aca67f5373d8bd06293da17

  • SHA1

    92364cdb8d00d924d98978bf5b6ba39e4bc82150

  • SHA256

    cbf13f442677b2d57e6085be216ef25fa9b492cb875870bf2a5d82600a71a5df

  • SHA512

    c094bd7980612a68cf4638341f0a2470b4217db791b024ac2ff10badb43b724f85a5f40e68e3f91b28e5bd5cb9120eda6f85a78262887302476fabc868824207

  • SSDEEP

    768:jIUVBlygDmHUMc+WqDdYPTY4MtzPCx/na9mV6I3m6+SZAOp7hC3R4ox:jnygDiUiqPEtbm9Z5p7h0b

Malware Config

Targets

    • Target

      cbf13f442677b2d57e6085be216ef25fa9b492cb875870bf2a5d82600a71a5df

    • Size

      65KB

    • MD5

      0489acee8aca67f5373d8bd06293da17

    • SHA1

      92364cdb8d00d924d98978bf5b6ba39e4bc82150

    • SHA256

      cbf13f442677b2d57e6085be216ef25fa9b492cb875870bf2a5d82600a71a5df

    • SHA512

      c094bd7980612a68cf4638341f0a2470b4217db791b024ac2ff10badb43b724f85a5f40e68e3f91b28e5bd5cb9120eda6f85a78262887302476fabc868824207

    • SSDEEP

      768:jIUVBlygDmHUMc+WqDdYPTY4MtzPCx/na9mV6I3m6+SZAOp7hC3R4ox:jnygDiUiqPEtbm9Z5p7h0b

    • Windows security bypass

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Windows security modification

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks