General

  • Target

    e2e7ded53edeb4d9b01c6c8073f1820df39ae8ed1e29204a64f67f739c0f6f5f

  • Size

    22KB

  • Sample

    240526-emsdvafa47

  • MD5

    2be528b4d2ddb4d37d4e916a334d030a

  • SHA1

    51510972d8d3a80b0c9f0fbed8b28cb9bbf17791

  • SHA256

    e2e7ded53edeb4d9b01c6c8073f1820df39ae8ed1e29204a64f67f739c0f6f5f

  • SHA512

    f8a8c40aab9c87c5842806c6025a97718f6479d130cdb55936aed384b22acb0031b5e1c2485bdc90dc5368ab0861623bc5f23009ce99c7c4c3bcac87df440d91

  • SSDEEP

    384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvX8Mb7a6c8j:rRkiLw3HsDSARGG/MMb7rcE

Malware Config

Targets

    • Target

      e2e7ded53edeb4d9b01c6c8073f1820df39ae8ed1e29204a64f67f739c0f6f5f

    • Size

      22KB

    • MD5

      2be528b4d2ddb4d37d4e916a334d030a

    • SHA1

      51510972d8d3a80b0c9f0fbed8b28cb9bbf17791

    • SHA256

      e2e7ded53edeb4d9b01c6c8073f1820df39ae8ed1e29204a64f67f739c0f6f5f

    • SHA512

      f8a8c40aab9c87c5842806c6025a97718f6479d130cdb55936aed384b22acb0031b5e1c2485bdc90dc5368ab0861623bc5f23009ce99c7c4c3bcac87df440d91

    • SSDEEP

      384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvX8Mb7a6c8j:rRkiLw3HsDSARGG/MMb7rcE

    • Windows security bypass

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Windows security modification

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks