General
-
Target
b3bcd4e5c084150f37c03f8a4cc9ce9693d246314bfb2d58f279a910cdaa46a0
-
Size
3.4MB
-
Sample
240527-b6r1mscg95
-
MD5
0f51ec7c96b3aea6bc92fccf6d35d33a
-
SHA1
23fbc7da031821c92a3b10d27af83659e2732bef
-
SHA256
b3bcd4e5c084150f37c03f8a4cc9ce9693d246314bfb2d58f279a910cdaa46a0
-
SHA512
8093fabed75e1932a83d9ee6b26ac2d63d26ebc447cb4334727585a4b0c70689634317acb92ee9a090175cc56079b1babef5aa5969077d27e5ada5bf127b7f3f
-
SSDEEP
49152:t7Zi5hu7I/BzfK/ZHg1pHtOUYqP3CFOrtG/RR9sXafgkDFMVR9C1UhPJXMK701hi:NI5ht/BzfKW1t0xOouBiCV2Hw
Malware Config
Targets
-
-
Target
b3bcd4e5c084150f37c03f8a4cc9ce9693d246314bfb2d58f279a910cdaa46a0
-
Size
3.4MB
-
MD5
0f51ec7c96b3aea6bc92fccf6d35d33a
-
SHA1
23fbc7da031821c92a3b10d27af83659e2732bef
-
SHA256
b3bcd4e5c084150f37c03f8a4cc9ce9693d246314bfb2d58f279a910cdaa46a0
-
SHA512
8093fabed75e1932a83d9ee6b26ac2d63d26ebc447cb4334727585a4b0c70689634317acb92ee9a090175cc56079b1babef5aa5969077d27e5ada5bf127b7f3f
-
SSDEEP
49152:t7Zi5hu7I/BzfK/ZHg1pHtOUYqP3CFOrtG/RR9sXafgkDFMVR9C1UhPJXMK701hi:NI5ht/BzfKW1t0xOouBiCV2Hw
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks for any installed AV software in registry
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1