General

  • Target

    loader.exe

  • Size

    8.4MB

  • Sample

    240529-sj3bjaab2t

  • MD5

    ee0e15981bf2cb8eef2393b821052827

  • SHA1

    9794899db6bb375d3dac8a928ab3d4f24def5c1c

  • SHA256

    c1431713b623b3e433e843ec5be260994b39ccc3484bb1500933cb8ce446633d

  • SHA512

    c44cf818f3843267663c29000bf36a0fc5c451703243264f59ceef43e94fff5ae6d7d1ceb331e517966faaa1e92cd2f5ad1ad3e728cac6c4f082fa2e160439d3

  • SSDEEP

    196608:L78N8z1W903eV4QR/4KF5ikWMWKACyXuU1PW14Hu:ENiW+eGQR/n/ikWMWQUE16

Malware Config

Targets

    • Target

      loader.exe

    • Size

      8.4MB

    • MD5

      ee0e15981bf2cb8eef2393b821052827

    • SHA1

      9794899db6bb375d3dac8a928ab3d4f24def5c1c

    • SHA256

      c1431713b623b3e433e843ec5be260994b39ccc3484bb1500933cb8ce446633d

    • SHA512

      c44cf818f3843267663c29000bf36a0fc5c451703243264f59ceef43e94fff5ae6d7d1ceb331e517966faaa1e92cd2f5ad1ad3e728cac6c4f082fa2e160439d3

    • SSDEEP

      196608:L78N8z1W903eV4QR/4KF5ikWMWKACyXuU1PW14Hu:ENiW+eGQR/n/ikWMWQUE16

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks