General

  • Target

    AESTHETICBACKGROUNDS.rar

  • Size

    5.9MB

  • Sample

    240531-sffclaca8y

  • MD5

    24e55d5b6d45f1fd2a8df39dbfdb19f6

  • SHA1

    f626ad14c27380b5419d4a0c5ad91a358b257ca9

  • SHA256

    fcb1915fe712776173085ba1c24e3d38ea93c409b551cb808227efcf61c466bc

  • SHA512

    790553f1be5d0baac28a225a4f7401f9286c8f0108b538d432d3266f807a5a5d8576d61f7b890d855c4ed3d91caec35e91678fccc6c7a67d52c4cfdac7ab2a58

  • SSDEEP

    98304:u7u/ezEtMLJ8V3AhQXXpEQBksNgGUC7TJegt9CLhx5Ikxh4Vv10G4yDH/AwPBpbr:Cu2zEtcJw3Am5RiGp5vCLhx5IkMXtr/d

Malware Config

Targets

    • Target

      AESTHETICBACKGROUNDS/aestheticbackgrds.exe

    • Size

      6.1MB

    • MD5

      9b94159cf2b244fc3fc333c4d3c94b45

    • SHA1

      e85157e3d361aec51f61cb6f38ccbee4b097a0bf

    • SHA256

      05530483c95ceb006365d84a62b9aae42b0774894ce3c6c6aef50f813ce9ef67

    • SHA512

      8f82c1416b195de028c723cffc758852ac14e1a15a3ecd525b317d6c37a0467eef786e49cedbaaa98b98e07e56151e9944cc1de9e0e5f361348c05b1e407f9de

    • SSDEEP

      98304:ereTiWIEtdFByvamaHl3Ne4i3gmtfXJOLhx9fZAzDJ4wzQgsRuGK4RfBM713OEsd:ereNFMyeN/FJMIDJf0gsAGK4Rfu74JTz

    Score
    8/10
    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks