General

  • Target

    e4eefac44edfa932cfcdca830a12aa391563dfdf795dda8acdd7e2de28590fa7

  • Size

    1.4MB

  • Sample

    240601-e4nrzsae64

  • MD5

    0f3fd659178e94e64160607c50c2d912

  • SHA1

    8b19a37947db8ff301cc284a32fa6f52c589605a

  • SHA256

    e4eefac44edfa932cfcdca830a12aa391563dfdf795dda8acdd7e2de28590fa7

  • SHA512

    ba56651417c53197626c539ad0cb94c8e36649c45cf6272c7a3e0a2736ee57efa3cef4f2a76a1c58bccd3f0caeb95b9a1c06afa1be347b7acf66a830df2603eb

  • SSDEEP

    24576:T9cdOqX1uuMliQzd4mNy9Sh5hJgpiwVQLJaOSZ4LehoZza9gNWmAO5ehlMu:T9UX1uBx4mYo83vOSeyeaKrA

Score
10/10

Malware Config

Targets

    • Target

      e4eefac44edfa932cfcdca830a12aa391563dfdf795dda8acdd7e2de28590fa7

    • Size

      1.4MB

    • MD5

      0f3fd659178e94e64160607c50c2d912

    • SHA1

      8b19a37947db8ff301cc284a32fa6f52c589605a

    • SHA256

      e4eefac44edfa932cfcdca830a12aa391563dfdf795dda8acdd7e2de28590fa7

    • SHA512

      ba56651417c53197626c539ad0cb94c8e36649c45cf6272c7a3e0a2736ee57efa3cef4f2a76a1c58bccd3f0caeb95b9a1c06afa1be347b7acf66a830df2603eb

    • SSDEEP

      24576:T9cdOqX1uuMliQzd4mNy9Sh5hJgpiwVQLJaOSZ4LehoZza9gNWmAO5ehlMu:T9UX1uBx4mYo83vOSeyeaKrA

    Score
    10/10
    • Modifies WinLogon for persistence

    • Modifies visiblity of hidden/system files in Explorer

    • Detects executables packed with Enigma

    • Detects packed executables observed in Molerats

    • Modifies Installed Components in the registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks