General

  • Target

    sample

  • Size

    83KB

  • Sample

    240601-fpeq7sag5x

  • MD5

    6270d3339928c2e8ee3c1fe85433a54f

  • SHA1

    09b8010e64e33882c864f39dc3d0a593a5954846

  • SHA256

    9dbc69b093cb31abaa2c11ccabf37cc85daf6cf9e27e3ff0ab04530ca3e1c542

  • SHA512

    05e47e43b97111bd3432f13848322b7dd5fca1cbb7662819bf730efc49eb74ceca955c46b397f9ff70795af4338ae3477e91fd7bed1db52daa899dcfd5895a2c

  • SSDEEP

    1536:9qcEYq4NOFYLI7fN08KQkeSVN0NtsltzRRbKsYRX:8cEYqmO9fytzjmpX

Malware Config

Targets

    • Target

      sample

    • Size

      83KB

    • MD5

      6270d3339928c2e8ee3c1fe85433a54f

    • SHA1

      09b8010e64e33882c864f39dc3d0a593a5954846

    • SHA256

      9dbc69b093cb31abaa2c11ccabf37cc85daf6cf9e27e3ff0ab04530ca3e1c542

    • SHA512

      05e47e43b97111bd3432f13848322b7dd5fca1cbb7662819bf730efc49eb74ceca955c46b397f9ff70795af4338ae3477e91fd7bed1db52daa899dcfd5895a2c

    • SSDEEP

      1536:9qcEYq4NOFYLI7fN08KQkeSVN0NtsltzRRbKsYRX:8cEYqmO9fytzjmpX

    • Downloads MZ/PE file

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

    • Drops desktop.ini file(s)

    • Legitimate hosting services abused for malware hosting/C2

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v15

Tasks