General

  • Target

    752562aa08bf3acffc399d8ebb97dfad09aa5c328bdac6d1144165e8849b6a9b

  • Size

    22KB

  • Sample

    240603-21q49scc8w

  • MD5

    468e6fb86d793b69e243aa0bb9ae76ec

  • SHA1

    c2c46a7ee6d1f19d76793397d3f53dae79010ab4

  • SHA256

    752562aa08bf3acffc399d8ebb97dfad09aa5c328bdac6d1144165e8849b6a9b

  • SHA512

    47803f7cc9863643ad7756aebd3a3c07c625924f83a7123e08b3f978364b54c4c5015b98c126a01d23b50703e5f11eeaeacfec145c2ffc8b7055b9627971cb57

  • SSDEEP

    384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvXVB7JmvDx:rRkiLw3HsDSARGG/rKx

Malware Config

Targets

    • Target

      752562aa08bf3acffc399d8ebb97dfad09aa5c328bdac6d1144165e8849b6a9b

    • Size

      22KB

    • MD5

      468e6fb86d793b69e243aa0bb9ae76ec

    • SHA1

      c2c46a7ee6d1f19d76793397d3f53dae79010ab4

    • SHA256

      752562aa08bf3acffc399d8ebb97dfad09aa5c328bdac6d1144165e8849b6a9b

    • SHA512

      47803f7cc9863643ad7756aebd3a3c07c625924f83a7123e08b3f978364b54c4c5015b98c126a01d23b50703e5f11eeaeacfec145c2ffc8b7055b9627971cb57

    • SSDEEP

      384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvXVB7JmvDx:rRkiLw3HsDSARGG/rKx

    • Windows security bypass

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Windows security modification

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks