General

  • Target

    bd9c176b82eace3a8bab01f22a5dea0daa4b6de7cc1cdc69c4ba87a38c3a8cf9

  • Size

    24KB

  • Sample

    240603-dl8trsad68

  • MD5

    5fe3f3687710f04a2883e55704f4893c

  • SHA1

    5c6e22e3ef0c0c2e463030f5b011ae3d6c390090

  • SHA256

    bd9c176b82eace3a8bab01f22a5dea0daa4b6de7cc1cdc69c4ba87a38c3a8cf9

  • SHA512

    ac7d4c20625d196a682cc62b392a35770cb7951bd32e42dd3513983ec133901136d6c5fc2f73d99a080958c9ced17d3530bfed9e3dec050202e3f1c766b681b2

  • SSDEEP

    384:jIz4yRakFXfEln49mxSZHrXnKf98BLVa5L0vMtFob1OKrBGgVuhGOD6Tmxy:jIUylXfKc4EHrXI98BA0v2a5YgVunDKZ

Malware Config

Targets

    • Target

      bd9c176b82eace3a8bab01f22a5dea0daa4b6de7cc1cdc69c4ba87a38c3a8cf9

    • Size

      24KB

    • MD5

      5fe3f3687710f04a2883e55704f4893c

    • SHA1

      5c6e22e3ef0c0c2e463030f5b011ae3d6c390090

    • SHA256

      bd9c176b82eace3a8bab01f22a5dea0daa4b6de7cc1cdc69c4ba87a38c3a8cf9

    • SHA512

      ac7d4c20625d196a682cc62b392a35770cb7951bd32e42dd3513983ec133901136d6c5fc2f73d99a080958c9ced17d3530bfed9e3dec050202e3f1c766b681b2

    • SSDEEP

      384:jIz4yRakFXfEln49mxSZHrXnKf98BLVa5L0vMtFob1OKrBGgVuhGOD6Tmxy:jIUylXfKc4EHrXI98BA0v2a5YgVunDKZ

    • Windows security bypass

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

    • Sets file execution options in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Windows security modification

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks