General

  • Target

    eb61f992ed33d56d8d3b1cd8a10207c6e93847248951016cffbb768beb917621

  • Size

    51KB

  • Sample

    240603-fszksace7x

  • MD5

    50c2804b452748c3e90fd0ee0cc9bc0f

  • SHA1

    56771e7e07911cab1ffe10ab9ccc57d9530df041

  • SHA256

    eb61f992ed33d56d8d3b1cd8a10207c6e93847248951016cffbb768beb917621

  • SHA512

    4b19c9f88dd40876e64ee24dc107738bf59c87fa84ce0c42ef33b7bb7315baeeba0ddadb9aa7ac558affdd1844c047f1afcf6c49ab14363a597cd0feedcb9eda

  • SSDEEP

    1536:nNJb/HkwoLe29UjQ4wqQOLIMVnS3b1111111111111111111111l:b+LKSOLIMdgb1111111111111111111X

Score
10/10

Malware Config

Targets

    • Target

      eb61f992ed33d56d8d3b1cd8a10207c6e93847248951016cffbb768beb917621

    • Size

      51KB

    • MD5

      50c2804b452748c3e90fd0ee0cc9bc0f

    • SHA1

      56771e7e07911cab1ffe10ab9ccc57d9530df041

    • SHA256

      eb61f992ed33d56d8d3b1cd8a10207c6e93847248951016cffbb768beb917621

    • SHA512

      4b19c9f88dd40876e64ee24dc107738bf59c87fa84ce0c42ef33b7bb7315baeeba0ddadb9aa7ac558affdd1844c047f1afcf6c49ab14363a597cd0feedcb9eda

    • SSDEEP

      1536:nNJb/HkwoLe29UjQ4wqQOLIMVnS3b1111111111111111111111l:b+LKSOLIMdgb1111111111111111111X

    Score
    10/10
    • Modifies WinLogon for persistence

    • Modifies visiblity of hidden/system files in Explorer

    • UPX dump on OEP (original entry point)

    • Drops file in Drivers directory

    • Modifies Installed Components in the registry

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks