General

  • Target

    Screenshot 2024-05-29 10.09.25 AM.png

  • Size

    12KB

  • Sample

    240603-v7ypcsdg8w

  • MD5

    452647f957790a9dfa2e294096f55601

  • SHA1

    48bac8278d06d42d103b1aee42f92b7d5a51979b

  • SHA256

    86b5fd67ea3653c237b26feff0a8c4820eeb6a6e9f32e19bd23328edff170626

  • SHA512

    0a6109ac1b21742d1125f29975bcc271f1441331f79a1ef80aa53991cf4c3874c86532102d93cf6ff6bf78eb516b96dfbe5f0118861998c94c6ccfe4145c14bd

  • SSDEEP

    384:cdRMbtA4QL4XTLBVLQPEEE7l8yjx/UT+BnOzeMB13:kMbtjQQxlNjx/UbF

Malware Config

Targets

    • Target

      Screenshot 2024-05-29 10.09.25 AM.png

    • Size

      12KB

    • MD5

      452647f957790a9dfa2e294096f55601

    • SHA1

      48bac8278d06d42d103b1aee42f92b7d5a51979b

    • SHA256

      86b5fd67ea3653c237b26feff0a8c4820eeb6a6e9f32e19bd23328edff170626

    • SHA512

      0a6109ac1b21742d1125f29975bcc271f1441331f79a1ef80aa53991cf4c3874c86532102d93cf6ff6bf78eb516b96dfbe5f0118861998c94c6ccfe4145c14bd

    • SSDEEP

      384:cdRMbtA4QL4XTLBVLQPEEE7l8yjx/UT+BnOzeMB13:kMbtjQQxlNjx/UbF

    • Modifies Installed Components in the registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks