General

  • Target

    b6c2df057d0e11dabe39fe1800793d5b0b59d249f0ac0e353092fb9fb5c0ec73

  • Size

    69KB

  • Sample

    240604-cbr8laaa78

  • MD5

    662caade13e8e4916b54ccd4a6037d64

  • SHA1

    9b041029547ed8bb9527b03af24025cb63241f12

  • SHA256

    b6c2df057d0e11dabe39fe1800793d5b0b59d249f0ac0e353092fb9fb5c0ec73

  • SHA512

    a0de95b2fba0c2143df83ab4207be759b91f17addc4795a1561bec8383c8cc38d05c5af72125fd7cd34400c6f3ca4de97be3c037373dfb3473c0c2b6e1bda8e2

  • SSDEEP

    1536:EJrFDMRyriCY/qXfatMp4Q2V6fIMxIpLi:0F8dCY85TE6fIMSRi

Score
10/10

Malware Config

Targets

    • Target

      b6c2df057d0e11dabe39fe1800793d5b0b59d249f0ac0e353092fb9fb5c0ec73

    • Size

      69KB

    • MD5

      662caade13e8e4916b54ccd4a6037d64

    • SHA1

      9b041029547ed8bb9527b03af24025cb63241f12

    • SHA256

      b6c2df057d0e11dabe39fe1800793d5b0b59d249f0ac0e353092fb9fb5c0ec73

    • SHA512

      a0de95b2fba0c2143df83ab4207be759b91f17addc4795a1561bec8383c8cc38d05c5af72125fd7cd34400c6f3ca4de97be3c037373dfb3473c0c2b6e1bda8e2

    • SSDEEP

      1536:EJrFDMRyriCY/qXfatMp4Q2V6fIMxIpLi:0F8dCY85TE6fIMSRi

    Score
    10/10
    • Modifies WinLogon for persistence

    • Modifies visiblity of hidden/system files in Explorer

    • UPX dump on OEP (original entry point)

    • Modifies Installed Components in the registry

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks