General
-
Target
wrar361.exe
-
Size
1010KB
-
Sample
240610-tj267sshrl
-
MD5
75059ab2727fcb7244b57690625fc582
-
SHA1
a33f60cd505ec22e71f459bd0e6abe2098698d4f
-
SHA256
1e60be6ba8bc26162ecfdd997635a31dc85c592eeec0d6e3d6bb825bb1ca9f92
-
SHA512
560fc6924b6fe14be16069fe37d9eb19cd26c34584759e52d3900b6452d0d3a6257dd958e8d73df46be58c155ca57737317fc2e2c1cd000529f8dfa97f74baf8
-
SSDEEP
24576:ma8V7BstY+wpgmQucQQg06TWT5GJ6E+9dwRSubA73W:P8V7WtY+0gmsbB66T5oIubAi
Malware Config
Targets
-
-
Target
wrar361.exe
-
Size
1010KB
-
MD5
75059ab2727fcb7244b57690625fc582
-
SHA1
a33f60cd505ec22e71f459bd0e6abe2098698d4f
-
SHA256
1e60be6ba8bc26162ecfdd997635a31dc85c592eeec0d6e3d6bb825bb1ca9f92
-
SHA512
560fc6924b6fe14be16069fe37d9eb19cd26c34584759e52d3900b6452d0d3a6257dd958e8d73df46be58c155ca57737317fc2e2c1cd000529f8dfa97f74baf8
-
SSDEEP
24576:ma8V7BstY+wpgmQucQQg06TWT5GJ6E+9dwRSubA73W:P8V7WtY+0gmsbB66T5oIubAi
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Registers COM server for autorun
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1