Resubmissions

11-06-2024 06:02

240611-grrn8axeqj 1

11-06-2024 05:59

240611-gpv9maxanc 7

11-06-2024 05:56

240611-gm684sxakf 8

11-06-2024 05:53

240611-glfd1awhqf 8

General

  • Target

    Скачать CS 1.6 Skrudgemode — Сборка КС 1.6 для ХНС.html

  • Size

    20KB

  • Sample

    240611-glfd1awhqf

  • MD5

    e53d19ec9c66845784ebe0963e8d9c0b

  • SHA1

    d845d2acb3f32ddbe57183042b9f24e735464602

  • SHA256

    31746c1bed3adcf3eaf1f1f2684bf1287e3d5f48a4d4c93087a48dd328907364

  • SHA512

    0b573f6bb353bc4b235b624dc1fdf43f5afa05e00c32b5d1020f50b0e19804c5b66f493cd70dd588db7e675ea3c9fc11e3b661ad2a07d7877dcb257aaedfd5b5

  • SSDEEP

    192:LDQKgBWpJ/GjRSSSSSHI9T0m8c5IMbiEOBR8TztVwJBm9UZ8U:3hlp+SSSSSHI9T7R+BRG5KJmU

Malware Config

Targets

    • Target

      Скачать CS 1.6 Skrudgemode — Сборка КС 1.6 для ХНС.html

    • Size

      20KB

    • MD5

      e53d19ec9c66845784ebe0963e8d9c0b

    • SHA1

      d845d2acb3f32ddbe57183042b9f24e735464602

    • SHA256

      31746c1bed3adcf3eaf1f1f2684bf1287e3d5f48a4d4c93087a48dd328907364

    • SHA512

      0b573f6bb353bc4b235b624dc1fdf43f5afa05e00c32b5d1020f50b0e19804c5b66f493cd70dd588db7e675ea3c9fc11e3b661ad2a07d7877dcb257aaedfd5b5

    • SSDEEP

      192:LDQKgBWpJ/GjRSSSSSHI9T0m8c5IMbiEOBR8TztVwJBm9UZ8U:3hlp+SSSSSHI9T7R+BRG5KJmU

    • Downloads MZ/PE file

    • Modifies Windows Firewall

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks