General

  • Target

    TEST.exe

  • Size

    923KB

  • Sample

    240612-xg1r5szbrq

  • MD5

    07187fd72e58a58000f1a7f003c5cf98

  • SHA1

    be16a56e034cea9a44e85b268580c7b1c794bafa

  • SHA256

    0199c9e187872b7cc492ae3b8bbe6e47c68762c01d6120e78b627cd7dfc4fbe8

  • SHA512

    b07bb3f279a50d344cba9e33f9675384152dea45e75370534fb5392609ea35c00441ec544857cc9388ab80465e865d5e48db55c18df6b81266cc8534e0795b52

  • SSDEEP

    24576:NYKN2cQZq4ZynzE8YxJRx3Fsl5zhO5HZH7V:NYlZ5EzFYxJ2EHZZ

Malware Config

Targets

    • Target

      TEST.exe

    • Size

      923KB

    • MD5

      07187fd72e58a58000f1a7f003c5cf98

    • SHA1

      be16a56e034cea9a44e85b268580c7b1c794bafa

    • SHA256

      0199c9e187872b7cc492ae3b8bbe6e47c68762c01d6120e78b627cd7dfc4fbe8

    • SHA512

      b07bb3f279a50d344cba9e33f9675384152dea45e75370534fb5392609ea35c00441ec544857cc9388ab80465e865d5e48db55c18df6b81266cc8534e0795b52

    • SSDEEP

      24576:NYKN2cQZq4ZynzE8YxJRx3Fsl5zhO5HZH7V:NYlZ5EzFYxJ2EHZZ

    • UAC bypass

    • Command and Scripting Interpreter: PowerShell

      Run Powershell and hide display window.

    • Disables Task Manager via registry modification

    • Stops running service(s)

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

    • Sets desktop wallpaper using registry

MITRE ATT&CK Enterprise v15

Tasks