General

  • Target

    Abyss.zip

  • Size

    15.7MB

  • Sample

    240618-z2gk4s1brq

  • MD5

    36a31004b3cf1ddc3ab6ba7ec626c6bf

  • SHA1

    a258e046f24e16b7febcda626e0d0b8c13132206

  • SHA256

    30ea44b35a3d3a23165a4ab1d84fecec6a072f3b514769b1fa1a3ca7b65fbbb3

  • SHA512

    20f04e9bc95dbcb7a1a8e4eae3ad527e0733e882bbd269af5bce0fa246bf8afbecf7cf539539c8a7324ed0d158845e5475072c2283364a5c824898293ee17527

  • SSDEEP

    393216:G5BgW+K+pcTT4vPthYJ/09Lf0ZtPJPZU3zlErQ1x+q:G5BL+di3sHYJIL0vPJP2xQq

Malware Config

Targets

    • Target

      Abyss-Decompiler/Abyss.exe

    • Size

      15.9MB

    • MD5

      0ba5fcce81cf9d8972499c1afae20c80

    • SHA1

      b1d471f3350d70e2825e21904edd8315e642097d

    • SHA256

      311e4cc88e9034bbb5c758f11333e67c72ff0ed8d84557a3205a4d86bedd4e95

    • SHA512

      f41b0f7dc97c609863e747bfb303419a1da03b8b3ce8adf22c74da9132d5d04f4d5fa4bfdf52d90f8a0dcf9d99ae870c5270f9f6b0abe771a7d369300a425f3b

    • SSDEEP

      393216:8mc4gP8AxYDX1+TtIiFGMiP1gZY9Z8D8CclzEJ0oO:834bX71QtIWiP2a8DZcJT

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to get system information as a root user.

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks