General
-
Target
Chikara.exe
-
Size
896KB
-
Sample
240620-ppzaaa1gqr
-
MD5
9688a8adbf102faf506012e4eea57219
-
SHA1
d32e505d68d601042474b31c6c49bdbd7e238e85
-
SHA256
6c22a4cd16f13a366bb2dd2c67686f81c9fea8ad064b21b4e24829e942c6563d
-
SHA512
cd3873e91a0f860a703ad724eef64a2397b8a704793ed18ae548b09cfa16bf2cc50c4a2b544033dd2c9532ddbc5bef685eff3985635b8cc7cada2743d2efb1b6
-
SSDEEP
24576:bfiTu9itmzplqWliEXZJWKJKTwSuRzzv4DNXj:LcezbXJKTzu2DN
Malware Config
Targets
-
-
Target
Chikara.exe
-
Size
896KB
-
MD5
9688a8adbf102faf506012e4eea57219
-
SHA1
d32e505d68d601042474b31c6c49bdbd7e238e85
-
SHA256
6c22a4cd16f13a366bb2dd2c67686f81c9fea8ad064b21b4e24829e942c6563d
-
SHA512
cd3873e91a0f860a703ad724eef64a2397b8a704793ed18ae548b09cfa16bf2cc50c4a2b544033dd2c9532ddbc5bef685eff3985635b8cc7cada2743d2efb1b6
-
SSDEEP
24576:bfiTu9itmzplqWliEXZJWKJKTwSuRzzv4DNXj:LcezbXJKTzu2DN
Score8/10-
Possible privilege escalation attempt
-
Modifies file permissions
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-