General

  • Target

    cs_1.6.exe

  • Size

    6.0MB

  • Sample

    240620-tdvj6szejn

  • MD5

    fe07151c33b926c2603b090a844b828d

  • SHA1

    ad2c9722e08e257a71dda0706aad1f97069e4578

  • SHA256

    757686ab2a29f1415316caaa243dd736050dae01c8050e1e90c1acb5a5d9d3bc

  • SHA512

    a642b4ea2f56e868c91f9683bfea36e3460b07fba958f36274d49786ff766a3442532f82b119119a194a9e86637a4a0d5a591fbc6bfdc69499792c1c1ba075b6

  • SSDEEP

    98304:aiThEtdFBCd0amaHl3Ne4i3gmtfXJOLhx9fZAzDJ4wzQgsRuGK4RcOuAKF5s90yB:nTgFId1eN/FJMIDJf0gsAGK4RPuAKFm/

Malware Config

Targets

    • Target

      cs_1.6.exe

    • Size

      6.0MB

    • MD5

      fe07151c33b926c2603b090a844b828d

    • SHA1

      ad2c9722e08e257a71dda0706aad1f97069e4578

    • SHA256

      757686ab2a29f1415316caaa243dd736050dae01c8050e1e90c1acb5a5d9d3bc

    • SHA512

      a642b4ea2f56e868c91f9683bfea36e3460b07fba958f36274d49786ff766a3442532f82b119119a194a9e86637a4a0d5a591fbc6bfdc69499792c1c1ba075b6

    • SSDEEP

      98304:aiThEtdFBCd0amaHl3Ne4i3gmtfXJOLhx9fZAzDJ4wzQgsRuGK4RcOuAKF5s90yB:nTgFId1eN/FJMIDJf0gsAGK4RPuAKFm/

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Hide Artifacts: Hidden Files and Directories

MITRE ATT&CK Enterprise v15

Tasks