General

  • Target

    password_is_eulen (1).rar

  • Size

    6.7MB

  • Sample

    240629-nv79pszdnn

  • MD5

    7cbe631a7fd3fc5f8d224c9ac09a87d7

  • SHA1

    1b731533d1b32d60796c37eb61048a2ee57e1761

  • SHA256

    1ebd7d1d49f9e80fbdaabf18bc8649dfa0495dea513afde3a7071e81e8573156

  • SHA512

    f76c373511d2fefd77540ec2ab61948dd83569ef350e370d5c741a134257668b6f0eed336c0a1e6f97731105a3b9b8a38d8c5c2f79a0d3ab156b95be3f995572

  • SSDEEP

    196608:Jov/IaJXDnfIgl33dUvAs6ZWsB6eJFWTcg3sCzRWO:Je/IaJznfIYN0A9Zd6eJFABcs

Malware Config

Targets

    • Target

      loader_prod.exe

    • Size

      74.0MB

    • MD5

      436748aa5016a3385f9c998d51041c22

    • SHA1

      841a9e926b6ddd8111025b7315718f6616e2d89e

    • SHA256

      2a10ed449e0ff867f1046d122c6dfd9a85e88a8b30d64fadfdd1bcdf30dffb82

    • SHA512

      7b9f53e74659249886c87d4f28cfe5b6719e8b20f7baf59b9b178b7fd02654fb3291f92771364ec4e409d7d31d85f6ec6a018b19568d7e28bef070d9e3031530

    • SSDEEP

      98304:gHkwN+MdA5wqMcX8MMhJMjarJaon7JPzf+JiUCS3swhzqgez7DoDZDJ1n6hBnLnV:gHV1dB6ylnlPzf+JiJCsmFMvcn6hVvJ

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Hide Artifacts: Hidden Files and Directories

MITRE ATT&CK Enterprise v15

Tasks