Resubmissions

29-06-2024 18:07

240629-wqgj7awaqn 10

General

  • Target

    Stand Launchpad.exe

  • Size

    80.6MB

  • Sample

    240629-wqgj7awaqn

  • MD5

    801939cafef3ad6c8c4b21740e3b3452

  • SHA1

    d247ba72892b35d418e32fdb0d3b4c263f1fc753

  • SHA256

    f2d12f88780310eb7d90d22881da85261cf8c2e82d19700e7dca8f224ff31a3d

  • SHA512

    5819bd27aa29c58b4d74380762625bdc376044237e7d1bbc3aec5222f8683258c1fbcd2210be5c5e14a87fde0d76f6c0f7f82f8097add3e814bfb087d5382f3a

  • SSDEEP

    1572864:OvNBYQglX2XaSk8IpG7V+VPhqb+TnE7Ulg8iYgj+h58sMw5IlWb9BqScJX0:OvNBYxRtSkB05awb+Tfe25FSS9BA0

Malware Config

Targets

    • Target

      Stand Launchpad.exe

    • Size

      80.6MB

    • MD5

      801939cafef3ad6c8c4b21740e3b3452

    • SHA1

      d247ba72892b35d418e32fdb0d3b4c263f1fc753

    • SHA256

      f2d12f88780310eb7d90d22881da85261cf8c2e82d19700e7dca8f224ff31a3d

    • SHA512

      5819bd27aa29c58b4d74380762625bdc376044237e7d1bbc3aec5222f8683258c1fbcd2210be5c5e14a87fde0d76f6c0f7f82f8097add3e814bfb087d5382f3a

    • SSDEEP

      1572864:OvNBYQglX2XaSk8IpG7V+VPhqb+TnE7Ulg8iYgj+h58sMw5IlWb9BqScJX0:OvNBYxRtSkB05awb+Tfe25FSS9BA0

    • Enumerates VirtualBox DLL files

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks