General

  • Target

    loader.exe

  • Size

    8.2MB

  • Sample

    240629-y16yyaveqc

  • MD5

    cb80637d2668da8b05c3a869043dedb0

  • SHA1

    868d7ff6e1b79340f649a7ca797c1b5f32442558

  • SHA256

    aab1d20e4785eef5c27d07110ac570dcfbb0ca8323489323f651dfccb90bc786

  • SHA512

    b7a0532774b3eb122532196931bca1d8301c4d523072cd8a9a2f25b4f79d6389bcd6922b2959b7a572566a744c1237d9c87294c2f85b75a5d6895ff9fa56f0d5

  • SSDEEP

    196608:2SSQXwuLx8urErvI9pWjgN3ZdahF0pbH1AYSEp1CtQsNI/SBmUg:+TurEUWjqeWxQX6nWvg

Malware Config

Targets

    • Target

      loader.exe

    • Size

      8.2MB

    • MD5

      cb80637d2668da8b05c3a869043dedb0

    • SHA1

      868d7ff6e1b79340f649a7ca797c1b5f32442558

    • SHA256

      aab1d20e4785eef5c27d07110ac570dcfbb0ca8323489323f651dfccb90bc786

    • SHA512

      b7a0532774b3eb122532196931bca1d8301c4d523072cd8a9a2f25b4f79d6389bcd6922b2959b7a572566a744c1237d9c87294c2f85b75a5d6895ff9fa56f0d5

    • SSDEEP

      196608:2SSQXwuLx8urErvI9pWjgN3ZdahF0pbH1AYSEp1CtQsNI/SBmUg:+TurEUWjqeWxQX6nWvg

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Hide Artifacts: Hidden Files and Directories

MITRE ATT&CK Enterprise v15

Tasks