General
-
Target
db1c836306ca113b9167ddae600f1e9c37b2d743038dbb344dfec45e5d54dc7b
-
Size
688KB
-
Sample
240704-ew7j5atgpl
-
MD5
80f40ba8fb792a8debc98fa0e17c5703
-
SHA1
f3a540f3f0eaa335ab06d4187f724f7d5d69ea62
-
SHA256
db1c836306ca113b9167ddae600f1e9c37b2d743038dbb344dfec45e5d54dc7b
-
SHA512
c66a882063e9799ea02ac57536d4f77b8dd3fe357a9d09d052eb9340c94d03ea11ce02a72af1f7ba031789da450c3454799a8625368cf74a77428de96a39a644
-
SSDEEP
3072:4eGOMNYPDeGRieGOMNYPDeGRieGOMNYPDeGRieGOMNYPDeGR3:4zYrnizYrnizYrnizYrn3
Malware Config
Targets
-
-
Target
db1c836306ca113b9167ddae600f1e9c37b2d743038dbb344dfec45e5d54dc7b
-
Size
688KB
-
MD5
80f40ba8fb792a8debc98fa0e17c5703
-
SHA1
f3a540f3f0eaa335ab06d4187f724f7d5d69ea62
-
SHA256
db1c836306ca113b9167ddae600f1e9c37b2d743038dbb344dfec45e5d54dc7b
-
SHA512
c66a882063e9799ea02ac57536d4f77b8dd3fe357a9d09d052eb9340c94d03ea11ce02a72af1f7ba031789da450c3454799a8625368cf74a77428de96a39a644
-
SSDEEP
3072:4eGOMNYPDeGRieGOMNYPDeGRieGOMNYPDeGRieGOMNYPDeGR3:4zYrnizYrnizYrnizYrn3
Score10/10-
Modifies visibility of file extensions in Explorer
-
Executes dropped EXE
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2