General
-
Target
3044377efe589bcaf9df23e7ee20dcc181a1604066721cf58020f2eb7ad0108a
-
Size
741KB
-
Sample
240704-y26dssxbmn
-
MD5
2d3ecdcb1e05ea96c98369b1ff5f5879
-
SHA1
3223a9f45af6a6669a760e1e759037480da779cb
-
SHA256
3044377efe589bcaf9df23e7ee20dcc181a1604066721cf58020f2eb7ad0108a
-
SHA512
88e30104c37859921167c9b011be4fa05a2c5da632cefc1f063874c7bd2706e20fa6cab3f6c08f71b67edfef58b9efadd5123d01787c6c5f1e58e2f45c27ac92
-
SSDEEP
12288:ltTuhrf45I8jWtJ8OgL27rd69bk5NCgGhSFB79gYhLIf6EQ9EYcw1Fj:lIt4kt0Kd6F6CNzYhUiEWEYcwb
Malware Config
Targets
-
-
Target
3044377efe589bcaf9df23e7ee20dcc181a1604066721cf58020f2eb7ad0108a
-
Size
741KB
-
MD5
2d3ecdcb1e05ea96c98369b1ff5f5879
-
SHA1
3223a9f45af6a6669a760e1e759037480da779cb
-
SHA256
3044377efe589bcaf9df23e7ee20dcc181a1604066721cf58020f2eb7ad0108a
-
SHA512
88e30104c37859921167c9b011be4fa05a2c5da632cefc1f063874c7bd2706e20fa6cab3f6c08f71b67edfef58b9efadd5123d01787c6c5f1e58e2f45c27ac92
-
SSDEEP
12288:ltTuhrf45I8jWtJ8OgL27rd69bk5NCgGhSFB79gYhLIf6EQ9EYcw1Fj:lIt4kt0Kd6F6CNzYhUiEWEYcwb
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1