General
-
Target
Setup.zip
-
Size
75.5MB
-
Sample
240706-xeq5xszdnn
-
MD5
4eac80804f82ffa5f96d5cd4c8ed8c6d
-
SHA1
302ebd812653541dd10741ed409353a85159c56b
-
SHA256
71ca8d8f691621cddb23db73cb9c2d7acc0c175036de3546db9d29f3ab724e41
-
SHA512
6d6428f78ae1aa9ab75f9b496ab2bb9a42f7813b553c41893a69908b2c7745273f7db07262448f55b11e708d9a5f3573eb42b886ebadb41540950ed116c123d0
-
SSDEEP
1572864:3NX+TJIEQmKkYj3C6ziMbvMlXzn/BAlIR+6vji6ntLGcSwQ7YBthjHqvki4:3R4JInmJO34MbKjn/1WS2j7YBth8ki4
Malware Config
Targets
-
-
Target
Setup.zip
-
Size
75.5MB
-
MD5
4eac80804f82ffa5f96d5cd4c8ed8c6d
-
SHA1
302ebd812653541dd10741ed409353a85159c56b
-
SHA256
71ca8d8f691621cddb23db73cb9c2d7acc0c175036de3546db9d29f3ab724e41
-
SHA512
6d6428f78ae1aa9ab75f9b496ab2bb9a42f7813b553c41893a69908b2c7745273f7db07262448f55b11e708d9a5f3573eb42b886ebadb41540950ed116c123d0
-
SSDEEP
1572864:3NX+TJIEQmKkYj3C6ziMbvMlXzn/BAlIR+6vji6ntLGcSwQ7YBthjHqvki4:3R4JInmJO34MbKjn/1WS2j7YBth8ki4
Score7/10-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
Executes dropped EXE
-
Modifies system executable filetype association
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-