General
-
Target
8cf212758d6351310d2b8337a2671020N.exe
-
Size
860KB
-
Sample
240719-nnezksyerp
-
MD5
8cf212758d6351310d2b8337a2671020
-
SHA1
d4fdd953d4383d35356ace0f2ff497eb999fa6a2
-
SHA256
e288844362976eef3412a997a4d6453f085f770877d3f0b033d450d4e0eafbde
-
SHA512
6887369b1595dea76a613e4a9e3733a36846a80e00b0a18b8b1d25a28f6284cac0e59fcafdbffff62ec371da3c0749583dea0aa9a0373982c9ee563afd4920c0
-
SSDEEP
24576:2wADaJYo8sTH4LaWhOIPqd5x43NXzofQWMSnmwrAtF19w6AYhqp:2ipTMSnU
Malware Config
Targets
-
-
Target
8cf212758d6351310d2b8337a2671020N.exe
-
Size
860KB
-
MD5
8cf212758d6351310d2b8337a2671020
-
SHA1
d4fdd953d4383d35356ace0f2ff497eb999fa6a2
-
SHA256
e288844362976eef3412a997a4d6453f085f770877d3f0b033d450d4e0eafbde
-
SHA512
6887369b1595dea76a613e4a9e3733a36846a80e00b0a18b8b1d25a28f6284cac0e59fcafdbffff62ec371da3c0749583dea0aa9a0373982c9ee563afd4920c0
-
SSDEEP
24576:2wADaJYo8sTH4LaWhOIPqd5x43NXzofQWMSnmwrAtF19w6AYhqp:2ipTMSnU
Score8/10-
Modifies Windows Firewall
-
Deletes itself
-
Drops startup file
-
Loads dropped DLL
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1