General
-
Target
27ce8081843077b6e9c559267cb19f80N.exe
-
Size
165KB
-
Sample
240726-s8hcnaxbpl
-
MD5
27ce8081843077b6e9c559267cb19f80
-
SHA1
7811a1be5df65d6179147050a251fa8d3e2f63d4
-
SHA256
f142ef7a4027554cb455a6de9b44b312ba34b9b4188ee45259ba1f4238180a67
-
SHA512
bffe3125653f8c7db4ce2e797cbc068577a13c51dfa0eb1fd838740a91f9235c6c72eb1514c8729961fbec90550c0e19a8375afee41b6b8774f6d936c320ea27
-
SSDEEP
3072:QZSlI/HUOjSiToj7CEqfqg27mx/t3CnM9ga7ECfVeB1P0Yal7gz8PrVG:Qv/HFjSdfCZ47mx/t3Cn3a4CfUB1Cl7a
Static task
static1
Behavioral task
behavioral1
Sample
27ce8081843077b6e9c559267cb19f80N.exe
Resource
win7-20240705-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
http://klkjwre77638dfqwieuoi888.info/
Targets
-
-
Target
27ce8081843077b6e9c559267cb19f80N.exe
-
Size
165KB
-
MD5
27ce8081843077b6e9c559267cb19f80
-
SHA1
7811a1be5df65d6179147050a251fa8d3e2f63d4
-
SHA256
f142ef7a4027554cb455a6de9b44b312ba34b9b4188ee45259ba1f4238180a67
-
SHA512
bffe3125653f8c7db4ce2e797cbc068577a13c51dfa0eb1fd838740a91f9235c6c72eb1514c8729961fbec90550c0e19a8375afee41b6b8774f6d936c320ea27
-
SSDEEP
3072:QZSlI/HUOjSiToj7CEqfqg27mx/t3CnM9ga7ECfVeB1P0Yal7gz8PrVG:Qv/HFjSdfCZ47mx/t3Cn3a4CfUB1Cl7a
-
Modifies firewall policy service
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Loads dropped DLL
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Create or Modify System Process
1Windows Service
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Impair Defenses
4Disable or Modify System Firewall
1Disable or Modify Tools
3Modify Registry
5