General

  • Target

    cheat.rar

  • Size

    54.0MB

  • Sample

    240730-z281csygrq

  • MD5

    6976b09578d86d6c34c88c08f094c44c

  • SHA1

    20747f961d7be31f34c49e7ae53cf51971f98ad2

  • SHA256

    3bb1fa03e195bab97254d1e5b0bfd4e9c1b83648e1993b638420a857d0a2ff88

  • SHA512

    4c49f5b67842d4369467b589fde1fbc9b4c03f1faa427857ea2ff7cd551b25ec7e48bf18b99756b62eedb9d6cf2371528c8fb401862b2d7360402027183774af

  • SSDEEP

    1572864:y8nc8F7nwxngKBfnmOFTb0YY3IMPTXFSxBx:znc8lnKn7fnmOFTA35bUx

Malware Config

Targets

    • Target

      source_prepared.exe

    • Size

      57.0MB

    • MD5

      9cae439b56996a369ba211c4bd3d7dab

    • SHA1

      166c685f9ec5e35027dc247b6fe0c0d2fba927b5

    • SHA256

      fa7bff5b29ffd67c5303693b6ad6a8c1902806bc0d83309f7ae6d9a4e8aee000

    • SHA512

      43cb184b9621ef6c08c186610681fcf9aac46d5408281865842646458089d0e75419af93ebfac8ee13b6146eef41651e933ec90bc7b60900596034b792f26287

    • SSDEEP

      1572864:JvxZQglq7vaSk8IpG7V+VPhqYdfCE70lgvWDLDxo:JvxZx0eSkB05awcfAevYfO

    Score
    9/10
    • Enumerates VirtualBox DLL files

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks