Resubmissions

03-08-2024 12:43

240803-pxxresyaqa 10

03-08-2024 12:33

240803-prlrzaxhlf 10

General

  • Target

    iplasetup.exe

  • Size

    39.8MB

  • Sample

    240803-pxxresyaqa

  • MD5

    e872bca75b21b9fd7ea0ccd762d399d9

  • SHA1

    aac2a9bf68f87fc237ac121085328071e108ed2a

  • SHA256

    26af88cdc77ebe6ae1ac8d015658b05d93df4a4504ae6ab61919008e891d22af

  • SHA512

    3bc06f126d92bbd6e8f8f19a90632ba9e0b3232a62ec94db021ffa987efe48c63df671ad47805e43f5878916a1f7ec8ede5808d38cb641737ebcbad1c62535ef

  • SSDEEP

    786432:2aiqD9o7TuCV0GvGEpjWWHAxsD8TgdyCCD06KsEKjwUzAqhyNjg797+zr2sZW:2ko7J5eoE4WqTm0ABwY7hy9gp7+X2sk

Malware Config

Targets

    • Target

      iplasetup.exe

    • Size

      39.8MB

    • MD5

      e872bca75b21b9fd7ea0ccd762d399d9

    • SHA1

      aac2a9bf68f87fc237ac121085328071e108ed2a

    • SHA256

      26af88cdc77ebe6ae1ac8d015658b05d93df4a4504ae6ab61919008e891d22af

    • SHA512

      3bc06f126d92bbd6e8f8f19a90632ba9e0b3232a62ec94db021ffa987efe48c63df671ad47805e43f5878916a1f7ec8ede5808d38cb641737ebcbad1c62535ef

    • SSDEEP

      786432:2aiqD9o7TuCV0GvGEpjWWHAxsD8TgdyCCD06KsEKjwUzAqhyNjg797+zr2sZW:2ko7J5eoE4WqTm0ABwY7hy9gp7+X2sk

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops file in System32 directory

    • Target

      $TEMP

    • Size

      5KB

    • MD5

      db40175690a780def9e6c6327654be11

    • SHA1

      703c074a625fad245300fb97657f640e91ce36d6

    • SHA256

      08a4ab71158afdaea82ae1f5670ae87b0b03facd606db26d4861c178b630cec2

    • SHA512

      17012e166365a48a7dcc92aa9f4d67e6fafa347eb637f434d99a4f0f62fd6a438eb21e98aff18f04cc56e3d91e97022a2bf4ef35278d9d15146dbeab6d3c5c7a

    • SSDEEP

      96:FnGNpgIYetuYR/8oJ00/NF73XK9FoyC7tCElY:FGNpueUY91JnP6

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks