General

  • Target

    Artic X Launcher.exe

  • Size

    104.3MB

  • Sample

    240805-qrzjhaxdmj

  • MD5

    b87d0fec16506caeb6accc2df85b0653

  • SHA1

    8e601f2fcaaf88673fd423cc5aea2253feeb2686

  • SHA256

    2183a119eee9706bcc5e08fd993ee2c790c825d9b1c94fdd49004706ae7f5c4c

  • SHA512

    30a4574c88e05ac832a6596173679064d02e872a86e839fb364242a3bb3acc6b326d4a17e70dfe74cefec959f92f0503c35bd7f134b7501283ef5a55bf776294

  • SSDEEP

    3145728:9COb8S6xjKcBaIc2qHO5iVY2nGQbRe0zJcBWEs9U:3gSWNaIsHCiH1XcBWp

Malware Config

Targets

    • Target

      Artic X Launcher.exe

    • Size

      104.3MB

    • MD5

      b87d0fec16506caeb6accc2df85b0653

    • SHA1

      8e601f2fcaaf88673fd423cc5aea2253feeb2686

    • SHA256

      2183a119eee9706bcc5e08fd993ee2c790c825d9b1c94fdd49004706ae7f5c4c

    • SHA512

      30a4574c88e05ac832a6596173679064d02e872a86e839fb364242a3bb3acc6b326d4a17e70dfe74cefec959f92f0503c35bd7f134b7501283ef5a55bf776294

    • SSDEEP

      3145728:9COb8S6xjKcBaIc2qHO5iVY2nGQbRe0zJcBWEs9U:3gSWNaIsHCiH1XcBWp

    • Enumerates VirtualBox DLL files

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks