Resubmissions

07-08-2024 08:32

240807-kffz5ayepf 7

General

  • Target

    18404625444.zip

  • Size

    1.5MB

  • Sample

    240807-kffz5ayepf

  • MD5

    bacae7e50c2f028a0b054b02a8910dd4

  • SHA1

    970d6f61d91535a5d3dc8bd89d27e4cc951f17dd

  • SHA256

    0cf4be67281982334e2dd4499c2d083dee426f2deee2b722a1a8258bafab8e95

  • SHA512

    1cd2f6695ad6caa44e70e41c8b689b76549a54b287a32ea87730b5e76caafee81aad4498bceeffd4b6dc607040781b9dfd130d50d1717c65f2823e7150b736d4

  • SSDEEP

    24576:CYNqlI9KjPXvQaudP6N16pgN2Mx/GHJuM+SKSofZDm9toFhKjOPY40gUVqR4:nKTvQ/6nJNjxsJt+S+Bl2O50gfa

Malware Config

Targets

    • Target

      12ef1c8127ec3465520e4cfd23605b708d81a5a2cf37ba124f018e5c094de0d9

    • Size

      1.5MB

    • MD5

      c73433dd532d445d099385865f62148b

    • SHA1

      4723c45f297cc8075eac69d2ef94e7e131d3a734

    • SHA256

      12ef1c8127ec3465520e4cfd23605b708d81a5a2cf37ba124f018e5c094de0d9

    • SHA512

      1211c8b67652664d6f66e248856b95ca557d4fdb4ea90d30df68208055d4c94fea0d158e7e6a965eae5915312dee33f62db882bb173faec5332a17bd2fb59447

    • SSDEEP

      49152:ZEVAbJqaITViU3qLkr7toP9KT+uv6WC+5uxe1o58:ZEVcqeUaki9oBqt+

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks