General

  • Target

    opera_autoupdate.exe

  • Size

    16.8MB

  • Sample

    240809-b5xvhayara

  • MD5

    48bb46d35f1223051089eb5e823ad8fa

  • SHA1

    45a9837f3230d5eb622b2b84f49f495d90fa2abd

  • SHA256

    6635292453c93a00119c060636a4a959672dec0cadc905681c4eb74304a7651a

  • SHA512

    51624e7e99996ed9792cb7385e03054f59fba53bf62439cb667cc4f373454edfcff4cb68ff05e2980a105fb3efc746f2bd3ea7ef5b13730773a3b64ea31fa8dc

  • SSDEEP

    393216:eIBTIPCXlIXtdkKiboZcPCpiHBYInTeSLeMX0L5fCi8qc1d:eIBCCVIXFib06CpihYInTeSLx0L5t8qW

Malware Config

Targets

    • Target

      opera_autoupdate.exe

    • Size

      16.8MB

    • MD5

      48bb46d35f1223051089eb5e823ad8fa

    • SHA1

      45a9837f3230d5eb622b2b84f49f495d90fa2abd

    • SHA256

      6635292453c93a00119c060636a4a959672dec0cadc905681c4eb74304a7651a

    • SHA512

      51624e7e99996ed9792cb7385e03054f59fba53bf62439cb667cc4f373454edfcff4cb68ff05e2980a105fb3efc746f2bd3ea7ef5b13730773a3b64ea31fa8dc

    • SSDEEP

      393216:eIBTIPCXlIXtdkKiboZcPCpiHBYInTeSLeMX0L5fCi8qc1d:eIBCCVIXFib06CpihYInTeSLx0L5t8qW

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Adds Run key to start application

    • Detected potential entity reuse from brand microsoft.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks