General

  • Target

    .

  • Size

    13KB

  • Sample

    240815-zxqyzsthrc

  • MD5

    7419853e2eb11cd58772ad782bf60249

  • SHA1

    6efc867b64b3dd302190fdcc58e109448e3aed6a

  • SHA256

    968f3e1f724ef112f1a04af8e3ddd1fd9b7c0f3f4a0579775f1ec2e971d1d877

  • SHA512

    19b74061dad13bf3c22e3f1df840cdecaaee9d1de2c2a92b1292b4d2f42da443131f3983cb639c3f31255b45fd2f98cdeaca4d6245686a83285bd2aab2f0aec6

  • SSDEEP

    192:PNxyShvK9moqTJkNrM23FGxIk7s4iTq2X/xLyiN:yShi9boJkNwJxIkzT2X/tN

Malware Config

Targets

    • Target

      .

    • Size

      13KB

    • MD5

      7419853e2eb11cd58772ad782bf60249

    • SHA1

      6efc867b64b3dd302190fdcc58e109448e3aed6a

    • SHA256

      968f3e1f724ef112f1a04af8e3ddd1fd9b7c0f3f4a0579775f1ec2e971d1d877

    • SHA512

      19b74061dad13bf3c22e3f1df840cdecaaee9d1de2c2a92b1292b4d2f42da443131f3983cb639c3f31255b45fd2f98cdeaca4d6245686a83285bd2aab2f0aec6

    • SSDEEP

      192:PNxyShvK9moqTJkNrM23FGxIk7s4iTq2X/xLyiN:yShi9boJkNwJxIkzT2X/tN

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Detected potential entity reuse from brand steam.

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks