Resubmissions

17-08-2024 14:59

240817-sc6qdavbnk 10

General

  • Target

    Loader.exe

  • Size

    80.7MB

  • Sample

    240817-sc6qdavbnk

  • MD5

    65235ed1088f8b86720c5a0da02c6f9a

  • SHA1

    e289841bb8272346b7a6177eea5919e201bba5ff

  • SHA256

    902f0ea782fec47f22dc1b30e7904bd5bb1eee0523ee1fcc5c97b608154f70f2

  • SHA512

    d5d72413cff220961ea3dd94d1cfdcd9211fbf991b68d931d0347d69de37db3bf57e2cc67dcdc0e13a4b3f8e116d0862703eb8a900daa15f5335d181db62b8af

  • SSDEEP

    1572864:FvxZQglXJdW97vaSk8IpG7V+VPhqb+TnE7Ulg8iYgj+h58sMw5I59+KucJXt:FvxZxRLmeSkB05awb+Tfe25Fe9+at

Malware Config

Targets

    • Target

      Loader.exe

    • Size

      80.7MB

    • MD5

      65235ed1088f8b86720c5a0da02c6f9a

    • SHA1

      e289841bb8272346b7a6177eea5919e201bba5ff

    • SHA256

      902f0ea782fec47f22dc1b30e7904bd5bb1eee0523ee1fcc5c97b608154f70f2

    • SHA512

      d5d72413cff220961ea3dd94d1cfdcd9211fbf991b68d931d0347d69de37db3bf57e2cc67dcdc0e13a4b3f8e116d0862703eb8a900daa15f5335d181db62b8af

    • SSDEEP

      1572864:FvxZQglXJdW97vaSk8IpG7V+VPhqb+TnE7Ulg8iYgj+h58sMw5I59+KucJXt:FvxZxRLmeSkB05awb+Tfe25Fe9+at

    • Enumerates VirtualBox DLL files

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks