General

  • Target

    7tsp GUI v0.6(2019).exe

  • Size

    3.9MB

  • Sample

    240817-zcfmhsyanl

  • MD5

    0fc4b5592e3b58f1fc87d5ef81de981a

  • SHA1

    f9408f54be6540ccaf7ce0b9dbb80b81afd83ca8

  • SHA256

    090c9e214599150f6ed241171bb2107e04d13bfa5e74927b094b139eae280b65

  • SHA512

    648228bc4c599804a573ca7b108727bfd2504c221325d2b3d92d0655663bde863ad9720facc9a54ae7ca99f4d0f65967e7aa445c63b6567a399e081118dcfa13

  • SSDEEP

    98304:+KeDBgMNTwmVKhf79kBoHKVa8emhb8C3W8T4aBFvP7Y5Iks:+KurwJxncFz3BX7Y5k

Malware Config

Targets

    • Target

      7tsp GUI v0.6(2019).exe

    • Size

      3.9MB

    • MD5

      0fc4b5592e3b58f1fc87d5ef81de981a

    • SHA1

      f9408f54be6540ccaf7ce0b9dbb80b81afd83ca8

    • SHA256

      090c9e214599150f6ed241171bb2107e04d13bfa5e74927b094b139eae280b65

    • SHA512

      648228bc4c599804a573ca7b108727bfd2504c221325d2b3d92d0655663bde863ad9720facc9a54ae7ca99f4d0f65967e7aa445c63b6567a399e081118dcfa13

    • SSDEEP

      98304:+KeDBgMNTwmVKhf79kBoHKVa8emhb8C3W8T4aBFvP7Y5Iks:+KurwJxncFz3BX7Y5k

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Possible privilege escalation attempt

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Legitimate hosting services abused for malware hosting/C2

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Drops file in System32 directory

    • Target

      out.upx

    • Size

      746KB

    • MD5

      7d798c699c708eed93886cfc5c786629

    • SHA1

      447c76b6fff55a6a2e05402f629e8b1804ef6100

    • SHA256

      88328d964eaff86faf1149bbe38a1b749270016bdbbacb8d9ad38de59262dff9

    • SHA512

      b0ca4c16b7e6ab174cd27626e3decf21ceb773ec96b32eeb8e701694202cf9a4b341876a202807fb3d29301c75d7e4fb16305fe33eb3fbf5f917805c65aa552c

    • SSDEEP

      12288:5Lkcoxg7v3qnC11ErwIhh0F4qwUgUnyTIjL:9fmMv6Ckr7MnyMjL

    Score
    1/10

MITRE ATT&CK Enterprise v15

Tasks