General
-
Target
393646550bfdd0780cf11170e7301390N.exe
-
Size
2.6MB
-
Sample
240819-tndz6stelh
-
MD5
393646550bfdd0780cf11170e7301390
-
SHA1
95072f969635ba6d27b7be55a4f8b00b265f5928
-
SHA256
6fb7c04ca4faa826c5c11a9eb65d6c6bb57795a7489a2b7603172f12a3842606
-
SHA512
9f7018b331cabc5fb2f86348c88235fec68ae6e13336e8a7613ad51a6fc9872e62a19670765dbf4469768192714aaf8a570abb5ac6918ff4235f852e230e62c0
-
SSDEEP
49152:TeS12nRc6C5CEAHD26ICQVt1ULUQRP6a6YPkCLJ37xbIjNyX5Hxzl/U:6S+c6ZEmqCMtmoQRP6aZtnsNq9l/U
Malware Config
Targets
-
-
Target
393646550bfdd0780cf11170e7301390N.exe
-
Size
2.6MB
-
MD5
393646550bfdd0780cf11170e7301390
-
SHA1
95072f969635ba6d27b7be55a4f8b00b265f5928
-
SHA256
6fb7c04ca4faa826c5c11a9eb65d6c6bb57795a7489a2b7603172f12a3842606
-
SHA512
9f7018b331cabc5fb2f86348c88235fec68ae6e13336e8a7613ad51a6fc9872e62a19670765dbf4469768192714aaf8a570abb5ac6918ff4235f852e230e62c0
-
SSDEEP
49152:TeS12nRc6C5CEAHD26ICQVt1ULUQRP6a6YPkCLJ37xbIjNyX5Hxzl/U:6S+c6ZEmqCMtmoQRP6aZtnsNq9l/U
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1