General
-
Target
AppXor.exe
-
Size
790KB
-
Sample
240822-jp7nrsygnq
-
MD5
48d161ecdea55f44e53df822e4947f5c
-
SHA1
2a38d2e290561a0937ccaff9c2eff59c554fbeaa
-
SHA256
07c6bdda512ecb8bbadcf57e4f98b3376ca121dd2102cc17513133d277b0430f
-
SHA512
c9d4c2755e82f5d8fa64c008fa5442ad3bde809b55011fc763b0c486eeb789a8b84f7f7226ec45fce4ef36adb5aad94513284ee620ead3822fca57df4aa70895
-
SSDEEP
12288:cFUNDaMzrJbjmrlbrJcYXrCbLrJdLOrOzrJ3bUrvJ:cFOayrxjmrFruYXrCvrHLOrgrtbUrvJ
Malware Config
Targets
-
-
Target
AppXor.exe
-
Size
790KB
-
MD5
48d161ecdea55f44e53df822e4947f5c
-
SHA1
2a38d2e290561a0937ccaff9c2eff59c554fbeaa
-
SHA256
07c6bdda512ecb8bbadcf57e4f98b3376ca121dd2102cc17513133d277b0430f
-
SHA512
c9d4c2755e82f5d8fa64c008fa5442ad3bde809b55011fc763b0c486eeb789a8b84f7f7226ec45fce4ef36adb5aad94513284ee620ead3822fca57df4aa70895
-
SSDEEP
12288:cFUNDaMzrJbjmrlbrJcYXrCbLrJdLOrOzrJ3bUrvJ:cFOayrxjmrFruYXrCvrHLOrgrtbUrvJ
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1