General

  • Target

    edde7973167e718b360f0e7ebc21f8375b231b24fd6663f270a05ded40fe553c

  • Size

    211KB

  • Sample

    240825-hq5ecs1cpg

  • MD5

    2d2614bfe072930ff084d0fcaa686909

  • SHA1

    595e548530f5aca204da968d3100b99779f2c6eb

  • SHA256

    edde7973167e718b360f0e7ebc21f8375b231b24fd6663f270a05ded40fe553c

  • SHA512

    c190f2372933c59f4e1373b6b1f4fa3c7564df5dbadf21e2ab00a8505828a15100cbf5e4aa892ca5f5f9b602538e021f217d2ed42954b739e648d80d1819275b

  • SSDEEP

    3072:bDpM9Nvih5c9DE1pvAPXIHLfMgw7ySBL8PEAjAfIbAYGPJz6sPJBINFZ1Fqnj:b1iNKQxENHLfMgw7y9ZrK

Malware Config

Targets

    • Target

      edde7973167e718b360f0e7ebc21f8375b231b24fd6663f270a05ded40fe553c

    • Size

      211KB

    • MD5

      2d2614bfe072930ff084d0fcaa686909

    • SHA1

      595e548530f5aca204da968d3100b99779f2c6eb

    • SHA256

      edde7973167e718b360f0e7ebc21f8375b231b24fd6663f270a05ded40fe553c

    • SHA512

      c190f2372933c59f4e1373b6b1f4fa3c7564df5dbadf21e2ab00a8505828a15100cbf5e4aa892ca5f5f9b602538e021f217d2ed42954b739e648d80d1819275b

    • SSDEEP

      3072:bDpM9Nvih5c9DE1pvAPXIHLfMgw7ySBL8PEAjAfIbAYGPJz6sPJBINFZ1Fqnj:b1iNKQxENHLfMgw7y9ZrK

    • Modifies WinLogon for persistence

    • Modifies visiblity of hidden/system files in Explorer

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Executes dropped EXE

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks