General
-
Target
d4faf1d33c2f11d18713ed71609eab10N.exe
-
Size
741KB
-
Sample
240901-nj6xhazajl
-
MD5
d4faf1d33c2f11d18713ed71609eab10
-
SHA1
162fae55964e97f995e8f7040b37a3430cd844ec
-
SHA256
f7f938bb5f31aa6bd0356fc7af470fff4a662debcd18d57910745e6bc579cbd5
-
SHA512
24eae2c9b2c5332d68f84406386fb11731eada01587ba89aca8c8d0aa05c7f955fd9199d8b86a8091fa7078ad6b19fd49914556e987f83a53ae97fdc4ac0323d
-
SSDEEP
12288:ltTuhKN45I8jWtJ8OgL27rd69bk5NCgGhSFB79gYhLIf6EQ9EYcw1F2:lIw4kt0Kd6F6CNzYhUiEWEYcwO
Malware Config
Targets
-
-
Target
d4faf1d33c2f11d18713ed71609eab10N.exe
-
Size
741KB
-
MD5
d4faf1d33c2f11d18713ed71609eab10
-
SHA1
162fae55964e97f995e8f7040b37a3430cd844ec
-
SHA256
f7f938bb5f31aa6bd0356fc7af470fff4a662debcd18d57910745e6bc579cbd5
-
SHA512
24eae2c9b2c5332d68f84406386fb11731eada01587ba89aca8c8d0aa05c7f955fd9199d8b86a8091fa7078ad6b19fd49914556e987f83a53ae97fdc4ac0323d
-
SSDEEP
12288:ltTuhKN45I8jWtJ8OgL27rd69bk5NCgGhSFB79gYhLIf6EQ9EYcw1F2:lIw4kt0Kd6F6CNzYhUiEWEYcwO
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1