General

  • Target

    flash_decompiler (1).exe

  • Size

    26.9MB

  • Sample

    240905-mh9fkazaph

  • MD5

    3ccc94c98531d1389f3d1ed06d64f081

  • SHA1

    dfbd71b2f0c9b2af5a643f597b04d1d933ff71a0

  • SHA256

    8702aca7ecd0552f596d6af97c397ffead6302182d8c87ae8dd3feea9dd8a5b4

  • SHA512

    8563141763b22da9e790ed49544f10a6cb52dbdcebb8082cb8997ebb966c949e88c64be7e260b84df4f5d8079fc270b95912d84b7433af60003b70fdedc75398

  • SSDEEP

    786432:wa0DgoQ4T3vo3YcjGC8qq7ABxE9RUUuCS8G:waygoZTkjG0BxOZG

Malware Config

Targets

    • Target

      flash_decompiler (1).exe

    • Size

      26.9MB

    • MD5

      3ccc94c98531d1389f3d1ed06d64f081

    • SHA1

      dfbd71b2f0c9b2af5a643f597b04d1d933ff71a0

    • SHA256

      8702aca7ecd0552f596d6af97c397ffead6302182d8c87ae8dd3feea9dd8a5b4

    • SHA512

      8563141763b22da9e790ed49544f10a6cb52dbdcebb8082cb8997ebb966c949e88c64be7e260b84df4f5d8079fc270b95912d84b7433af60003b70fdedc75398

    • SSDEEP

      786432:wa0DgoQ4T3vo3YcjGC8qq7ABxE9RUUuCS8G:waygoZTkjG0BxOZG

    • Banload

      Banload variants download malicious files, then install and execute the files.

    • Event Triggered Execution: Image File Execution Options Injection

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

    • Network Service Discovery

      Attempt to gather information on host's network.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks