General

  • Target

    ImproX_USB_Win_8_and_10.zip

  • Size

    16.4MB

  • Sample

    240913-jh493a1hlr

  • MD5

    0a7e6896ab267dfd5f31bd90ff57c7b6

  • SHA1

    901724b13d98a498d4d0ceef1e632475228c5879

  • SHA256

    268c8554da70090e8893d7468ab6b1156391b80c8513a73eca9035733ee43593

  • SHA512

    7ee51d84a394019ac2267c24918320cef94c66d5ba319f1c8263ea2fad37f3a785cf35ebe60d0e96fd3089f9f57c3d764442b07278b88740e852d06c9fab981a

  • SSDEEP

    393216:asxUe7ps8TX7osACIGcfUYlWpdg9d9gN8P71UCSBv:asTpzTVtIRUYlOdg39gQUCy

Score
8/10

Malware Config

Targets

    • Target

      setup.exe

    • Size

      3.7MB

    • MD5

      c0fe59a9ea8ab8248d221c9008d92be3

    • SHA1

      43958341bacc33b0c33d1e37700dda86cef35228

    • SHA256

      08409ec3b4031df24306d19da45eb753adc542394b33d56616a57d637fa6348a

    • SHA512

      c1a34bd32e3dbd0a91bef8f135eef904d96389b590678704a5077df9c38fdb4de5322f9cd96ae992bb548e0ff73ae2171e9afee9a17f7a94390a13c5033bf79f

    • SSDEEP

      98304:I32NWl57blIBXlXgLT0dUTN08r4k3/BICs5t:pK57blIB1ETMlOyCit

    Score
    8/10
    • Manipulates Digital Signatures

      Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.

    • Executes dropped EXE

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops file in System32 directory

    • Target

      vcredist_x64.exe

    • Size

      6.9MB

    • MD5

      ba2c17a20b2b1d8a30f96d53e2632a68

    • SHA1

      abe47e4996cf0409a794c1844f1fa8404032edb2

    • SHA256

      aa78fef82d386f709cc36dbe5bc5a67f34887d8a37c61e67b06543d1d82c9e2a

    • SHA512

      7aa501ff0475cfc34adf99f660e5d13e1bae73ece48f6425586183b56628267bac651b5c17bcd919cce1bc535289c9a77a9cf1c0cd47706217b81ed37965b638

    • SSDEEP

      196608:fB+pVNJVHmfa4SGSntdO+svVyw9g5jks5ypB6r3MT:J+pV1Ya482YSXa6B+3U

    Score
    7/10
    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Target

      vcredist_x86.exe

    • Size

      6.3MB

    • MD5

      a8d5962623206751bdd4416d140ae7c5

    • SHA1

      d292afddbae41acb2a1dfe647e15336ad7375c6f

    • SHA256

      1cf499658295622956a0dedbb70a414c1a6157e1b7ee606fd9f7afccccea60db

    • SHA512

      30cd79eb4700bf535cd24c45488b015ce92c12304af0278b79ebf0d74b34ba719b50c6e5fb4ad6fc90372380579bfb1af5b906525110caa51f474e0570cb81be

    • SSDEEP

      196608:QzuvBUapXrFJXTtDeXzYx3np2eTIloA/1o:Iu/DpszYx3nMe4/1o

    Score
    7/10
    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks