Resubmissions

14-09-2024 12:41

240914-pw6myavbpd 10

14-09-2024 12:39

240914-pvrgmavbkb 10

General

  • Target

    000.exe

  • Size

    6.7MB

  • Sample

    240914-pvrgmavbkb

  • MD5

    27f84a42d581880d149185494ab621e1

  • SHA1

    2fe06b762ea303d0824b15d02aff68a321128095

  • SHA256

    5eed2b5832483191e67f2ffbdcf349a6256039a8a7f934fb6bb9188873f8a73b

  • SHA512

    9896bed08127c0d30a38b7cf0a039161b26e64bc16d33357a46c890f14c0214d6b1a78999c5da5a4b1a070edc1fb49fa3017f092b1ddd6c1e5e7920f5de305cd

  • SSDEEP

    196608:Apkr2dY/aBcjJOBHOBIQBajMtWvoJiLE1+XgRKz89G/4ZSb0Funwh6DsN2PIpCrH:Apkr2dY/aBcjJOBHOBIQBajMtWvoJiLn

Malware Config

Targets

    • Target

      000.exe

    • Size

      6.7MB

    • MD5

      27f84a42d581880d149185494ab621e1

    • SHA1

      2fe06b762ea303d0824b15d02aff68a321128095

    • SHA256

      5eed2b5832483191e67f2ffbdcf349a6256039a8a7f934fb6bb9188873f8a73b

    • SHA512

      9896bed08127c0d30a38b7cf0a039161b26e64bc16d33357a46c890f14c0214d6b1a78999c5da5a4b1a070edc1fb49fa3017f092b1ddd6c1e5e7920f5de305cd

    • SSDEEP

      196608:Apkr2dY/aBcjJOBHOBIQBajMtWvoJiLE1+XgRKz89G/4ZSb0Funwh6DsN2PIpCrH:Apkr2dY/aBcjJOBHOBIQBajMtWvoJiLn

    • UAC bypass

    • Disables RegEdit via registry modification

    • Disables Task Manager via registry modification

    • Checks whether UAC is enabled

    • Drops desktop.ini file(s)

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Modifies WinLogon

    • Sets desktop wallpaper using registry

MITRE ATT&CK Enterprise v15

Tasks