General

  • Target

    e6148c7e8cec3a4565e97a139d2b09dbdf2f30460054fa168624fdc1050421d3

  • Size

    1.8MB

  • Sample

    240919-2p23dsvelf

  • MD5

    749bd6bf56a6d0ad6a8a4e5712377555

  • SHA1

    6e4ff640a527ed497505c402d1e7bdb26f3dd472

  • SHA256

    e6148c7e8cec3a4565e97a139d2b09dbdf2f30460054fa168624fdc1050421d3

  • SHA512

    250f1825f5d2577124606818a8c370bb862d74dfebddd8c25ec2b43448626b583e166e101f65ebe12b66b8767af7ad75a8d9f5a3afd4e10f4dd3e6239efe9a7d

  • SSDEEP

    49152:UkQletNpj4NmwF1tBE6BAfTm9k9MJsuAfChboFtcZo:UFletXjoD1tBEc90XCo6Zo

Malware Config

Targets

    • Target

      e6148c7e8cec3a4565e97a139d2b09dbdf2f30460054fa168624fdc1050421d3

    • Size

      1.8MB

    • MD5

      749bd6bf56a6d0ad6a8a4e5712377555

    • SHA1

      6e4ff640a527ed497505c402d1e7bdb26f3dd472

    • SHA256

      e6148c7e8cec3a4565e97a139d2b09dbdf2f30460054fa168624fdc1050421d3

    • SHA512

      250f1825f5d2577124606818a8c370bb862d74dfebddd8c25ec2b43448626b583e166e101f65ebe12b66b8767af7ad75a8d9f5a3afd4e10f4dd3e6239efe9a7d

    • SSDEEP

      49152:UkQletNpj4NmwF1tBE6BAfTm9k9MJsuAfChboFtcZo:UFletXjoD1tBEc90XCo6Zo

    • Detects MeshAgent payload

    • MeshAgent

      MeshAgent is a trojan written in C++.

    • Sets service image path in registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks