General
-
Target
0161442d409f433f68eaf4f3ce31b4e28ec8a65cf01b516bdedcad35609798f0N
-
Size
2.6MB
-
Sample
240920-c1jbzsvdpr
-
MD5
d2d299317746466f249c1bd3770049e0
-
SHA1
992612fd7397e5973e138bb3c780da7abea2f3d7
-
SHA256
0161442d409f433f68eaf4f3ce31b4e28ec8a65cf01b516bdedcad35609798f0
-
SHA512
45095e730ecebc198fd4853bdd535ed498cb0a1a6f2dc5c1852ef56d0056f343b7fd461afc9c96e571b701871f62c3f40df95b5969fe78d594066d7455441afe
-
SSDEEP
49152:TeS12nRc6C5CEAHD26ICQVt1ULUQRP6a6YPkCLJ37xbIjNyX5Hxzl/M:6S+c6ZEmqCMtmoQRP6aZtnsNq9l/M
Malware Config
Targets
-
-
Target
0161442d409f433f68eaf4f3ce31b4e28ec8a65cf01b516bdedcad35609798f0N
-
Size
2.6MB
-
MD5
d2d299317746466f249c1bd3770049e0
-
SHA1
992612fd7397e5973e138bb3c780da7abea2f3d7
-
SHA256
0161442d409f433f68eaf4f3ce31b4e28ec8a65cf01b516bdedcad35609798f0
-
SHA512
45095e730ecebc198fd4853bdd535ed498cb0a1a6f2dc5c1852ef56d0056f343b7fd461afc9c96e571b701871f62c3f40df95b5969fe78d594066d7455441afe
-
SSDEEP
49152:TeS12nRc6C5CEAHD26ICQVt1ULUQRP6a6YPkCLJ37xbIjNyX5Hxzl/M:6S+c6ZEmqCMtmoQRP6aZtnsNq9l/M
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1