General
-
Target
5b18de51df1c1c97d458d2680375a74092baeafdaa77507bef17e04ca1d66c54N
-
Size
176KB
-
Sample
240921-dwhekasglj
-
MD5
3514927694437ea9c695f589ef0fd5f0
-
SHA1
f535aba51759ea0cea904b9d76a1f3191ebd27eb
-
SHA256
5b18de51df1c1c97d458d2680375a74092baeafdaa77507bef17e04ca1d66c54
-
SHA512
16c19a41b2ef0a8509c72e571758120b7f2695dbb8b5f0b8c05538a52dd804ff7519bce7c64d79a22131f527fe4cba4c41c4032ffdb481d0d501a184f0d08a00
-
SSDEEP
3072:qu8ANCrkvPb3NyS7zPvPb35vPb34QpNBBz8fQ8bQ+gnUpEprf5sCzDPvPb3NyS7c:TvNNycZpNBB38b3Eprf59zlyclDpNBBW
Malware Config
Targets
-
-
Target
5b18de51df1c1c97d458d2680375a74092baeafdaa77507bef17e04ca1d66c54N
-
Size
176KB
-
MD5
3514927694437ea9c695f589ef0fd5f0
-
SHA1
f535aba51759ea0cea904b9d76a1f3191ebd27eb
-
SHA256
5b18de51df1c1c97d458d2680375a74092baeafdaa77507bef17e04ca1d66c54
-
SHA512
16c19a41b2ef0a8509c72e571758120b7f2695dbb8b5f0b8c05538a52dd804ff7519bce7c64d79a22131f527fe4cba4c41c4032ffdb481d0d501a184f0d08a00
-
SSDEEP
3072:qu8ANCrkvPb3NyS7zPvPb35vPb34QpNBBz8fQ8bQ+gnUpEprf5sCzDPvPb3NyS7c:TvNNycZpNBB38b3Eprf59zlyclDpNBBW
Score10/10-
Modifies visibility of file extensions in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Network Share Discovery
Attempt to gather information on host network.
-
Power Settings
powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
2