Resubmissions
28/09/2024, 13:45
240928-q2nvraydrq 8General
-
Target
wifiguard_windows_setup.exe
-
Size
6.7MB
-
Sample
240928-q2nvraydrq
-
MD5
c97d8c7867af353a6fbe04132d3b036e
-
SHA1
8530b2a8f733ff7464581e6134a44d046443ef89
-
SHA256
6e3b60a5d91e0652ff813f5d6cb4486e773820ffbd9bf36971f1d70f822e358a
-
SHA512
8a8cee449355b14fdb6072a8597193ee55b89da8ae23a2cf88b9e5f93374219703ac88dff5a1ba7cf0c3f57a63ed8f40a6243f778053e174a3f71b6e89571812
-
SSDEEP
98304:WkLGUdTrL8CcGCuq0lMbXRgh9b3FD6aGjZkeAx5tL/zduuCH8s07ht29s4C1eH9g:hxTfcelmmDFD5U2jduxHP07ht5o9g
Malware Config
Targets
-
-
Target
wifiguard_windows_setup.exe
-
Size
6.7MB
-
MD5
c97d8c7867af353a6fbe04132d3b036e
-
SHA1
8530b2a8f733ff7464581e6134a44d046443ef89
-
SHA256
6e3b60a5d91e0652ff813f5d6cb4486e773820ffbd9bf36971f1d70f822e358a
-
SHA512
8a8cee449355b14fdb6072a8597193ee55b89da8ae23a2cf88b9e5f93374219703ac88dff5a1ba7cf0c3f57a63ed8f40a6243f778053e174a3f71b6e89571812
-
SSDEEP
98304:WkLGUdTrL8CcGCuq0lMbXRgh9b3FD6aGjZkeAx5tL/zduuCH8s07ht29s4C1eH9g:hxTfcelmmDFD5U2jduxHP07ht5o9g
Score8/10-
Modifies Windows Firewall
-
Executes dropped EXE
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1