General
-
Target
72159d9397fc0cee716fa7dc3d8a667516965c79783e1f0b0d6e4000bc1da209N
-
Size
2.6MB
-
Sample
241002-frbgkaycqq
-
MD5
86c85e898e35cdafb747d75b57cf2ec0
-
SHA1
a413714899d28019b3bfab7f635dc39776bc80a3
-
SHA256
72159d9397fc0cee716fa7dc3d8a667516965c79783e1f0b0d6e4000bc1da209
-
SHA512
025e25f22742259563e371eba770428619c0231b0cc36f68f90c35b69b48ca9317248721b62f4bee93e353972818c75e90d150e7fdf7a4c115bb6bd253e922a8
-
SSDEEP
49152:TeS12nRc6C5CEAHD26ICQVt1ULUQRP6a6YPkCLJ37xbIjNyX5Hxzl/R:6S+c6ZEmqCMtmoQRP6aZtnsNq9l/R
Malware Config
Targets
-
-
Target
72159d9397fc0cee716fa7dc3d8a667516965c79783e1f0b0d6e4000bc1da209N
-
Size
2.6MB
-
MD5
86c85e898e35cdafb747d75b57cf2ec0
-
SHA1
a413714899d28019b3bfab7f635dc39776bc80a3
-
SHA256
72159d9397fc0cee716fa7dc3d8a667516965c79783e1f0b0d6e4000bc1da209
-
SHA512
025e25f22742259563e371eba770428619c0231b0cc36f68f90c35b69b48ca9317248721b62f4bee93e353972818c75e90d150e7fdf7a4c115bb6bd253e922a8
-
SSDEEP
49152:TeS12nRc6C5CEAHD26ICQVt1ULUQRP6a6YPkCLJ37xbIjNyX5Hxzl/R:6S+c6ZEmqCMtmoQRP6aZtnsNq9l/R
Score10/10-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Scheduled Task/Job
1Scheduled Task
1