Resubmissions

10-10-2024 22:41

241010-2mlydswbmn 10

21-09-2024 20:56

240921-zq2f5stcqk 3

21-09-2024 19:40

240921-ydv8xszdjp 10

21-09-2024 19:07

240921-xszn8aybqe 10

General

  • Target

    69.exe

  • Size

    2.4MB

  • Sample

    241010-2mlydswbmn

  • MD5

    165b9d15346eed1bd8da9780eb7ab4bf

  • SHA1

    a9895dca7b49cd345634809d03baa51d5078c639

  • SHA256

    6606052fe50484563254b45f679dcbb9d42fff8ede7e8dba609e2760a5e0b3b7

  • SHA512

    b70d1ca87b71b2d0b9611e51e0a26e27b7d1a75072113965cbced770e3f46d9b7147225cb566ec06cac2921f8e4860faf882f96d2a866b2408dfacd4aaeecbf7

  • SSDEEP

    49152:GpUlRhMQfcBROIbrGTPmbpzyLdKDfWLDooV9VwwzuDDFDdexGQw:GpUlBcjnpkwfkkS9V/YTAGj

Malware Config

Targets

    • Target

      69.exe

    • Size

      2.4MB

    • MD5

      165b9d15346eed1bd8da9780eb7ab4bf

    • SHA1

      a9895dca7b49cd345634809d03baa51d5078c639

    • SHA256

      6606052fe50484563254b45f679dcbb9d42fff8ede7e8dba609e2760a5e0b3b7

    • SHA512

      b70d1ca87b71b2d0b9611e51e0a26e27b7d1a75072113965cbced770e3f46d9b7147225cb566ec06cac2921f8e4860faf882f96d2a866b2408dfacd4aaeecbf7

    • SSDEEP

      49152:GpUlRhMQfcBROIbrGTPmbpzyLdKDfWLDooV9VwwzuDDFDdexGQw:GpUlBcjnpkwfkkS9V/YTAGj

    • UAC bypass

    • Disables Task Manager via registry modification

    • Possible privilege escalation attempt

    • Stops running service(s)

    • Executes dropped EXE

    • Modifies file permissions

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks