Resubmissions

30-10-2024 16:29

241030-tzh39sxfkl 8

10-10-2024 14:58

241010-scnjssxajn 10

10-10-2024 14:55

241010-sawsds1elb 8

General

  • Target

    https://drive.google.com/file/d/19h7IRx1Rq4FuO1dHitRyi71R47Nmacfs/view?usp=sharing

  • Sample

    241010-sawsds1elb

Malware Config

Targets

    • Target

      https://drive.google.com/file/d/19h7IRx1Rq4FuO1dHitRyi71R47Nmacfs/view?usp=sharing

    • Drops file in Drivers directory

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Loads dropped DLL

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks