General

  • Target

    0241fed9dcf8aaad1825382591718a59f8a33255c7db87524fd5f4eb653626e0N

  • Size

    596KB

  • Sample

    241012-r5s5bazgjr

  • MD5

    99d91a5ca408888ad0139ba017c263b0

  • SHA1

    ee00c4cbb144833ea37557e09dab4d036cf491e3

  • SHA256

    0241fed9dcf8aaad1825382591718a59f8a33255c7db87524fd5f4eb653626e0

  • SHA512

    8910a22fe0a3a660e22fb8c8220abe6df6356eea3c342614dddb658bef7bc5c200fe605abdbde0ba50a61fa0e5fef9aae9f2bd083dff0bcfd4a204ed043bc164

  • SSDEEP

    12288:zoRHn4Hb3Fttfn3uv8rN/epedENAXMuk5jVRCOqtmdWK:z2HnK1XrJepedEC45Bwfmc

Malware Config

Targets

    • Target

      0241fed9dcf8aaad1825382591718a59f8a33255c7db87524fd5f4eb653626e0N

    • Size

      596KB

    • MD5

      99d91a5ca408888ad0139ba017c263b0

    • SHA1

      ee00c4cbb144833ea37557e09dab4d036cf491e3

    • SHA256

      0241fed9dcf8aaad1825382591718a59f8a33255c7db87524fd5f4eb653626e0

    • SHA512

      8910a22fe0a3a660e22fb8c8220abe6df6356eea3c342614dddb658bef7bc5c200fe605abdbde0ba50a61fa0e5fef9aae9f2bd083dff0bcfd4a204ed043bc164

    • SSDEEP

      12288:zoRHn4Hb3Fttfn3uv8rN/epedENAXMuk5jVRCOqtmdWK:z2HnK1XrJepedEC45Bwfmc

    • Drops file in Drivers directory

    • Modifies Windows Firewall

    • Possible privilege escalation attempt

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks