General
-
Target
0241fed9dcf8aaad1825382591718a59f8a33255c7db87524fd5f4eb653626e0N
-
Size
596KB
-
Sample
241012-r5s5bazgjr
-
MD5
99d91a5ca408888ad0139ba017c263b0
-
SHA1
ee00c4cbb144833ea37557e09dab4d036cf491e3
-
SHA256
0241fed9dcf8aaad1825382591718a59f8a33255c7db87524fd5f4eb653626e0
-
SHA512
8910a22fe0a3a660e22fb8c8220abe6df6356eea3c342614dddb658bef7bc5c200fe605abdbde0ba50a61fa0e5fef9aae9f2bd083dff0bcfd4a204ed043bc164
-
SSDEEP
12288:zoRHn4Hb3Fttfn3uv8rN/epedENAXMuk5jVRCOqtmdWK:z2HnK1XrJepedEC45Bwfmc
Static task
static1
Behavioral task
behavioral1
Sample
0241fed9dcf8aaad1825382591718a59f8a33255c7db87524fd5f4eb653626e0N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
0241fed9dcf8aaad1825382591718a59f8a33255c7db87524fd5f4eb653626e0N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
0241fed9dcf8aaad1825382591718a59f8a33255c7db87524fd5f4eb653626e0N
-
Size
596KB
-
MD5
99d91a5ca408888ad0139ba017c263b0
-
SHA1
ee00c4cbb144833ea37557e09dab4d036cf491e3
-
SHA256
0241fed9dcf8aaad1825382591718a59f8a33255c7db87524fd5f4eb653626e0
-
SHA512
8910a22fe0a3a660e22fb8c8220abe6df6356eea3c342614dddb658bef7bc5c200fe605abdbde0ba50a61fa0e5fef9aae9f2bd083dff0bcfd4a204ed043bc164
-
SSDEEP
12288:zoRHn4Hb3Fttfn3uv8rN/epedENAXMuk5jVRCOqtmdWK:z2HnK1XrJepedEC45Bwfmc
-
Drops file in Drivers directory
-
Modifies Windows Firewall
-
Possible privilege escalation attempt
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies file permissions
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Defense Evasion
File and Directory Permissions Modification
1Hide Artifacts
2Hidden Files and Directories
2Impair Defenses
1Disable or Modify System Firewall
1Indicator Removal
1File Deletion
1