Resubmissions

17/10/2024, 00:17

241017-ak7zas1fjh 8

17/10/2024, 00:14

241017-ajbvgavcjn 8

General

  • Target

    pct_trial_installer_20241016.17291238325471b9952.exe

  • Size

    1.5MB

  • Sample

    241017-ajbvgavcjn

  • MD5

    ea7ec8fe149f4a57f984673107ebf35b

  • SHA1

    bf23dc31b52af0f3a3d25bf05ef98721a2082e71

  • SHA256

    ceb8acbdf48ee006b368fd5fa86aba3a9e8afee375afcc08940422949368b710

  • SHA512

    fd6705ec5bca37c8584df99bc22a1a439d7b3aa3f0b5edfb4e50ad266102339f5ef79d6118a9de1a08a1f2dcb0b3a9d89d8e09bf4cf34e419500688225015ecc

  • SSDEEP

    24576:wtVrIcgpwG+yO2FU8Aj+X4cT+SOAh0IogVJ8EUXtvqYgRDm02MlnXjZ2nnWAN6Mv:ylgpwNynUNjwo9IodEkCr9HT2nnbQMv

Malware Config

Targets

    • Target

      pct_trial_installer_20241016.17291238325471b9952.exe

    • Size

      1.5MB

    • MD5

      ea7ec8fe149f4a57f984673107ebf35b

    • SHA1

      bf23dc31b52af0f3a3d25bf05ef98721a2082e71

    • SHA256

      ceb8acbdf48ee006b368fd5fa86aba3a9e8afee375afcc08940422949368b710

    • SHA512

      fd6705ec5bca37c8584df99bc22a1a439d7b3aa3f0b5edfb4e50ad266102339f5ef79d6118a9de1a08a1f2dcb0b3a9d89d8e09bf4cf34e419500688225015ecc

    • SSDEEP

      24576:wtVrIcgpwG+yO2FU8Aj+X4cT+SOAh0IogVJ8EUXtvqYgRDm02MlnXjZ2nnWAN6Mv:ylgpwNynUNjwo9IodEkCr9HT2nnbQMv

    • Command and Scripting Interpreter: PowerShell

      Run Powershell to modify Windows Defender settings to add exclusions for file extensions, paths, and processes.

    • Downloads MZ/PE file

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Target

      $TEMP/downloader_easeus/13.0/4trial/EDownloader.exe

    • Size

      1.2MB

    • MD5

      b5791976db6be716f520c660de443e8e

    • SHA1

      2a68065e1bce3540bbf506597639ea737d3817f2

    • SHA256

      863c1c6cfbc0e16ea72b7bae915806c77b1fce1366ca9eb00c7a87038066db60

    • SHA512

      8cc2c5703f02e0773ede600a16583776f4ec3fef9540eab1c5fb924fc8ecb1b84f4394c2dc9fa749f12cec45292495710b97f196015a0dafd3e571fba98c5b08

    • SSDEEP

      24576:LIHpr4Q+0X+oZPvTWifDZiKg/VXbbyEiSikGhiaUrAoxkxYufmRdY:L0U4uohabbGhYA6cfSdY

    Score
    3/10
    • Target

      $TEMP/downloader_easeus/13.0/4trial/aliyun/AliyunWrap.dll

    • Size

      549KB

    • MD5

      24c01bc1560fa2b6b72a201eeea4cbed

    • SHA1

      d66a91bd8faa929d6a5c46d5cfca2b3e5d24edb8

    • SHA256

      5875f5a1c9eb4c4c238c77104c946b6ecb9234609851edcf758d24bf3cdcb4c2

    • SHA512

      3a34db05cb5de1cb9c1fb0aabbaadfb5746f51d84d92ad9a52a343a4ebf78c688cdc6156647baa09343107c922ceb2f53e76d152bc5f6f761b6b1ba6c7cc7b7a

    • SSDEEP

      12288:DaK0OuDBlYPIj/q9DQsEfExtrlp87pMaIPuboWMlyF0PFWq:B9DeuBc/IPu8WMAF0PFWq

    Score
    3/10
    • Target

      $TEMP/downloader_easeus/13.0/4trial/aliyun/AliyunWrapExe.exe

    • Size

      106KB

    • MD5

      674413dbbc708d32d53b386254eedb54

    • SHA1

      281ef9b78e8a80dac4b4efe9d8d76ee4eeedc79c

    • SHA256

      72371235cb364ab3891597f40a3f50bd64660a808979bd28bcf1c0e7154aa949

    • SHA512

      34cd6e982c98d7d4cb763c9bbb20942a507fabc189f3fedd30433d2b79739189a3efbe81f4db465f9e401e3f01939bc8148b178679a0780fe1b000259fd947fe

    • SSDEEP

      1536:i554a+kMgHZ73LkUluTbDJgX+oLENoN2CraI9WkF1X8OEdlg5BaAUbpic4pf:hswTbD6LLraInhEdlg5BJUbpiVp

    Score
    3/10
    • Target

      $TEMP/downloader_easeus/13.0/4trial/aliyun/InfoForSetup.exe

    • Size

      65KB

    • MD5

      63c4d4021b71947a29db6c5e99678d4a

    • SHA1

      4d24026a82d98240221077dd72f3cc169c0597e5

    • SHA256

      33c5f40b242955b96710a9e54a109b083d014e9d061ce5ac2875aba20c0acab7

    • SHA512

      5cf5c481126fdb422614251dc4ed4052e36fc779226c5a233637f40f55d774d130b66342df47479e368b64f65b2a3eda6f62140e9413eb8540723043ac0f693b

    • SSDEEP

      768:zVyp8XwXEXrjOgRXvLH4IE3jDnIoiiBbIADgykhUMId50BLbZpiN5M3vqDGgo:zECwXShvLYIE3nnInie2khc50npic/yo

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks