General
-
Target
38c0c19de593a923d60b9822e0a44960a0700c5f20ddaa4a4b3bb67410174a9cN
-
Size
67KB
-
Sample
241030-p7lf5steng
-
MD5
f69f05e374d47a922c7c591eaf43cd40
-
SHA1
82337f7bb233a4973f94ad2a9e4eb8c9727917ce
-
SHA256
38c0c19de593a923d60b9822e0a44960a0700c5f20ddaa4a4b3bb67410174a9c
-
SHA512
874e4cbf672b8f26853e2bafb0ec1eaa39ca4e74ec2f101c8c07d87d6042da00348eea9949d784507d672b86d82aa695224fe5cf28f94e6190f494e5649720ae
-
SSDEEP
1536:HuHBOqDdUwC2AVH+wDxPDsUnKntZ+EWAnTj42LoFLMBd:OLJ8Fhu+rkeMj
Static task
static1
Behavioral task
behavioral1
Sample
38c0c19de593a923d60b9822e0a44960a0700c5f20ddaa4a4b3bb67410174a9cN.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
38c0c19de593a923d60b9822e0a44960a0700c5f20ddaa4a4b3bb67410174a9cN.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
38c0c19de593a923d60b9822e0a44960a0700c5f20ddaa4a4b3bb67410174a9cN
-
Size
67KB
-
MD5
f69f05e374d47a922c7c591eaf43cd40
-
SHA1
82337f7bb233a4973f94ad2a9e4eb8c9727917ce
-
SHA256
38c0c19de593a923d60b9822e0a44960a0700c5f20ddaa4a4b3bb67410174a9c
-
SHA512
874e4cbf672b8f26853e2bafb0ec1eaa39ca4e74ec2f101c8c07d87d6042da00348eea9949d784507d672b86d82aa695224fe5cf28f94e6190f494e5649720ae
-
SSDEEP
1536:HuHBOqDdUwC2AVH+wDxPDsUnKntZ+EWAnTj42LoFLMBd:OLJ8Fhu+rkeMj
Score10/10-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Impair Defenses: Safe Mode Boot
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Image File Execution Options Injection
1Defense Evasion
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Hide Artifacts
2Hidden Files and Directories
2Impair Defenses
2Disable or Modify Tools
1Safe Mode Boot
1Modify Registry
6