General

  • Target

    SILENT - Bypass Alt Detection.exe

  • Size

    15.4MB

  • Sample

    241030-zfqlwszjfx

  • MD5

    71df8799fefd10e6e0201093d296c818

  • SHA1

    d11cfd7da9d1e67cb902e593bd63e0f7007c0a01

  • SHA256

    83c9f73526ca6fdb791b6508ed76c345141543656cd4175f838879fa2bdf154c

  • SHA512

    afa7f98ee928ac61f1a0f1dc8ec4ebcb60d77270575dce5cf91437eec151a0ad25820ee276105b34e8a20587106c7fa5b0794dcfa70205a6a6af31037c7df960

  • SSDEEP

    393216:99YiRUmS63hucsXMCHWUjPodaI8ZKl86OOIHRII:99YiGmD3hrsXMb8PDIKKl8

Malware Config

Targets

    • Target

      SILENT - Bypass Alt Detection.exe

    • Size

      15.4MB

    • MD5

      71df8799fefd10e6e0201093d296c818

    • SHA1

      d11cfd7da9d1e67cb902e593bd63e0f7007c0a01

    • SHA256

      83c9f73526ca6fdb791b6508ed76c345141543656cd4175f838879fa2bdf154c

    • SHA512

      afa7f98ee928ac61f1a0f1dc8ec4ebcb60d77270575dce5cf91437eec151a0ad25820ee276105b34e8a20587106c7fa5b0794dcfa70205a6a6af31037c7df960

    • SSDEEP

      393216:99YiRUmS63hucsXMCHWUjPodaI8ZKl86OOIHRII:99YiGmD3hrsXMb8PDIKKl8

    • Downloads MZ/PE file

    • Event Triggered Execution: Image File Execution Options Injection

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks whether UAC is enabled

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

    • Target

      silent_obf_1028352774414549072_47468be2-b0e9-4037-b339-f535d489dcf4.pyc

    • Size

      268KB

    • MD5

      a5eb12635497dd0cc9bb32f6a4568a67

    • SHA1

      0ac5108813391b7bd83427d7f39a7d5081bd1de9

    • SHA256

      1a951bc2ab693fb61aac1f7df260010610008ec67d2b3bfca5d408e86b22ba3b

    • SHA512

      9d603b57e58aa03384963ec859f62e23c70195193840fe7e9623c929915755ee4a69a17a3d08b54f231346d4012b470ccdb5337afa9d88701a22c8050767e056

    • SSDEEP

      6144:jAQ0lx3x1Qim59Rv5bSZeHIyaCA9P3zQB7T+egjonNvG8VY3m8ooMtScktcusPbi:MDLB1Qim5995b+eHIy/A13zQB7T+egj7

    Score
    3/10

MITRE ATT&CK Enterprise v15

Tasks