General
-
Target
picofreelaodversion.zip
-
Size
37.0MB
-
Sample
241031-hkrlbatalk
-
MD5
30ad06c85007e7c43f11d0cd67726446
-
SHA1
25be9ad2764e616c814fd26e37a269f71b019829
-
SHA256
b76ab953eb39bfb300a6cb576ad91d58f394f5ac9f728b234ffe95eb876c9196
-
SHA512
b3791f9fa412740d8363f81811ebc967b84a65c6a20c750e4737c22af5b57fbfbba5a857e41c5f20136b43d274ae119befb1476b4f8a17e667dc366af4eb02f5
-
SSDEEP
786432:fPf1gZsPoqiEf3qcgrv+O6ovqvM9wqMRY028BZSlslsvozhjlHECSFG0:nelqvWrm+ivGwqMRY0FpOihjtIG0
Static task
static1
Behavioral task
behavioral1
Sample
КМSpicо.rar
Resource
win11-20241007-en
Malware Config
Targets
-
-
Target
КМSpicо.rar
-
Size
37.0MB
-
MD5
1489578698f5418825439fed0dcf93e7
-
SHA1
c01124424dee99c09660d093eea6c525856d813b
-
SHA256
20432382ee71d1d731ea85f1ab8ccf8507d9434308f403e78f348b874ca7e3c2
-
SHA512
2f9d9f928a4f13aad4a0d2058054587aa75cfac71d7e8afd4135b498a59f944b8d2b01b10957b9c2e0267a3dceb16c5bb4acf7617c8f754ba55c4cd9c653f822
-
SSDEEP
786432:NPf1gZsPoqiEf3qcgrv+O6ovqvM9wqMRY028BZSlslsvozhjlHECSFGf:delqvWrm+ivGwqMRY0FpOihjtIGf
-
Creates new service(s)
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Execution
Scheduled Task/Job
1Scheduled Task
1System Services
1Service Execution
1Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1Scheduled Task/Job
1Scheduled Task
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1Scheduled Task/Job
1Scheduled Task
1