General

  • Target

    DC.exe

  • Size

    802KB

  • Sample

    241031-w6c7pstmgj

  • MD5

    ac34ba84a5054cd701efad5dd14645c9

  • SHA1

    dc74a9fd5560b7c7a0fc9d183de9d676e92b9e8b

  • SHA256

    c576f7f55c4c0304b290b15e70a638b037df15c69577cd6263329c73416e490e

  • SHA512

    df491306a3c8ddb580b7cca1dce9e22a87fd43ca3632f3630cdcbe114bef243e847b2ce774d688f6e142516f2e0fc49d30fad7c7168e627523da21e2fe06836a

  • SSDEEP

    12288:NaWzgMg7v3qnCiPErQohh0F4uCJ8lnyIQJ9QudhzYOekDXiGt8PSmQ:MaHMv6CrrjSnyIQ8+ekGA8PSmQ

Malware Config

Targets

    • Target

      DC.exe

    • Size

      802KB

    • MD5

      ac34ba84a5054cd701efad5dd14645c9

    • SHA1

      dc74a9fd5560b7c7a0fc9d183de9d676e92b9e8b

    • SHA256

      c576f7f55c4c0304b290b15e70a638b037df15c69577cd6263329c73416e490e

    • SHA512

      df491306a3c8ddb580b7cca1dce9e22a87fd43ca3632f3630cdcbe114bef243e847b2ce774d688f6e142516f2e0fc49d30fad7c7168e627523da21e2fe06836a

    • SSDEEP

      12288:NaWzgMg7v3qnCiPErQohh0F4uCJ8lnyIQJ9QudhzYOekDXiGt8PSmQ:MaHMv6CrrjSnyIQ8+ekGA8PSmQ

    • Modifies security service

    • Windows security modification

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks