General

  • Target

    2bc088f56c9bb74963fc476e2473f1562d964e35e5976e24ea4eab66b8f7ef73

  • Size

    660KB

  • Sample

    241104-zqmyrazlcr

  • MD5

    f2952206cd2da13d2e80465fb5dc1dce

  • SHA1

    3cc9632db7f414b2e7aac0a46a9650d92a1b73dd

  • SHA256

    2bc088f56c9bb74963fc476e2473f1562d964e35e5976e24ea4eab66b8f7ef73

  • SHA512

    3cddc75aebf77562dbc62952b9db651aba97f3849875f45724839e8fbceda3a66039ec14e9cd1989067e12a4beedb5eda45b07d933adb00224726c8c6c736065

  • SSDEEP

    12288:fZVunYav79eKnZxCAgX2QRkOSllkpGF57Lsth6RpoX/wR4u2V:Rsp9eWZVnQecI7Q+pOEEV

Malware Config

Targets

    • Target

      2bc088f56c9bb74963fc476e2473f1562d964e35e5976e24ea4eab66b8f7ef73

    • Size

      660KB

    • MD5

      f2952206cd2da13d2e80465fb5dc1dce

    • SHA1

      3cc9632db7f414b2e7aac0a46a9650d92a1b73dd

    • SHA256

      2bc088f56c9bb74963fc476e2473f1562d964e35e5976e24ea4eab66b8f7ef73

    • SHA512

      3cddc75aebf77562dbc62952b9db651aba97f3849875f45724839e8fbceda3a66039ec14e9cd1989067e12a4beedb5eda45b07d933adb00224726c8c6c736065

    • SSDEEP

      12288:fZVunYav79eKnZxCAgX2QRkOSllkpGF57Lsth6RpoX/wR4u2V:Rsp9eWZVnQecI7Q+pOEEV

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks