General

  • Target

    EXM Free Tweaking Utility V6.1.cmd

  • Size

    405KB

  • Sample

    241105-rtmhdssfmd

  • MD5

    664af4e1163a83950604a335c7b8c8bd

  • SHA1

    786d608846c9aeabeeef448892ab31c0352be0ef

  • SHA256

    929f53f97de22862992c6eab7b02e30790a1ccb859a4ddf8fefc8fdeaf40e64a

  • SHA512

    90358f0f925715bc172686931999e615a5dd861c4e116bd5c9cd4b71756e30431f0704357d105dc7544e34d7aeb68feff9a436c96cbafac333fa5b229506b2ee

  • SSDEEP

    1536:7oKeETeqax7gueJd/MDD3KOphZsIsSGvGoU5WFXaiZUSfa+4S9xsp5DhL9vac:VJd0sIsfe8snVf

Malware Config

Targets

    • Target

      EXM Free Tweaking Utility V6.1.cmd

    • Size

      405KB

    • MD5

      664af4e1163a83950604a335c7b8c8bd

    • SHA1

      786d608846c9aeabeeef448892ab31c0352be0ef

    • SHA256

      929f53f97de22862992c6eab7b02e30790a1ccb859a4ddf8fefc8fdeaf40e64a

    • SHA512

      90358f0f925715bc172686931999e615a5dd861c4e116bd5c9cd4b71756e30431f0704357d105dc7544e34d7aeb68feff9a436c96cbafac333fa5b229506b2ee

    • SSDEEP

      1536:7oKeETeqax7gueJd/MDD3KOphZsIsSGvGoU5WFXaiZUSfa+4S9xsp5DhL9vac:VJd0sIsfe8snVf

    • Disables service(s)

    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • Modifies boot configuration data using bcdedit

    • Event Triggered Execution: Image File Execution Options Injection

MITRE ATT&CK Enterprise v15

Tasks