General

  • Target

    32d772180173b638208195d0aabe76991aced1b3b9abd012e78864356ab2a4d1N

  • Size

    415KB

  • Sample

    241107-r9wq1atmbx

  • MD5

    bdaff98c2eeac2c7589d8d10b362f660

  • SHA1

    07325ebbacd0b6b31cfb1cc1a28531d3706f211a

  • SHA256

    32d772180173b638208195d0aabe76991aced1b3b9abd012e78864356ab2a4d1

  • SHA512

    35c8cf5f4819f5e5f8ebbbe2759117f371c1604a07fb1dfb9c0b88fd244a2c14df580d1ad8347e1f3927fb3d9c8e69c49dede0bab24db4040952ee0239ec14d6

  • SSDEEP

    6144:ghuGbXZA2zNMPMPwVtiN44zAi5NAOig3TBrCZMszqLi7ksvmacmWnZee:MuypA2hESwGRwg3TBPi7BvmZmwZr

Malware Config

Targets

    • Target

      32d772180173b638208195d0aabe76991aced1b3b9abd012e78864356ab2a4d1N

    • Size

      415KB

    • MD5

      bdaff98c2eeac2c7589d8d10b362f660

    • SHA1

      07325ebbacd0b6b31cfb1cc1a28531d3706f211a

    • SHA256

      32d772180173b638208195d0aabe76991aced1b3b9abd012e78864356ab2a4d1

    • SHA512

      35c8cf5f4819f5e5f8ebbbe2759117f371c1604a07fb1dfb9c0b88fd244a2c14df580d1ad8347e1f3927fb3d9c8e69c49dede0bab24db4040952ee0239ec14d6

    • SSDEEP

      6144:ghuGbXZA2zNMPMPwVtiN44zAi5NAOig3TBrCZMszqLi7ksvmacmWnZee:MuypA2hESwGRwg3TBPi7BvmZmwZr

    • Downloads MZ/PE file

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks