General

  • Target

    11784f76306010d83ac02d685a5a66e1523a3bf72f721b8155c56910f9247ae8N

  • Size

    299KB

  • Sample

    241107-txadcawark

  • MD5

    89ae6c23ff7a96f7b2661b9b7ea4d780

  • SHA1

    25076e78104201bd319e5fd8930ff906086678eb

  • SHA256

    11784f76306010d83ac02d685a5a66e1523a3bf72f721b8155c56910f9247ae8

  • SHA512

    86ce6466987b091b630dc4ac4e0299a7815861eaf829d9edfffc38016412079e49b240767dc40a8a2f8d5af2b9046745160b70c695e283e377aeb16d4e083e02

  • SSDEEP

    3072:GKgOZAFt3ATFb6ftYmQdnlNlQ/D8lVWASNfyvfpWeuTHV9HYBeUhbDIDZB:3gOZJLvvKSzK63pWBVkaZ

Malware Config

Targets

    • Target

      11784f76306010d83ac02d685a5a66e1523a3bf72f721b8155c56910f9247ae8N

    • Size

      299KB

    • MD5

      89ae6c23ff7a96f7b2661b9b7ea4d780

    • SHA1

      25076e78104201bd319e5fd8930ff906086678eb

    • SHA256

      11784f76306010d83ac02d685a5a66e1523a3bf72f721b8155c56910f9247ae8

    • SHA512

      86ce6466987b091b630dc4ac4e0299a7815861eaf829d9edfffc38016412079e49b240767dc40a8a2f8d5af2b9046745160b70c695e283e377aeb16d4e083e02

    • SSDEEP

      3072:GKgOZAFt3ATFb6ftYmQdnlNlQ/D8lVWASNfyvfpWeuTHV9HYBeUhbDIDZB:3gOZJLvvKSzK63pWBVkaZ

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks