General
-
Target
71422bf602763fd91890dc95d17b4feed83f8fd78bfa934b200e7e94daf39d05
-
Size
3.4MB
-
Sample
241108-aj1tlazpaz
-
MD5
7d1c7fb063e54176e3020c3d721ca666
-
SHA1
63ee176eab527917291d36a641298b9a17548ec9
-
SHA256
71422bf602763fd91890dc95d17b4feed83f8fd78bfa934b200e7e94daf39d05
-
SHA512
e76990340a7a158a2162b6ee47fa00e3c04defb26910edf8e05616980e491a02bd1ecfcbbb0060776c0d8c576bf5e0f1055b9772dfba5a8c77d6d4dd27400ae2
-
SSDEEP
98304:XrQZjrQZYrQZjrQZgrQZjrQZYrQZjrQZR:Xr2jr2Yr2jr2gr2jr2Yr2jr2R
Behavioral task
behavioral1
Sample
71422bf602763fd91890dc95d17b4feed83f8fd78bfa934b200e7e94daf39d05.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
71422bf602763fd91890dc95d17b4feed83f8fd78bfa934b200e7e94daf39d05.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
71422bf602763fd91890dc95d17b4feed83f8fd78bfa934b200e7e94daf39d05
-
Size
3.4MB
-
MD5
7d1c7fb063e54176e3020c3d721ca666
-
SHA1
63ee176eab527917291d36a641298b9a17548ec9
-
SHA256
71422bf602763fd91890dc95d17b4feed83f8fd78bfa934b200e7e94daf39d05
-
SHA512
e76990340a7a158a2162b6ee47fa00e3c04defb26910edf8e05616980e491a02bd1ecfcbbb0060776c0d8c576bf5e0f1055b9772dfba5a8c77d6d4dd27400ae2
-
SSDEEP
98304:XrQZjrQZYrQZjrQZgrQZjrQZYrQZjrQZR:Xr2jr2Yr2jr2gr2jr2Yr2jr2R
-
Modifies visibility of file extensions in Explorer
-
Blocks application from running via registry modification
Adds application to list of disallowed applications.
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Indicator Removal: File Deletion
Adversaries may delete files left behind by the actions of their intrusion activity.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Image File Execution Options Injection
1Defense Evasion
Hide Artifacts
2Hidden Files and Directories
2Indicator Removal
1File Deletion
1Modify Registry
1