General

  • Target

    .

  • Size

    1KB

  • Sample

    241109-1ahjrssfqn

  • MD5

    e54972ad6e49b9afd241728d2876e872

  • SHA1

    fb597a8e6b903f0dd681a31f6dd4c2cd451c5cf3

  • SHA256

    a1cb4008d59935c3dee671ea24ae1bd00c0aa981c1e64ce1b69e0a3eb180905f

  • SHA512

    371457aa30c0386fda2af5493c111abe05d1afdad9d8e2b275a35eaa1f8fe6159c0dce98b9c3728b4c34f7e9187212a705746fc583de3d7c7b1c1993db9c1dc8

Malware Config

Targets

    • Target

      .

    • Size

      1KB

    • MD5

      e54972ad6e49b9afd241728d2876e872

    • SHA1

      fb597a8e6b903f0dd681a31f6dd4c2cd451c5cf3

    • SHA256

      a1cb4008d59935c3dee671ea24ae1bd00c0aa981c1e64ce1b69e0a3eb180905f

    • SHA512

      371457aa30c0386fda2af5493c111abe05d1afdad9d8e2b275a35eaa1f8fe6159c0dce98b9c3728b4c34f7e9187212a705746fc583de3d7c7b1c1993db9c1dc8

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Detected potential entity reuse from brand STEAM.

MITRE ATT&CK Enterprise v15

Tasks