General
-
Target
.
-
Size
1KB
-
Sample
241109-1ahjrssfqn
-
MD5
e54972ad6e49b9afd241728d2876e872
-
SHA1
fb597a8e6b903f0dd681a31f6dd4c2cd451c5cf3
-
SHA256
a1cb4008d59935c3dee671ea24ae1bd00c0aa981c1e64ce1b69e0a3eb180905f
-
SHA512
371457aa30c0386fda2af5493c111abe05d1afdad9d8e2b275a35eaa1f8fe6159c0dce98b9c3728b4c34f7e9187212a705746fc583de3d7c7b1c1993db9c1dc8
Static task
static1
Behavioral task
behavioral1
Sample
.html
Resource
win11-20241007-en
Malware Config
Targets
-
-
Target
.
-
Size
1KB
-
MD5
e54972ad6e49b9afd241728d2876e872
-
SHA1
fb597a8e6b903f0dd681a31f6dd4c2cd451c5cf3
-
SHA256
a1cb4008d59935c3dee671ea24ae1bd00c0aa981c1e64ce1b69e0a3eb180905f
-
SHA512
371457aa30c0386fda2af5493c111abe05d1afdad9d8e2b275a35eaa1f8fe6159c0dce98b9c3728b4c34f7e9187212a705746fc583de3d7c7b1c1993db9c1dc8
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Installer Packages
1Privilege Escalation
Access Token Manipulation
1Create Process with Token
1Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Installer Packages
1Defense Evasion
Access Token Manipulation
1Create Process with Token
1Modify Registry
2Subvert Trust Controls
2Install Root Certificate
1SIP and Trust Provider Hijacking
1System Binary Proxy Execution
1Msiexec
1