General

  • Target

    Release.zip

  • Size

    1.1MB

  • Sample

    241109-1cpe4asfpb

  • MD5

    8ba9098fc227e0aca39cf40132f8918b

  • SHA1

    3f3c095a8ce6a5b01570f7c49f61e97f4d20b262

  • SHA256

    21203a99b4cbc3cc4b2700de7ecd1cfabb6e041aab9fb1c7c1b75a50ea9f51b0

  • SHA512

    c4bd81ab4c4c289d131220cc039f772336f1a0bd4c8c96162af08e1e4ed0a767e948b41d9e5e83ad0925cebed48f9a900da555088cfa307092d4716409b07b8a

  • SSDEEP

    24576:M5RXtbrLQt2SbG41EW4BGQzKW1m9Oxo/e1d0ckQJHCZAeEDZ9:M5RdbHQ5GOEW4Bh7ms0evkQJHdeEP

Malware Config

Targets

    • Target

      emu/KeyAuthEmulator.exe

    • Size

      135KB

    • MD5

      cf78d5995312872c075ae9772a14a5a2

    • SHA1

      1de6c53b6acad6140567693f0fff7379826477a5

    • SHA256

      71fede3d07f8b24d08e15748abcd95abcfe48e21a5a71f0c96d6bf752c12252c

    • SHA512

      d4ca332800195a3a1c0dbe7c1669d91e23f5ad68c491589c8168b0040114fb761672778c39f092e8909133a1027e25e836f3951e17cffbc20e5fe5e271b0d845

    • SSDEEP

      3072:WjK4UGDHXrQ8hy7qgpHulWD9ZvZ5Pf3Ca10xuZ04ntfOCFhBuO:WjK4TDUqgpqWDLZ5H+xuZ04RFhA

    • Sets service image path in registry

    • Executes dropped EXE

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks