General

  • Target

    daba32b027f96d4a7d825d9d8c3549921df9cc38acae0ebaa97d019b2bc3430eN

  • Size

    274KB

  • Sample

    241109-n2qcgatfnl

  • MD5

    7eb0f6acbb448b37ebe2f6ae55d67340

  • SHA1

    533597c49c7d863820b18a449526e4b621480353

  • SHA256

    daba32b027f96d4a7d825d9d8c3549921df9cc38acae0ebaa97d019b2bc3430e

  • SHA512

    15753ac055d57ef6d586eaf06305201f8332cf42e01473ba9b144b0182199a90358860444c58eb5a0e434c4db3f235ec4163fedf080b12bfa3c7d992e8e1d3bc

  • SSDEEP

    6144:lvI8cw5R6NtoK0zat8GzwzkIXfYnPYsNJ7:lQ8H5RISK0qjIQnAyd

Malware Config

Targets

    • Target

      daba32b027f96d4a7d825d9d8c3549921df9cc38acae0ebaa97d019b2bc3430eN

    • Size

      274KB

    • MD5

      7eb0f6acbb448b37ebe2f6ae55d67340

    • SHA1

      533597c49c7d863820b18a449526e4b621480353

    • SHA256

      daba32b027f96d4a7d825d9d8c3549921df9cc38acae0ebaa97d019b2bc3430e

    • SHA512

      15753ac055d57ef6d586eaf06305201f8332cf42e01473ba9b144b0182199a90358860444c58eb5a0e434c4db3f235ec4163fedf080b12bfa3c7d992e8e1d3bc

    • SSDEEP

      6144:lvI8cw5R6NtoK0zat8GzwzkIXfYnPYsNJ7:lQ8H5RISK0qjIQnAyd

    • Drops file in Drivers directory

    • Sets service image path in registry

    • Modifies system executable filetype association

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks