General

  • Target

    CurdInstaller.exe

  • Size

    34.5MB

  • Sample

    241109-np1mnstdql

  • MD5

    5d758fbf8b5805f55f49af523be390e7

  • SHA1

    f5fb535ee4447f4e944c71a60ea754fe2654d05e

  • SHA256

    5ab331d20ad40c53b8fc3f1dc198c16cf9e1b64d5999d68ef52172d1ccb77ee2

  • SHA512

    af21e17acfb3c6349fcfd1d7ec2d6f0a5d3e143521d66c410be62cd3ca76e1a9d6031492697ec068f5ef5e977d040d8af9b2d9f5d2a6e4141e69377f93f8a477

  • SSDEEP

    786432:Zx5+QcJbdcYDgAXyaiXKCaYWc74VjE46/JsoE9Xh+R:v5+hKX0iNaYHST6/JUXUR

Malware Config

Targets

    • Target

      CurdInstaller.exe

    • Size

      34.5MB

    • MD5

      5d758fbf8b5805f55f49af523be390e7

    • SHA1

      f5fb535ee4447f4e944c71a60ea754fe2654d05e

    • SHA256

      5ab331d20ad40c53b8fc3f1dc198c16cf9e1b64d5999d68ef52172d1ccb77ee2

    • SHA512

      af21e17acfb3c6349fcfd1d7ec2d6f0a5d3e143521d66c410be62cd3ca76e1a9d6031492697ec068f5ef5e977d040d8af9b2d9f5d2a6e4141e69377f93f8a477

    • SSDEEP

      786432:Zx5+QcJbdcYDgAXyaiXKCaYWc74VjE46/JsoE9Xh+R:v5+hKX0iNaYHST6/JUXUR

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Mark of the Web detected: This indicates that the page was originally saved or cloned.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks