General

  • Target

    0e39f68d06340f8aa3bba080c2d1651dcb6d90b569b351d81b39ef8fc4339d87N

  • Size

    76KB

  • Sample

    241109-qpcxqaxrdp

  • MD5

    199c43bf3646ee4ddc64bfb72de928f0

  • SHA1

    166f6ff4575b604b36fd3093e0e8cf665830896d

  • SHA256

    0e39f68d06340f8aa3bba080c2d1651dcb6d90b569b351d81b39ef8fc4339d87

  • SHA512

    165e69bb908a35bc3014d93d6346fe7e92dda1d62daea37adbbd2cd37e8e92259dd1e3382ec0fffc04cf9a33e15f2377bf9a25a56bba05f95c1b05420a5aa9f8

  • SSDEEP

    768:q0hdevvOHpOWNBuqMYjwxZY82It/u+bGF1DS73g+m5xqhGYS5f98:q0hHpmhYmFk1Q3K5yGLq

Malware Config

Targets

    • Target

      0e39f68d06340f8aa3bba080c2d1651dcb6d90b569b351d81b39ef8fc4339d87N

    • Size

      76KB

    • MD5

      199c43bf3646ee4ddc64bfb72de928f0

    • SHA1

      166f6ff4575b604b36fd3093e0e8cf665830896d

    • SHA256

      0e39f68d06340f8aa3bba080c2d1651dcb6d90b569b351d81b39ef8fc4339d87

    • SHA512

      165e69bb908a35bc3014d93d6346fe7e92dda1d62daea37adbbd2cd37e8e92259dd1e3382ec0fffc04cf9a33e15f2377bf9a25a56bba05f95c1b05420a5aa9f8

    • SSDEEP

      768:q0hdevvOHpOWNBuqMYjwxZY82It/u+bGF1DS73g+m5xqhGYS5f98:q0hHpmhYmFk1Q3K5yGLq

    • Modifies WinLogon for persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks