General
-
Target
5c3a5108cb13a9cf6aee2ce4962c780e431eb3be5f776fd57992b2e4305c239bN
-
Size
114KB
-
Sample
241111-py1jpszalj
-
MD5
ae4ef3ccdb7b4e105c23f6b099ec4cb0
-
SHA1
3d75d4bda09cdf917ef36fb25e831ef9d1782c5c
-
SHA256
5c3a5108cb13a9cf6aee2ce4962c780e431eb3be5f776fd57992b2e4305c239b
-
SHA512
b49a409c48cf99cb7615434225506849d7dfcca1bcc5cab923dffff381d696a71726a19542783c5b17e6113c480ebc93146d4bcf30c3439934ec075044a6d921
-
SSDEEP
3072:zZjurA1K+w7KMuu1F+/jmSkmngV5CvMabvl:1V9pj/2+2QDbt
Static task
static1
Behavioral task
behavioral1
Sample
5c3a5108cb13a9cf6aee2ce4962c780e431eb3be5f776fd57992b2e4305c239bN.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
5c3a5108cb13a9cf6aee2ce4962c780e431eb3be5f776fd57992b2e4305c239bN.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
5c3a5108cb13a9cf6aee2ce4962c780e431eb3be5f776fd57992b2e4305c239bN
-
Size
114KB
-
MD5
ae4ef3ccdb7b4e105c23f6b099ec4cb0
-
SHA1
3d75d4bda09cdf917ef36fb25e831ef9d1782c5c
-
SHA256
5c3a5108cb13a9cf6aee2ce4962c780e431eb3be5f776fd57992b2e4305c239b
-
SHA512
b49a409c48cf99cb7615434225506849d7dfcca1bcc5cab923dffff381d696a71726a19542783c5b17e6113c480ebc93146d4bcf30c3439934ec075044a6d921
-
SSDEEP
3072:zZjurA1K+w7KMuu1F+/jmSkmngV5CvMabvl:1V9pj/2+2QDbt
Score10/10-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Sets service image path in registry
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
3Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
3Create or Modify System Process
1Windows Service
1Defense Evasion
Impair Defenses
1Disable or Modify System Firewall
1Modify Registry
4