General

  • Target

    4550326a0074ac146293c9e7f712ae4ea898ab26445333d61c32745743861839

  • Size

    47KB

  • Sample

    241112-1hnqrasanf

  • MD5

    7f343f47ef6f3cab17335c85eb5141f0

  • SHA1

    fdc47c153fcb11d62fe00db66979a43681c3c140

  • SHA256

    4550326a0074ac146293c9e7f712ae4ea898ab26445333d61c32745743861839

  • SHA512

    52d5c4ebc2559a16824b5f0d0f97f3e0bb3a46e9dc29a6c8335dcfdf7a33df927336044163d1c71b891999ea40aabf4d88e1941bb8edf5f36e3f2103e3686f5d

  • SSDEEP

    768:WAUJmQCcmLCXQq6fsKiJYsIkjJVzqsVNkuGVAQvKMb7rQ/:RUNHFKQbIkHvQAFu7s/

Malware Config

Targets

    • Target

      4550326a0074ac146293c9e7f712ae4ea898ab26445333d61c32745743861839

    • Size

      47KB

    • MD5

      7f343f47ef6f3cab17335c85eb5141f0

    • SHA1

      fdc47c153fcb11d62fe00db66979a43681c3c140

    • SHA256

      4550326a0074ac146293c9e7f712ae4ea898ab26445333d61c32745743861839

    • SHA512

      52d5c4ebc2559a16824b5f0d0f97f3e0bb3a46e9dc29a6c8335dcfdf7a33df927336044163d1c71b891999ea40aabf4d88e1941bb8edf5f36e3f2103e3686f5d

    • SSDEEP

      768:WAUJmQCcmLCXQq6fsKiJYsIkjJVzqsVNkuGVAQvKMb7rQ/:RUNHFKQbIkHvQAFu7s/

    • Windows security bypass

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Drops file in Drivers directory

    • Event Triggered Execution: Image File Execution Options Injection

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Indicator Removal: Clear Persistence

      remove IFEO.

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks