General

  • Target

    4671a2b6c4d1b19595640721dc51e343c7b21db565c8714d082fccda773a674dN.exe

  • Size

    47KB

  • Sample

    241112-q9xgvsxlbj

  • MD5

    9d8511bf4a25576e31f30c5fb38a3ab0

  • SHA1

    a670610763f095968bfe3c6af62981315324e04e

  • SHA256

    4671a2b6c4d1b19595640721dc51e343c7b21db565c8714d082fccda773a674d

  • SHA512

    ae69acb32facb957eba6a53a55511a68d3a2521069c4dfd4f25754cfcb2358a30e752a96f61f295017c6fb8799792c7221d0ad749ab07f98615f64b1b36b68a5

  • SSDEEP

    768:PTAm5hiTllzeF/AJOTmbWa8RYdiU3/7Shy5nv9/vJ7o9B/PxDc2Zpo/:PLIcNTcWATPuhI963hDR8

Malware Config

Targets

    • Target

      4671a2b6c4d1b19595640721dc51e343c7b21db565c8714d082fccda773a674dN.exe

    • Size

      47KB

    • MD5

      9d8511bf4a25576e31f30c5fb38a3ab0

    • SHA1

      a670610763f095968bfe3c6af62981315324e04e

    • SHA256

      4671a2b6c4d1b19595640721dc51e343c7b21db565c8714d082fccda773a674d

    • SHA512

      ae69acb32facb957eba6a53a55511a68d3a2521069c4dfd4f25754cfcb2358a30e752a96f61f295017c6fb8799792c7221d0ad749ab07f98615f64b1b36b68a5

    • SSDEEP

      768:PTAm5hiTllzeF/AJOTmbWa8RYdiU3/7Shy5nv9/vJ7o9B/PxDc2Zpo/:PLIcNTcWATPuhI963hDR8

    • Modifies WinLogon for persistence

    • Disables RegEdit via registry modification

    • Disables Task Manager via registry modification

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks