General

  • Target

    6b9a5e9ad58390ba01725b1cd3acabc72eb2816d629c39fa25bf34b26638f3c5N

  • Size

    195KB

  • Sample

    241112-qvbxlstemj

  • MD5

    e2485fb6e797ba31d66eb91545c6fcc0

  • SHA1

    bf1bc52d99be2941b77069e2138062ed11feef53

  • SHA256

    6b9a5e9ad58390ba01725b1cd3acabc72eb2816d629c39fa25bf34b26638f3c5

  • SHA512

    86ee239c9269845b014181ed1787cad08a9b151df57ef88a78e3dc1cb1725ce1d694fe15b177484e5b110945f355e1916f9bf081b6f4821f358f1ab26977cca4

  • SSDEEP

    6144:7Is9OKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7zjPFsEPAsKCyOW:uKofHfHTXQLzgvnzHPowYbvrjD/L7QPo

Malware Config

Targets

    • Target

      6b9a5e9ad58390ba01725b1cd3acabc72eb2816d629c39fa25bf34b26638f3c5N

    • Size

      195KB

    • MD5

      e2485fb6e797ba31d66eb91545c6fcc0

    • SHA1

      bf1bc52d99be2941b77069e2138062ed11feef53

    • SHA256

      6b9a5e9ad58390ba01725b1cd3acabc72eb2816d629c39fa25bf34b26638f3c5

    • SHA512

      86ee239c9269845b014181ed1787cad08a9b151df57ef88a78e3dc1cb1725ce1d694fe15b177484e5b110945f355e1916f9bf081b6f4821f358f1ab26977cca4

    • SSDEEP

      6144:7Is9OKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7zjPFsEPAsKCyOW:uKofHfHTXQLzgvnzHPowYbvrjD/L7QPo

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks