General

  • Target

    sample

  • Size

    27KB

  • Sample

    241113-dkjhgsymbq

  • MD5

    545665abdc59f8673693a4a69cb03308

  • SHA1

    6d5463d436b649fd4162873c47cc64a49a107f6c

  • SHA256

    ad4b6344fed5ed3c8c205f534450be18e9444ad9badd99846c516a215bf3acda

  • SHA512

    0853377626b1d9fc2ac92aef3e904ab2533bfbf3f73f8e2d9241b31c7434a1b5161036ba77425acfef1dd5264c0115c9e7578e855733056a6124b44cf89cfc7c

  • SSDEEP

    384:8E+Uw0KiLE0wMZTrVGZdqZUaAydkWKySYwExUukhW0tvdt6d8BQF68MYvxk9:6Uk03jGZdapNKZrdt8s81vxk9

Malware Config

Targets

    • Target

      sample

    • Size

      27KB

    • MD5

      545665abdc59f8673693a4a69cb03308

    • SHA1

      6d5463d436b649fd4162873c47cc64a49a107f6c

    • SHA256

      ad4b6344fed5ed3c8c205f534450be18e9444ad9badd99846c516a215bf3acda

    • SHA512

      0853377626b1d9fc2ac92aef3e904ab2533bfbf3f73f8e2d9241b31c7434a1b5161036ba77425acfef1dd5264c0115c9e7578e855733056a6124b44cf89cfc7c

    • SSDEEP

      384:8E+Uw0KiLE0wMZTrVGZdqZUaAydkWKySYwExUukhW0tvdt6d8BQF68MYvxk9:6Uk03jGZdapNKZrdt8s81vxk9

    • Downloads MZ/PE file

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks