General

  • Target

    32a11072752fb0093b0bdcfb770c24e39f585adde55fc7fcf481a9bb32cd31d3N.exe

  • Size

    55KB

  • Sample

    241113-j2m5ws1ncm

  • MD5

    0b2c378b1f320428aac0f117470e20e0

  • SHA1

    436e3ee0581c2cd94b9727b66cfea6b603a1fccd

  • SHA256

    32a11072752fb0093b0bdcfb770c24e39f585adde55fc7fcf481a9bb32cd31d3

  • SHA512

    0627e93b3f1c204c2754b34ace2e12134d3e774fd9e15d2eea4789cd6dcdf5b20857eba5aa972f65f229ca9b9e2e49b204c693daf5d1df0586f4f98b832c55be

  • SSDEEP

    1536:61SdpUqvpSoj3UQWf81J195mdwnouy8w:61Sd9nUQWQaWout

Malware Config

Targets

    • Target

      32a11072752fb0093b0bdcfb770c24e39f585adde55fc7fcf481a9bb32cd31d3N.exe

    • Size

      55KB

    • MD5

      0b2c378b1f320428aac0f117470e20e0

    • SHA1

      436e3ee0581c2cd94b9727b66cfea6b603a1fccd

    • SHA256

      32a11072752fb0093b0bdcfb770c24e39f585adde55fc7fcf481a9bb32cd31d3

    • SHA512

      0627e93b3f1c204c2754b34ace2e12134d3e774fd9e15d2eea4789cd6dcdf5b20857eba5aa972f65f229ca9b9e2e49b204c693daf5d1df0586f4f98b832c55be

    • SSDEEP

      1536:61SdpUqvpSoj3UQWf81J195mdwnouy8w:61Sd9nUQWQaWout

    • Modifies WinLogon for persistence

    • Modifies visibility of file extensions in Explorer

    • Modifies visiblity of hidden/system files in Explorer

    • UAC bypass

    • Disables RegEdit via registry modification

    • Disables use of System Restore points

    • Event Triggered Execution: Image File Execution Options Injection

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Adds Run key to start application

    • Checks whether UAC is enabled

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks