General

  • Target

    737fe5c87742c01410f306240ee70db1e12302f0fb33947eba00bb612dc9197f.exe

  • Size

    62KB

  • Sample

    241117-lfpgyawld1

  • MD5

    a7d836b4b8d8d7217746dd3b87135037

  • SHA1

    ab0273eee75e77df6532434fb64bf6d931558422

  • SHA256

    737fe5c87742c01410f306240ee70db1e12302f0fb33947eba00bb612dc9197f

  • SHA512

    5343047926a923c67e438d755f2bcd789c8734a797521bcf001bdd8a0500abafe423823c43b57f8e0e53a7b5194c998f4686194f35f143316dbaa26e7dda4303

  • SSDEEP

    1536:8g/9T8ROcQupqqusN3mrS/ztMhkywRFUnTmc5n4IIIIIIIIIIIIIIIIII/IIIIIZ:8g585LpPCrQt7F84IIIIIIIIIIIIIIIH

Malware Config

Targets

    • Target

      737fe5c87742c01410f306240ee70db1e12302f0fb33947eba00bb612dc9197f.exe

    • Size

      62KB

    • MD5

      a7d836b4b8d8d7217746dd3b87135037

    • SHA1

      ab0273eee75e77df6532434fb64bf6d931558422

    • SHA256

      737fe5c87742c01410f306240ee70db1e12302f0fb33947eba00bb612dc9197f

    • SHA512

      5343047926a923c67e438d755f2bcd789c8734a797521bcf001bdd8a0500abafe423823c43b57f8e0e53a7b5194c998f4686194f35f143316dbaa26e7dda4303

    • SSDEEP

      1536:8g/9T8ROcQupqqusN3mrS/ztMhkywRFUnTmc5n4IIIIIIIIIIIIIIIIII/IIIIIZ:8g585LpPCrQt7F84IIIIIIIIIIIIIIIH

    • Modifies WinLogon for persistence

    • Modifies visiblity of hidden/system files in Explorer

    • Disables RegEdit via registry modification

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Executes dropped EXE

    • Modifies system executable filetype association

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks