General
-
Target
cefc1c81ba716b291796b9cc7667fb6132b1807a471d2bbf765401b5f5ca7491.exe
-
Size
22KB
-
Sample
241119-qryxza1nfr
-
MD5
ba0ecf99666dc2f69661a757d551dc2b
-
SHA1
85ae3f2ac1f9e74c32fc448624e7d415b4f22abf
-
SHA256
cefc1c81ba716b291796b9cc7667fb6132b1807a471d2bbf765401b5f5ca7491
-
SHA512
7615576e41c1a135cb284c61efbf9767df837b98a627e6ab8a970649e16f7409a87d3c750bad4d29fba6432d5c33fe82cbe11192e3dc4617ccd120f63b418f2f
-
SSDEEP
384:vjBH0x+4yzI7eaoklZ598CVU3/Vz0nBgmEZBOvgKDDHn8hrjUB:vjw+4kIgkv8CVI9wnBxEZAHniS
Malware Config
Targets
-
-
Target
cefc1c81ba716b291796b9cc7667fb6132b1807a471d2bbf765401b5f5ca7491.exe
-
Size
22KB
-
MD5
ba0ecf99666dc2f69661a757d551dc2b
-
SHA1
85ae3f2ac1f9e74c32fc448624e7d415b4f22abf
-
SHA256
cefc1c81ba716b291796b9cc7667fb6132b1807a471d2bbf765401b5f5ca7491
-
SHA512
7615576e41c1a135cb284c61efbf9767df837b98a627e6ab8a970649e16f7409a87d3c750bad4d29fba6432d5c33fe82cbe11192e3dc4617ccd120f63b418f2f
-
SSDEEP
384:vjBH0x+4yzI7eaoklZ598CVU3/Vz0nBgmEZBOvgKDDHn8hrjUB:vjw+4kIgkv8CVI9wnBxEZAHniS
Score8/10-
Disables RegEdit via registry modification
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Drops file in System32 directory
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1