General

  • Target

    81a3705b8622b73b2c632d3ac9fc9f9c3a1c2ccec1ce51afeb123776a2ce502f

  • Size

    74KB

  • Sample

    241121-2h7djatjcp

  • MD5

    731d6666529cc86df5504a3ef515041d

  • SHA1

    bdd1a9a0ba9065e02b5d9eeb6c0995472a724016

  • SHA256

    81a3705b8622b73b2c632d3ac9fc9f9c3a1c2ccec1ce51afeb123776a2ce502f

  • SHA512

    f2c4ad4c873da79cd3d4a7792b40db21052c349070b55ff660010baaaff6cae37ffa8ed333175df699b4fd921f0ab25f37a8bfe9ab089ae69ef89d6c5297c300

  • SSDEEP

    768:MjSyfzKjWDQmtR50xdvrDqx4Jl24fsYtP3kFwSviI22J/pDCTbdhAscbdKJPfYXf:MjSm7t5Sn44JsitP3+iIRufi8fIi6

Malware Config

Targets

    • Target

      81a3705b8622b73b2c632d3ac9fc9f9c3a1c2ccec1ce51afeb123776a2ce502f

    • Size

      74KB

    • MD5

      731d6666529cc86df5504a3ef515041d

    • SHA1

      bdd1a9a0ba9065e02b5d9eeb6c0995472a724016

    • SHA256

      81a3705b8622b73b2c632d3ac9fc9f9c3a1c2ccec1ce51afeb123776a2ce502f

    • SHA512

      f2c4ad4c873da79cd3d4a7792b40db21052c349070b55ff660010baaaff6cae37ffa8ed333175df699b4fd921f0ab25f37a8bfe9ab089ae69ef89d6c5297c300

    • SSDEEP

      768:MjSyfzKjWDQmtR50xdvrDqx4Jl24fsYtP3kFwSviI22J/pDCTbdhAscbdKJPfYXf:MjSm7t5Sn44JsitP3+iIRufi8fIi6

    • Disables Task Manager via registry modification

    • Disables cmd.exe use via registry modification

    • Disables taskbar notifications via registry modification

    • Disables use of System Restore points

    • Drops file in Drivers directory

    • Adds Run key to start application

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks