General

  • Target

    Birele.exe

  • Size

    116KB

  • Sample

    241121-bxyf3axnez

  • MD5

    41789c704a0eecfdd0048b4b4193e752

  • SHA1

    fb1e8385691fa3293b7cbfb9b2656cf09f20e722

  • SHA256

    b2dcfdf9e7b09f2aa5004668370e77982963ace820e7285b2e264a294441da23

  • SHA512

    76391ac85fdc3be75441fcd6e19bed08b807d3946c7281c647f16a3be5388f7be307e6323fac8502430a4a6d800d52a88709592a49011ecc89de4f19102435ea

  • SSDEEP

    3072:pYV/aVHN9ySTn34w33FVTyuGAxsvBLSqAKZqoqrxy031l3y:8adNlltyu3Pa5gr33

Malware Config

Targets

    • Target

      Birele.exe

    • Size

      116KB

    • MD5

      41789c704a0eecfdd0048b4b4193e752

    • SHA1

      fb1e8385691fa3293b7cbfb9b2656cf09f20e722

    • SHA256

      b2dcfdf9e7b09f2aa5004668370e77982963ace820e7285b2e264a294441da23

    • SHA512

      76391ac85fdc3be75441fcd6e19bed08b807d3946c7281c647f16a3be5388f7be307e6323fac8502430a4a6d800d52a88709592a49011ecc89de4f19102435ea

    • SSDEEP

      3072:pYV/aVHN9ySTn34w33FVTyuGAxsvBLSqAKZqoqrxy031l3y:8adNlltyu3Pa5gr33

    • Modifies WinLogon for persistence

    • Impair Defenses: Safe Mode Boot

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks