General
-
Target
Optimizer-16.7.exe
-
Size
2.5MB
-
Sample
241121-ygy4zszndj
-
MD5
7f57207f221db2b08e27d64bc9121b28
-
SHA1
3bfc4b12a533ee1ce62e5d348027d4ac90ab49db
-
SHA256
03a234060541b686ac4265754aff43df9325c21383f90e17f831e67965d717f8
-
SHA512
7cc44ff1c3210db2478f4e37fef23669f0425b1b1672fc5f53956890daccb84b32fa25c8da9f7ce0cd1deb9e697e46cdae0762a0af818f98b93544b8e39f8a25
-
SSDEEP
24576:zv5MZtiOMKNOJMv9EC8oJ8VxHuDBjk38WuBcAbwoA/BkjSHXP36RMG:zxMZtiOMK9EC8oa6CSA/Bkj0
Malware Config
Targets
-
-
Target
Optimizer-16.7.exe
-
Size
2.5MB
-
MD5
7f57207f221db2b08e27d64bc9121b28
-
SHA1
3bfc4b12a533ee1ce62e5d348027d4ac90ab49db
-
SHA256
03a234060541b686ac4265754aff43df9325c21383f90e17f831e67965d717f8
-
SHA512
7cc44ff1c3210db2478f4e37fef23669f0425b1b1672fc5f53956890daccb84b32fa25c8da9f7ce0cd1deb9e697e46cdae0762a0af818f98b93544b8e39f8a25
-
SSDEEP
24576:zv5MZtiOMKNOJMv9EC8oJ8VxHuDBjk38WuBcAbwoA/BkjSHXP36RMG:zxMZtiOMK9EC8oa6CSA/Bkj0
Score10/10-
Disables service(s)
-
Modifies Windows Defender Real-time Protection settings
-
Modifies visibility of file extensions in Explorer
-
Event Triggered Execution: Image File Execution Options Injection
-
Stops running service(s)
-
Modifies file permissions
-
Legitimate hosting services abused for malware hosting/C2
-
Power Settings
powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.
-
MITRE ATT&CK Enterprise v15
Persistence
Create or Modify System Process
3Windows Service
3Event Triggered Execution
1Image File Execution Options Injection
1Power Settings
1Privilege Escalation
Create or Modify System Process
3Windows Service
3Event Triggered Execution
1Image File Execution Options Injection
1