General

  • Target

    241128-g3vv1swh2g_pw_infected.zip

  • Size

    43KB

  • Sample

    241128-hwpwvszkdx

  • MD5

    d1ba976c47651ee56a606e6f526ca9de

  • SHA1

    3bc7e48a818717481de3b27f3fbb35ca6ba64a2a

  • SHA256

    d9005111ca57535e19e317d5ffb5e86c7dc99f49e6a8cb1217cd647b8e427def

  • SHA512

    4713a985cd1ed46522e9710d92691c6f6808bed4ec4564930d5b0a78700cf0c6ce4f2f351b02ce49f7cce65d3783a1a222001f923119f3dadba5bfc1e8c1485c

  • SSDEEP

    768:PdASlKhXwfvtUxG5gwNfic2Bhm75fglgLCtBsuBfM0VQK9dT4:PdVKhXevtUxJKic2B5lgYtbWK9dT4

Malware Config

Targets

    • Target

      f7d6dc7643469fce0630581b4cd7ea2d27b6d744c9144a4220d6d3e56b13b623

    • Size

      97KB

    • MD5

      12f0e9582f0a65984653f75466709743

    • SHA1

      cad15055eee2576f2808d20f94da33c14bc29022

    • SHA256

      f7d6dc7643469fce0630581b4cd7ea2d27b6d744c9144a4220d6d3e56b13b623

    • SHA512

      ea43e1303c3b912a8ee237387e8e40c47e115c7d15a3d2bc2e9057c298eb48abe946d263d54de6085c8d8117efbba7fa163ead2f945699863b170c13ad03a78b

    • SSDEEP

      3072:kFPlxndf22h/xwXnTkai7MYRApCg9dgdmk1b5wdL3k:kZlxndf8nTqtS/9dgdmk1b5wdjk

    • Renames itself

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks