General
-
Target
untitled.exe
-
Size
245KB
-
Sample
241130-1mnxba1jcm
-
MD5
3d403f366d81c9017ea7242e083dad33
-
SHA1
d5abdf75c5ed5032b298fd2afb1a29ac97716519
-
SHA256
04e5c392d9ae6ce39e1181a75f6641ab11a33e2553368fe9d5802813ba5340ca
-
SHA512
5163ebf669f568d64f4cbbb8f9aec5382064cc0d32b3a603a3d0ac1feafe84c63c978c6092cf6b1c5a89012d6c1aeb3edf397fb96e782dc9c7ba23518fef68dc
-
SSDEEP
6144:wRywQEWjxXCcL5jrpSiPv6v3T64croHBf:wSGcFJ5wT+CBf
Static task
static1
Behavioral task
behavioral1
Sample
untitled.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
untitled.exe
-
Size
245KB
-
MD5
3d403f366d81c9017ea7242e083dad33
-
SHA1
d5abdf75c5ed5032b298fd2afb1a29ac97716519
-
SHA256
04e5c392d9ae6ce39e1181a75f6641ab11a33e2553368fe9d5802813ba5340ca
-
SHA512
5163ebf669f568d64f4cbbb8f9aec5382064cc0d32b3a603a3d0ac1feafe84c63c978c6092cf6b1c5a89012d6c1aeb3edf397fb96e782dc9c7ba23518fef68dc
-
SSDEEP
6144:wRywQEWjxXCcL5jrpSiPv6v3T64croHBf:wSGcFJ5wT+CBf
-
Possible privilege escalation attempt
-
Modifies file permissions
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Power Settings
powercfg controls all configurable power system settings on a Windows system and can be abused to prevent an infected host from locking or shutting down.
-
Drops file in System32 directory
-
Enumerates processes with tasklist
-
MITRE ATT&CK Enterprise v15
Persistence
Event Triggered Execution
1Accessibility Features
1Power Settings
1Privilege Escalation
Access Token Manipulation
1Create Process with Token
1Event Triggered Execution
1Accessibility Features
1Defense Evasion
Access Token Manipulation
1Create Process with Token
1File and Directory Permissions Modification
1Hide Artifacts
1Hidden Files and Directories
1Discovery
Peripheral Device Discovery
1Process Discovery
1Query Registry
4Remote System Discovery
1System Information Discovery
5System Location Discovery
1System Language Discovery
1System Network Configuration Discovery
1Internet Connection Discovery
1