General
-
Target
7faf355f150771e125b8e4eb345fd092ded04aa2c01cb419a105fa957afceb26N.exe
-
Size
328KB
-
Sample
241130-r8q45awqev
-
MD5
87ff8a4df8d83ab76a2c842954572930
-
SHA1
3bd1c9014ec8f2be2063f9f4badb67abaa566329
-
SHA256
7faf355f150771e125b8e4eb345fd092ded04aa2c01cb419a105fa957afceb26
-
SHA512
dd5b2b90f51c57d33fc1bcc178f482d04cd650d6d1e107cb99833b490fd32f67901b260639d81d5c0ac46e23b4cc59c0e5b7009cd01358f4ac374292e05090e2
-
SSDEEP
6144:RyWOeLm+tkxoGQvT+W4+HMc+MEGRQ6saHSMf3z0AzbLUG50Tpm+MmvbWdlL0d5aU:RCemx0vN3HKGi6sYjJLUGGtedud5tr7
Malware Config
Targets
-
-
Target
7faf355f150771e125b8e4eb345fd092ded04aa2c01cb419a105fa957afceb26N.exe
-
Size
328KB
-
MD5
87ff8a4df8d83ab76a2c842954572930
-
SHA1
3bd1c9014ec8f2be2063f9f4badb67abaa566329
-
SHA256
7faf355f150771e125b8e4eb345fd092ded04aa2c01cb419a105fa957afceb26
-
SHA512
dd5b2b90f51c57d33fc1bcc178f482d04cd650d6d1e107cb99833b490fd32f67901b260639d81d5c0ac46e23b4cc59c0e5b7009cd01358f4ac374292e05090e2
-
SSDEEP
6144:RyWOeLm+tkxoGQvT+W4+HMc+MEGRQ6saHSMf3z0AzbLUG50Tpm+MmvbWdlL0d5aU:RCemx0vN3HKGi6sYjJLUGGtedud5tr7
Score8/10-
Drops file in Drivers directory
-
Possible privilege escalation attempt
-
Sets service image path in registry
-
Deletes itself
-
Modifies file permissions
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Browser Extensions
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1