General

  • Target

    Nuevo documento de texto.bat

  • Size

    161B

  • Sample

    250119-t2kd4swqck

  • MD5

    bfb548e1649da7e2822cd54634576f98

  • SHA1

    6e3226cdd6afba344abf7373512baed8688a20de

  • SHA256

    51e2b8a05553b168e86e2fbf344faca331585fd4b3f047b7e682886e98296413

  • SHA512

    93d566fe861c2216ec59bfcc6c2eb52f8f30050cc16c9526af13fd34c9787171bbac50840b9ecf5546f6bcd0fcc9ef131c9e7b2d23e179a0f01cf866f0459389

Malware Config

Targets

    • Target

      Nuevo documento de texto.bat

    • Size

      161B

    • MD5

      bfb548e1649da7e2822cd54634576f98

    • SHA1

      6e3226cdd6afba344abf7373512baed8688a20de

    • SHA256

      51e2b8a05553b168e86e2fbf344faca331585fd4b3f047b7e682886e98296413

    • SHA512

      93d566fe861c2216ec59bfcc6c2eb52f8f30050cc16c9526af13fd34c9787171bbac50840b9ecf5546f6bcd0fcc9ef131c9e7b2d23e179a0f01cf866f0459389

    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.

    • Possible privilege escalation attempt

    • Boot or Logon Autostart Execution: Print Processors

      Adversaries may abuse print processors to run malicious DLLs during system boot for persistence and/or privilege escalation.

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks