General

  • Target

    2.3.3.1986.zip

  • Size

    335.5MB

  • Sample

    250120-vta15szpbt

  • MD5

    d2245fb5a57b263d651d20c417381438

  • SHA1

    e1dc1e912a53e1028402e690f12789b51d8fd27d

  • SHA256

    264337a6b9f20ea7220069a30e5aed09cd9efc8a9169cc6d33fb3e61ac7db232

  • SHA512

    901ce6dd2940bf72b7d38aa94f21be9e4c444efa333618c82f47116be1fe95b008c3b313095043fd8e739c1939bef18b45e5d92008589f1462a162302f950a01

  • SSDEEP

    6291456:y6o8nU4FBOF1N32GNW6n9KPlgB7c62vBYktFx9LbTLoRrwDS2FATO:/o47a1N32GNMPmBoYOb98rwHFAa

Malware Config

Targets

    • Target

      2.3.3.1986.zip

    • Size

      335.5MB

    • MD5

      d2245fb5a57b263d651d20c417381438

    • SHA1

      e1dc1e912a53e1028402e690f12789b51d8fd27d

    • SHA256

      264337a6b9f20ea7220069a30e5aed09cd9efc8a9169cc6d33fb3e61ac7db232

    • SHA512

      901ce6dd2940bf72b7d38aa94f21be9e4c444efa333618c82f47116be1fe95b008c3b313095043fd8e739c1939bef18b45e5d92008589f1462a162302f950a01

    • SSDEEP

      6291456:y6o8nU4FBOF1N32GNW6n9KPlgB7c62vBYktFx9LbTLoRrwDS2FATO:/o47a1N32GNMPmBoYOb98rwHFAa

    • Drops file in Drivers directory

    • Possible privilege escalation attempt

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies file permissions

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • File and Directory Permissions Modification: Windows File and Directory Permissions Modification

MITRE ATT&CK Enterprise v15

Tasks