General

  • Target

    250e0de37fe91973db306f7d2fbb95a2cdc6d22f833f0da307e6c475428ce68a

  • Size

    137KB

  • Sample

    250127-zdfnxavpbr

  • MD5

    58f01835ec26fc0329b7b230fe2bae39

  • SHA1

    767f9071b6687501b719d4aeb5c5e7cf3d21568c

  • SHA256

    250e0de37fe91973db306f7d2fbb95a2cdc6d22f833f0da307e6c475428ce68a

  • SHA512

    b723eeb6b7acc16bf5e539e2fd0a47a8372bb1aba24746b2d0ec3c5705a7c85f00420fa4a5d5133fbd4b66cd05f1224d7366109799eaaa1ff1cbf48d5b961df1

  • SSDEEP

    3072:+R02WMK8RJGInTlhnaBanONVk40rpg4yeF/TyUGSK9FrafcUksPxx6iTUuK:r25GgFny61mra0

Malware Config

Targets

    • Target

      250e0de37fe91973db306f7d2fbb95a2cdc6d22f833f0da307e6c475428ce68a

    • Size

      137KB

    • MD5

      58f01835ec26fc0329b7b230fe2bae39

    • SHA1

      767f9071b6687501b719d4aeb5c5e7cf3d21568c

    • SHA256

      250e0de37fe91973db306f7d2fbb95a2cdc6d22f833f0da307e6c475428ce68a

    • SHA512

      b723eeb6b7acc16bf5e539e2fd0a47a8372bb1aba24746b2d0ec3c5705a7c85f00420fa4a5d5133fbd4b66cd05f1224d7366109799eaaa1ff1cbf48d5b961df1

    • SSDEEP

      3072:+R02WMK8RJGInTlhnaBanONVk40rpg4yeF/TyUGSK9FrafcUksPxx6iTUuK:r25GgFny61mra0

    • Boot or Logon Autostart Execution: Port Monitors

      Adversaries may use port monitors to run an adversary supplied DLL during system boot for persistence or privilege escalation.

    • Sets service image path in registry

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks