General

  • Target

    b2e7592b58c66c1980646a6f06f94af7bcd5d349e0fd8e303b0d5751f51e8e1a

  • Size

    1.4MB

  • Sample

    250703-f3ey5ahq21

  • MD5

    357ca30ccca8d00f43761a9eacea9ae1

  • SHA1

    a39258e299b9d991e7cce9f492e419b3aa937acd

  • SHA256

    b2e7592b58c66c1980646a6f06f94af7bcd5d349e0fd8e303b0d5751f51e8e1a

  • SHA512

    5dfc4ffffa68952111d6e06636dd6153ea3a1ceaeb3764ea0b81aab1d372d6cec24427fb0ed2671eff9248523810cbd52ae1a8b7af6ef768a6f538fb3f0e1998

  • SSDEEP

    24576:iEtl9mRda1uAFqlGLbMMHMMMvMMZMMMKzb6XmMMMiMMMz8JMMHMMM6MMZMMMeXNO:5Es1ueMMHMMMvMMZMMMlmMMMiMMMYJMr

Score
10/10

Malware Config

Targets

    • Target

      b2e7592b58c66c1980646a6f06f94af7bcd5d349e0fd8e303b0d5751f51e8e1a

    • Size

      1.4MB

    • MD5

      357ca30ccca8d00f43761a9eacea9ae1

    • SHA1

      a39258e299b9d991e7cce9f492e419b3aa937acd

    • SHA256

      b2e7592b58c66c1980646a6f06f94af7bcd5d349e0fd8e303b0d5751f51e8e1a

    • SHA512

      5dfc4ffffa68952111d6e06636dd6153ea3a1ceaeb3764ea0b81aab1d372d6cec24427fb0ed2671eff9248523810cbd52ae1a8b7af6ef768a6f538fb3f0e1998

    • SSDEEP

      24576:iEtl9mRda1uAFqlGLbMMHMMMvMMZMMMKzb6XmMMMiMMMz8JMMHMMM6MMZMMMeXNO:5Es1ueMMHMMMvMMZMMMlmMMMiMMMYJMr

    Score
    10/10
    • Modifies WinLogon for persistence

    • Drops startup file

    • Executes dropped EXE

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks