General

  • Target

    0b8125c18b46f26661993d615034623e812ad27bee784e2db06630021a798545

  • Size

    526KB

  • Sample

    250703-f8lnvsvlx8

  • MD5

    3eb372432fa3d18d86217b14c6c463f0

  • SHA1

    9ac67ab22d637898e7312b776d1b39da04d61cc0

  • SHA256

    0b8125c18b46f26661993d615034623e812ad27bee784e2db06630021a798545

  • SHA512

    365c95924d3c01ab9f5c4ae014f176b022ac15a76a0f184d43aabf9e11f4058e258350ef98dfcbf2462d225e104e855dbb811aa7eca979dbc4fc8bc4dbbcf072

  • SSDEEP

    6144:O82p4pFHfzMepymgWPnviP6Koa0nArn20l96tCF2eKNBDRlC8HQQDhy5OwbYBwML:Ip4pNfz3ymJnJ8QCFkxCaQTOlOM64f

Score
10/10

Malware Config

Targets

    • Target

      0b8125c18b46f26661993d615034623e812ad27bee784e2db06630021a798545

    • Size

      526KB

    • MD5

      3eb372432fa3d18d86217b14c6c463f0

    • SHA1

      9ac67ab22d637898e7312b776d1b39da04d61cc0

    • SHA256

      0b8125c18b46f26661993d615034623e812ad27bee784e2db06630021a798545

    • SHA512

      365c95924d3c01ab9f5c4ae014f176b022ac15a76a0f184d43aabf9e11f4058e258350ef98dfcbf2462d225e104e855dbb811aa7eca979dbc4fc8bc4dbbcf072

    • SSDEEP

      6144:O82p4pFHfzMepymgWPnviP6Koa0nArn20l96tCF2eKNBDRlC8HQQDhy5OwbYBwML:Ip4pNfz3ymJnJ8QCFkxCaQTOlOM64f

    Score
    10/10
    • Modifies WinLogon for persistence

    • Drops startup file

    • Executes dropped EXE

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks