General

  • Target

    84b3e84a78c354963d976ef54066d4d1f9edea7c4713788e3167986801b78e8c

  • Size

    1.9MB

  • Sample

    250703-gj9vtsvmz5

  • MD5

    1f8d2f6160a3897964ffed7624b29ea1

  • SHA1

    33e09d6dad462d9dfd5bdebcd06260d89e081a3e

  • SHA256

    84b3e84a78c354963d976ef54066d4d1f9edea7c4713788e3167986801b78e8c

  • SHA512

    ef6598ff346d7573e48e79e023872513fd3b29763237a0853b551e6d0a711f60f2e29caaee635eb4cc6a55db0fec5ad8409c8ff6984bb4763bceab4ca9193396

  • SSDEEP

    49152:5Es1S16ETFBIT9sqC++P0pPAQ9zPOXLcX2xyATI:5E23dXA0

Score
10/10

Malware Config

Targets

    • Target

      84b3e84a78c354963d976ef54066d4d1f9edea7c4713788e3167986801b78e8c

    • Size

      1.9MB

    • MD5

      1f8d2f6160a3897964ffed7624b29ea1

    • SHA1

      33e09d6dad462d9dfd5bdebcd06260d89e081a3e

    • SHA256

      84b3e84a78c354963d976ef54066d4d1f9edea7c4713788e3167986801b78e8c

    • SHA512

      ef6598ff346d7573e48e79e023872513fd3b29763237a0853b551e6d0a711f60f2e29caaee635eb4cc6a55db0fec5ad8409c8ff6984bb4763bceab4ca9193396

    • SSDEEP

      49152:5Es1S16ETFBIT9sqC++P0pPAQ9zPOXLcX2xyATI:5E23dXA0

    Score
    10/10
    • Modifies WinLogon for persistence

    • Drops startup file

    • Executes dropped EXE

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks