General

  • Target

    5a053fc59d7938da50f9eadac0cbe99fd73716f1993925ddc54357dd6f49df73

  • Size

    839KB

  • Sample

    250703-gjvqxatzf1

  • MD5

    5feb8a487bbabd7fcd6e4aa673d2154e

  • SHA1

    350e954453ac71ad420e6d6c5e4ff56b049d547c

  • SHA256

    5a053fc59d7938da50f9eadac0cbe99fd73716f1993925ddc54357dd6f49df73

  • SHA512

    37ac713e33ad4a2f0278ae8c94df1d92ed2250d87f94fa54cefe753370811917df89a72f4e744aface8d3f68158be233cdfe3533efb9d4b8f4ca024b7178c17e

  • SSDEEP

    12288:Ip4pNfz3ymJnJ8QCFkxCaQTOlOM64hY8+5MtnKrIQY8+5MtnKrIOg:iEtl9mRda1d+5KK/+5KKlg

Score
10/10

Malware Config

Targets

    • Target

      5a053fc59d7938da50f9eadac0cbe99fd73716f1993925ddc54357dd6f49df73

    • Size

      839KB

    • MD5

      5feb8a487bbabd7fcd6e4aa673d2154e

    • SHA1

      350e954453ac71ad420e6d6c5e4ff56b049d547c

    • SHA256

      5a053fc59d7938da50f9eadac0cbe99fd73716f1993925ddc54357dd6f49df73

    • SHA512

      37ac713e33ad4a2f0278ae8c94df1d92ed2250d87f94fa54cefe753370811917df89a72f4e744aface8d3f68158be233cdfe3533efb9d4b8f4ca024b7178c17e

    • SSDEEP

      12288:Ip4pNfz3ymJnJ8QCFkxCaQTOlOM64hY8+5MtnKrIQY8+5MtnKrIOg:iEtl9mRda1d+5KK/+5KKlg

    Score
    10/10
    • Modifies WinLogon for persistence

    • Drops startup file

    • Executes dropped EXE

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks