General

  • Target

    95e3c55388d6d76c6d370fa6352b9e41e7c03583794fb3eab0056f084b75a9d6

  • Size

    3.2MB

  • Sample

    250703-gk97zsvm14

  • MD5

    565fd2a76be9db18d757cd5abde3825b

  • SHA1

    305670f4fdc298a6e9147359565af7a12e12434d

  • SHA256

    95e3c55388d6d76c6d370fa6352b9e41e7c03583794fb3eab0056f084b75a9d6

  • SHA512

    ae7b0b2b4726a2e8c07b61b19f9455d3e8878fadd8aeb4dec56820eab298bb0220a79455e159d1f36fbf5a18b7701474cb9a4930b4cfe0fe02ef499fb506ea1c

  • SSDEEP

    98304:5E2bS/Yy5j69xFMbGnvno/XRivB7MqU+Jsv/U6sj3CR:5nbBh95vnofRivB7MCJsvcxj3CR

Score
10/10

Malware Config

Targets

    • Target

      95e3c55388d6d76c6d370fa6352b9e41e7c03583794fb3eab0056f084b75a9d6

    • Size

      3.2MB

    • MD5

      565fd2a76be9db18d757cd5abde3825b

    • SHA1

      305670f4fdc298a6e9147359565af7a12e12434d

    • SHA256

      95e3c55388d6d76c6d370fa6352b9e41e7c03583794fb3eab0056f084b75a9d6

    • SHA512

      ae7b0b2b4726a2e8c07b61b19f9455d3e8878fadd8aeb4dec56820eab298bb0220a79455e159d1f36fbf5a18b7701474cb9a4930b4cfe0fe02ef499fb506ea1c

    • SSDEEP

      98304:5E2bS/Yy5j69xFMbGnvno/XRivB7MqU+Jsv/U6sj3CR:5nbBh95vnofRivB7MCJsvcxj3CR

    Score
    10/10
    • Modifies WinLogon for persistence

    • Drops startup file

    • Executes dropped EXE

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks