General

  • Target

    e32fe3713fae5e1785d46c14bc8b39cd533ae6659069a282d7bea52c39bc4e19

  • Size

    4.1MB

  • Sample

    250703-gpp3lst1bz

  • MD5

    f14cfee8f919f86784d30467b80251f1

  • SHA1

    12a70624faa0b01b004308f3b566731879e013d4

  • SHA256

    e32fe3713fae5e1785d46c14bc8b39cd533ae6659069a282d7bea52c39bc4e19

  • SHA512

    5982e886c6ec7c415ec827a578a7c6a5b7eddcbaeb907aedc77575f2bb3f92c9d7078633622804fe555d626944fe1088c81df98f4221ead9c7ac11c1ac0fdec5

  • SSDEEP

    49152:5Es1FRLb7Lb7Lrrb7brb7Ewmgi4uYCgrGgCYuU1B3zCOGHrSGjwe18wGHLuRapXx:5E21z1GHrHwe1auRa1x

Score
10/10

Malware Config

Targets

    • Target

      e32fe3713fae5e1785d46c14bc8b39cd533ae6659069a282d7bea52c39bc4e19

    • Size

      4.1MB

    • MD5

      f14cfee8f919f86784d30467b80251f1

    • SHA1

      12a70624faa0b01b004308f3b566731879e013d4

    • SHA256

      e32fe3713fae5e1785d46c14bc8b39cd533ae6659069a282d7bea52c39bc4e19

    • SHA512

      5982e886c6ec7c415ec827a578a7c6a5b7eddcbaeb907aedc77575f2bb3f92c9d7078633622804fe555d626944fe1088c81df98f4221ead9c7ac11c1ac0fdec5

    • SSDEEP

      49152:5Es1FRLb7Lb7Lrrb7brb7Ewmgi4uYCgrGgCYuU1B3zCOGHrSGjwe18wGHLuRapXx:5E21z1GHrHwe1auRa1x

    Score
    10/10
    • Modifies WinLogon for persistence

    • Drops startup file

    • Executes dropped EXE

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks