General
-
Target
LDPlayer9_ens_1001_ld.exe
-
Size
3.3MB
-
Sample
240630-ve6t9sthrk
-
MD5
86fca06e090f8017dd323ccc516a7ed9
-
SHA1
720fd4f4d0ac09308d19d229c8fbfde71313ce7d
-
SHA256
5516ce5826c34dc1d89b1373f09a5eb490cf1dab55f98da02bdc53a73b772874
-
SHA512
05f6ea47c48a2da3304a2d14a741403200ccf47e1f1b7155a2eba3fe694e4f42b8a327010fbc20b720ba06e4f84ee96b39d885989ae7cd20cc459261cd02b34b
-
SSDEEP
49152:SLgmKyhrX/3MwVn1pHtOUYqP3CFOrtG/JR9sXafgkDFMVR9C1UhPJXMK701hOHZ4:IgmKEX/3MS1t0xOoGBiCV2H1l
Static task
static1
Behavioral task
behavioral1
Sample
LDPlayer9_ens_1001_ld.exe
Resource
win11-20240611-en
Malware Config
Targets
-
-
Target
LDPlayer9_ens_1001_ld.exe
-
Size
3.3MB
-
MD5
86fca06e090f8017dd323ccc516a7ed9
-
SHA1
720fd4f4d0ac09308d19d229c8fbfde71313ce7d
-
SHA256
5516ce5826c34dc1d89b1373f09a5eb490cf1dab55f98da02bdc53a73b772874
-
SHA512
05f6ea47c48a2da3304a2d14a741403200ccf47e1f1b7155a2eba3fe694e4f42b8a327010fbc20b720ba06e4f84ee96b39d885989ae7cd20cc459261cd02b34b
-
SSDEEP
49152:SLgmKyhrX/3MwVn1pHtOUYqP3CFOrtG/JR9sXafgkDFMVR9C1UhPJXMK701hOHZ4:IgmKEX/3MS1t0xOoGBiCV2H1l
-
Creates new service(s)
-
Manipulates Digital Signatures
Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
-
Possible privilege escalation attempt
-
Modifies file permissions
-
Legitimate hosting services abused for malware hosting/C2
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Component Object Model Hijacking
1Privilege Escalation
Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Component Object Model Hijacking
1