General
-
Target
LDPlayer9_es_1009_ld (1).exe
-
Size
3.4MB
-
Sample
240705-y2wvcsxdjb
-
MD5
0d183c971971fe69c6c62b4bbfede0c7
-
SHA1
0ac34c620f6ab8ec1aa45312bfd54a794ebd7c28
-
SHA256
5f1ee7eac585adb1a5279041b286b4adff6ff9d29d459ca0dd05bb0d2bfe26d2
-
SHA512
c1990a97e1d1d1c93256dad443f2bc98739ca18b6e26b77a4810a190b70021aa64b77e33b387e124bc83356a3bdefadd900823f59039a2e50773c991796282fb
-
SSDEEP
49152:8LF2vxcUuniqfal7nA1pHtOUYqP3CFOrtG/JR9sXafgkDFMVR9C1UhPJXMK701hd:8LF2vFuniqfa21t0xOoGBiCV2HCyh
Static task
static1
Behavioral task
behavioral1
Sample
LDPlayer9_es_1009_ld (1).exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
LDPlayer9_es_1009_ld (1).exe
Resource
win10v2004-20240704-en
Malware Config
Targets
-
-
Target
LDPlayer9_es_1009_ld (1).exe
-
Size
3.4MB
-
MD5
0d183c971971fe69c6c62b4bbfede0c7
-
SHA1
0ac34c620f6ab8ec1aa45312bfd54a794ebd7c28
-
SHA256
5f1ee7eac585adb1a5279041b286b4adff6ff9d29d459ca0dd05bb0d2bfe26d2
-
SHA512
c1990a97e1d1d1c93256dad443f2bc98739ca18b6e26b77a4810a190b70021aa64b77e33b387e124bc83356a3bdefadd900823f59039a2e50773c991796282fb
-
SSDEEP
49152:8LF2vxcUuniqfal7nA1pHtOUYqP3CFOrtG/JR9sXafgkDFMVR9C1UhPJXMK701hd:8LF2vFuniqfa21t0xOoGBiCV2HCyh
-
Manipulates Digital Signatures
Attackers can apply techniques such as changing the registry keys of authenticode & Cryptography to obtain their binary as valid.
-
Possible privilege escalation attempt
-
Modifies file permissions
-
Checks for any installed AV software in registry
-
Downloads MZ/PE file
-
Event Triggered Execution: Component Object Model Hijacking
Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
-
MITRE ATT&CK Matrix ATT&CK v13
Defense Evasion
Subvert Trust Controls
2SIP and Trust Provider Hijacking
1Install Root Certificate
1File and Directory Permissions Modification
1Modify Registry
1