07ec902716074642b4769a94245fcd611a36dfd1f8fc23b531cae046a008cb46 | Triage

Sharing

General

Target

07ec902716074642b4769a94245fcd611a36dfd1f8fc23b531cae046a008cb46
Size

122KB
Sample

221029-y26pkaebfq
MD5

45a3f764928cd419befef5afcb73b160
SHA1

40716a9a500da92b851a173399784ebf6db90662
SHA256

07ec902716074642b4769a94245fcd611a36dfd1f8fc23b531cae046a008cb46
SHA512

1bd974875dfd18e9ce84118bd2b5c7f5a3d5a51ef9f9ac6c0d690b561519d6eb6ca6f8756a4a6129d677234105783693aacb72f63d4beee3dede518f0a9fb804
SSDEEP

1536:nnyzF9MFVCujlsQoeQZZ86ukpj0nGGF9v+4DRP:nyzQVCujl71QZZ4kp4F9XtP

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  07ec902716074642b4769a94245fcd611a36dfd1f8fc23b531cae046a008cb46
- Size
  
  122KB
- MD5
  
  45a3f764928cd419befef5afcb73b160
- SHA1
  
  40716a9a500da92b851a173399784ebf6db90662
- SHA256
  
  07ec902716074642b4769a94245fcd611a36dfd1f8fc23b531cae046a008cb46
- SHA512
  
  1bd974875dfd18e9ce84118bd2b5c7f5a3d5a51ef9f9ac6c0d690b561519d6eb6ca6f8756a4a6129d677234105783693aacb72f63d4beee3dede518f0a9fb804
- SSDEEP
  
  1536:nnyzF9MFVCujlsQoeQZZ86ukpj0nGGF9v+4DRP:nyzQVCujl71QZZ4kp4F9XtP
Score

10^/10

evasion persistence
- Modifies WinLogon for persistence
  persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Modifies Installed Components in the registry
  persistence
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence