General

  • Target

    0da5654a008fb45bdf0aa4937e510bf2c73c9b4305b635e5ddc2694647e8a926

  • Size

    127KB

  • Sample

    221123-lvrwlsfg4y

  • MD5

    360c9a75c63394069851498d889fb949

  • SHA1

    65fbf1d955899507cb4ff58f0a6baee3cbc6a0dd

  • SHA256

    0da5654a008fb45bdf0aa4937e510bf2c73c9b4305b635e5ddc2694647e8a926

  • SHA512

    e81e186f34000b18c5f6ed3242819fa82b80324d9df3efedef199e98c722c35f2fe6238afb6176cd807dd96b3fcfc9ced749da7a7759f88a31e4ab55a48a0787

  • SSDEEP

    3072:wwYMIuDxqGnh5WaadSiCi7JHGcaFKAS00UVd:wSIuDxtnh5LadqS00Ur

Score
10/10

Malware Config

Targets

    • Target

      0da5654a008fb45bdf0aa4937e510bf2c73c9b4305b635e5ddc2694647e8a926

    • Size

      127KB

    • MD5

      360c9a75c63394069851498d889fb949

    • SHA1

      65fbf1d955899507cb4ff58f0a6baee3cbc6a0dd

    • SHA256

      0da5654a008fb45bdf0aa4937e510bf2c73c9b4305b635e5ddc2694647e8a926

    • SHA512

      e81e186f34000b18c5f6ed3242819fa82b80324d9df3efedef199e98c722c35f2fe6238afb6176cd807dd96b3fcfc9ced749da7a7759f88a31e4ab55a48a0787

    • SSDEEP

      3072:wwYMIuDxqGnh5WaadSiCi7JHGcaFKAS00UVd:wSIuDxtnh5LadqS00Ur

    Score
    10/10
    • Modifies WinLogon for persistence

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Modifies WinLogon

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks