General

  • Target

    85734e953d02cb76263921b2a30e5e3ebef1bfb1758809d8a9b7d640c804c4ae

  • Size

    169KB

  • Sample

    221123-lvsg5scd27

  • MD5

    7bce2359aa3d49cc521ede62553bc21f

  • SHA1

    ce02e7d071964f24f00f17877cf340aaf7deca4a

  • SHA256

    85734e953d02cb76263921b2a30e5e3ebef1bfb1758809d8a9b7d640c804c4ae

  • SHA512

    cde5f91c68f289aebf91f2bdeafaa11036dbbc4a01236c082903468887243a38a16e85bf805a81f630cf8faca37a9e31b64ea1155366bc17958a2cf1952d92de

  • SSDEEP

    3072:SLpxTJJWCXx7vCg/s74+vOt0+6KMBKy6DJclb4+wFRR:St9RdvCg0vsF44+a

Score
10/10

Malware Config

Targets

    • Target

      85734e953d02cb76263921b2a30e5e3ebef1bfb1758809d8a9b7d640c804c4ae

    • Size

      169KB

    • MD5

      7bce2359aa3d49cc521ede62553bc21f

    • SHA1

      ce02e7d071964f24f00f17877cf340aaf7deca4a

    • SHA256

      85734e953d02cb76263921b2a30e5e3ebef1bfb1758809d8a9b7d640c804c4ae

    • SHA512

      cde5f91c68f289aebf91f2bdeafaa11036dbbc4a01236c082903468887243a38a16e85bf805a81f630cf8faca37a9e31b64ea1155366bc17958a2cf1952d92de

    • SSDEEP

      3072:SLpxTJJWCXx7vCg/s74+vOt0+6KMBKy6DJclb4+wFRR:St9RdvCg0vsF44+a

    Score
    10/10
    • Modifies WinLogon for persistence

    • Adds Run key to start application

    • Drops desktop.ini file(s)

    • Modifies WinLogon

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks