General

  • Target

    Backdoor.Win32.IRCNite.jbcc9907e55f0d5592ff335d35708baeb186e11300df90aa3aef1a142344ecc493f.bin

  • Size

    159KB

  • Sample

    230505-xxtnrsaf7z

  • MD5

    709286f2947b18adb809110084227eea

  • SHA1

    2e17106d559df79268d4a8b65b3edf2becc01daa

  • SHA256

    c9907e55f0d5592ff335d35708baeb186e11300df90aa3aef1a142344ecc493f

  • SHA512

    3449920ebde4a20fe51cfe3dadda41c9ca220dc4d0eb2d782e13be074378c3f4653be8fa0492f50e8487756cb4d8ee003998f1bcc302cb54063f312a764dc6fa

  • SSDEEP

    3072:f2gWOEjo6pqMLvJkSo1KArzoHHAgzzInpD:OgXM9UKGzYHAKO

Malware Config

Targets

    • Target

      Backdoor.Win32.IRCNite.jbcc9907e55f0d5592ff335d35708baeb186e11300df90aa3aef1a142344ecc493f.bin

    • Size

      159KB

    • MD5

      709286f2947b18adb809110084227eea

    • SHA1

      2e17106d559df79268d4a8b65b3edf2becc01daa

    • SHA256

      c9907e55f0d5592ff335d35708baeb186e11300df90aa3aef1a142344ecc493f

    • SHA512

      3449920ebde4a20fe51cfe3dadda41c9ca220dc4d0eb2d782e13be074378c3f4653be8fa0492f50e8487756cb4d8ee003998f1bcc302cb54063f312a764dc6fa

    • SSDEEP

      3072:f2gWOEjo6pqMLvJkSo1KArzoHHAgzzInpD:OgXM9UKGzYHAKO

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Winlogon Helper DLL

1
T1004

Modify Existing Service

2
T1031

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Bypass User Account Control

1
T1088

Defense Evasion

Modify Registry

8
T1112

Bypass User Account Control

1
T1088

Disabling Security Tools

3
T1089

Discovery

System Information Discovery

1
T1082

Tasks