General

  • Target

    Backdoor.Win32.IRCNite.jbb1cec6181f1959c0f74b97ccefc9506b9447061d970dabc5c7e0688e9547b71a2.bin

  • Size

    159KB

  • Sample

    230507-gy9hlshg5v

  • MD5

    ab84d7ea8197b7b5c9e50b15339b4992

  • SHA1

    e577436e97210d0ac65388b1f666d3a0a4a73ee9

  • SHA256

    1cec6181f1959c0f74b97ccefc9506b9447061d970dabc5c7e0688e9547b71a2

  • SHA512

    10d1f2fabfbde3962f192efb38dc701d76fd87d4fdd3194d1ec90a5380596f26d804dd1bc28752c0ad9eb76918783bf6dafe33e3d0bbd6a15e90566a59b0fc1c

  • SSDEEP

    3072:iZX6JBgH9NMLvJkSo1KArzoHHAgzzInpcb:iZeqM9UKGzYHAKO

Malware Config

Targets

    • Target

      Backdoor.Win32.IRCNite.jbb1cec6181f1959c0f74b97ccefc9506b9447061d970dabc5c7e0688e9547b71a2.bin

    • Size

      159KB

    • MD5

      ab84d7ea8197b7b5c9e50b15339b4992

    • SHA1

      e577436e97210d0ac65388b1f666d3a0a4a73ee9

    • SHA256

      1cec6181f1959c0f74b97ccefc9506b9447061d970dabc5c7e0688e9547b71a2

    • SHA512

      10d1f2fabfbde3962f192efb38dc701d76fd87d4fdd3194d1ec90a5380596f26d804dd1bc28752c0ad9eb76918783bf6dafe33e3d0bbd6a15e90566a59b0fc1c

    • SSDEEP

      3072:iZX6JBgH9NMLvJkSo1KArzoHHAgzzInpcb:iZeqM9UKGzYHAKO

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Winlogon Helper DLL

1
T1004

Modify Existing Service

2
T1031

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Bypass User Account Control

1
T1088

Defense Evasion

Modify Registry

8
T1112

Bypass User Account Control

1
T1088

Disabling Security Tools

3
T1089

Discovery

System Information Discovery

1
T1082

Tasks