General
-
Target
f640afd4e1e4bc2965ba44995eafce04.bin
-
Size
747KB
-
Sample
230816-czf58see36
-
MD5
f640afd4e1e4bc2965ba44995eafce04
-
SHA1
4a252362dad89aad1d5185b0dbff737f19c32be9
-
SHA256
8281f528e31da90e0cbb66466ad0626b1a558a41681e264012276db748cc899b
-
SHA512
09ca103f0912970098454aa6680025f3b6d85f5fc18e5e5185470fd1857b639b032df2568d73048d9d5ece24581d1d0309cc6dfd0f758aa60fe5d2183f32e63b
-
SSDEEP
12288:BCbheBYg1f6tZuVse/n+7Xv3fX8b2HuDS9pGHOAutKzANIm517prd:MeB3egZev0pS9pGHOAutKzANIm1X
Malware Config
Targets
-
-
Target
f640afd4e1e4bc2965ba44995eafce04.bin
-
Size
747KB
-
MD5
f640afd4e1e4bc2965ba44995eafce04
-
SHA1
4a252362dad89aad1d5185b0dbff737f19c32be9
-
SHA256
8281f528e31da90e0cbb66466ad0626b1a558a41681e264012276db748cc899b
-
SHA512
09ca103f0912970098454aa6680025f3b6d85f5fc18e5e5185470fd1857b639b032df2568d73048d9d5ece24581d1d0309cc6dfd0f758aa60fe5d2183f32e63b
-
SSDEEP
12288:BCbheBYg1f6tZuVse/n+7Xv3fX8b2HuDS9pGHOAutKzANIm517prd:MeB3egZev0pS9pGHOAutKzANIm1X
Score10/10-
Modifies WinLogon for persistence
-
Modifies visibility of file extensions in Explorer
-
UAC bypass
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1