General
-
Target
de43b0c08e579bc5bb59493ea848b8b0_exe32.exe
-
Size
206KB
-
Sample
231015-yh81kshg47
-
MD5
de43b0c08e579bc5bb59493ea848b8b0
-
SHA1
1bb15ce188d11b7f07fa6cdc4eb1d26f8725ebaf
-
SHA256
08528cc1a9100ce58f9e1c83d6aba4ad35ca8f1cf181be8ced1a3fe694faf7bb
-
SHA512
987cfad042b9a85ca4037f92243397bd31f506a5d5be96086fffc50389f1bf4fd92dde9d65eba470ab8ee89701c3cbf14b8b35372fb8d4943a93aedd7a546a9f
-
SSDEEP
3072:avEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6un9:avEN2U+T6i5LirrllHy4HUcMQY6W
Malware Config
Targets
-
-
Target
de43b0c08e579bc5bb59493ea848b8b0_exe32.exe
-
Size
206KB
-
MD5
de43b0c08e579bc5bb59493ea848b8b0
-
SHA1
1bb15ce188d11b7f07fa6cdc4eb1d26f8725ebaf
-
SHA256
08528cc1a9100ce58f9e1c83d6aba4ad35ca8f1cf181be8ced1a3fe694faf7bb
-
SHA512
987cfad042b9a85ca4037f92243397bd31f506a5d5be96086fffc50389f1bf4fd92dde9d65eba470ab8ee89701c3cbf14b8b35372fb8d4943a93aedd7a546a9f
-
SSDEEP
3072:avEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6un9:avEN2U+T6i5LirrllHy4HUcMQY6W
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1