General
-
Target
NEAS.abd6aad3113565eb492da405f50b56a0.exe
-
Size
224KB
-
Sample
231031-kwmslsde41
-
MD5
abd6aad3113565eb492da405f50b56a0
-
SHA1
30acdf15489cbe722a19f40f90297fc402b11f71
-
SHA256
53d02106c081fcb5b10e866e1496a24cc40cc6f8a4ed861c7740ac50253c8827
-
SHA512
b8ad0b3f9634af5e77fed696e396ac2c3a3960efed9419e15b59b7a0b33d84633faabbb91e10809e81536447044f9fc29ba016eecc91b406a3d5d7a59a69e0da
-
SSDEEP
3072:XC3XWoixXDncBV4X5HzKxGYCzTNyTJQC2iLzkdNtTBLqdBW7Vy3U:UixXDcU5Eh2wIdNtT4SVp
Malware Config
Targets
-
-
Target
NEAS.abd6aad3113565eb492da405f50b56a0.exe
-
Size
224KB
-
MD5
abd6aad3113565eb492da405f50b56a0
-
SHA1
30acdf15489cbe722a19f40f90297fc402b11f71
-
SHA256
53d02106c081fcb5b10e866e1496a24cc40cc6f8a4ed861c7740ac50253c8827
-
SHA512
b8ad0b3f9634af5e77fed696e396ac2c3a3960efed9419e15b59b7a0b33d84633faabbb91e10809e81536447044f9fc29ba016eecc91b406a3d5d7a59a69e0da
-
SSDEEP
3072:XC3XWoixXDncBV4X5HzKxGYCzTNyTJQC2iLzkdNtTBLqdBW7Vy3U:UixXDcU5Eh2wIdNtT4SVp
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Drops file in Drivers directory
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1