General
-
Target
07ea654ba805f82dda0ba70e9014f425
-
Size
1.7MB
-
Sample
231230-ab7beadccm
-
MD5
07ea654ba805f82dda0ba70e9014f425
-
SHA1
f55a8b8c68ff0dd9ce65826ec36430279ddb13c7
-
SHA256
04dda7bb206088660114542dc8ca36b2a1b94f3ffc5347289af449f12bcedca9
-
SHA512
0fb3d6845d47c5a70f7c77f8ff705361a71b4c5b4b94e9721af8788cbaa7b6d3c9212f803b92392659f2946ebdb9e69440e99e0630198ae3e98c70d97e9d5440
-
SSDEEP
49152:y8OU0+IDBPLyNP6RqiLMWhc9mvtzTI6W3gvS1pjtU2Z/9YD:y890dLyNCsWMWhnztWCS1pjNgD
Static task
static1
Behavioral task
behavioral1
Sample
07ea654ba805f82dda0ba70e9014f425.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
07ea654ba805f82dda0ba70e9014f425.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
http://pcprotectionutility.com/favicon.ico?0=72&1=0&2=1&3=57&4=i-s&5=7601&6=6&7=1&8=99600&9=1033&10=0&11=0000
Extracted
http://pcprotectionutility.com/favicon.ico?0=72&1=0&2=1&3=57&4=i-s&5=9200&6=6&7=2&8=919041&9=1033&10=0&11=0000
Targets
-
-
Target
07ea654ba805f82dda0ba70e9014f425
-
Size
1.7MB
-
MD5
07ea654ba805f82dda0ba70e9014f425
-
SHA1
f55a8b8c68ff0dd9ce65826ec36430279ddb13c7
-
SHA256
04dda7bb206088660114542dc8ca36b2a1b94f3ffc5347289af449f12bcedca9
-
SHA512
0fb3d6845d47c5a70f7c77f8ff705361a71b4c5b4b94e9721af8788cbaa7b6d3c9212f803b92392659f2946ebdb9e69440e99e0630198ae3e98c70d97e9d5440
-
SSDEEP
49152:y8OU0+IDBPLyNP6RqiLMWhc9mvtzTI6W3gvS1pjtU2Z/9YD:y890dLyNCsWMWhnztWCS1pjNgD
Score10/10-
Modifies WinLogon for persistence
-
Sets file execution options in registry
-
Stops running service(s)
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Create or Modify System Process
1Windows Service
1