General

  • Target

    49739cfe5ee6f22bb3a334cbabb696d1.exe

  • Size

    31KB

  • Sample

    240107-ycvk1acgdp

  • MD5

    49739cfe5ee6f22bb3a334cbabb696d1

  • SHA1

    2dd79a804e148dedd66ccd3c2929b746c840ad85

  • SHA256

    db2057d539fb0d20d8b6f5fb4cac48de0e74196951dfecfb19fb530db737545c

  • SHA512

    2682d08bc1effc2fd26a98acc88a07c3f3dcbd79c974b7ce34699eb4bd5503f831da14dbc89e862de7d4d0e0f126219d56fc80a31eb3fe9c89cfc023b9454143

  • SSDEEP

    768:wwcZ6MSrhMBeRFe0iLAVXKL0dZcXza+14Ar:6krh2eve0iMQLcZSza+

Score
10/10

Malware Config

Targets

    • Target

      49739cfe5ee6f22bb3a334cbabb696d1.exe

    • Size

      31KB

    • MD5

      49739cfe5ee6f22bb3a334cbabb696d1

    • SHA1

      2dd79a804e148dedd66ccd3c2929b746c840ad85

    • SHA256

      db2057d539fb0d20d8b6f5fb4cac48de0e74196951dfecfb19fb530db737545c

    • SHA512

      2682d08bc1effc2fd26a98acc88a07c3f3dcbd79c974b7ce34699eb4bd5503f831da14dbc89e862de7d4d0e0f126219d56fc80a31eb3fe9c89cfc023b9454143

    • SSDEEP

      768:wwcZ6MSrhMBeRFe0iLAVXKL0dZcXza+14Ar:6krh2eve0iMQLcZSza+

    Score
    10/10
    • Modifies WinLogon for persistence

    • Modifies firewall policy service

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks