General
-
Target
5ae0f59c2b208b90d7a1d58c86f69416
-
Size
144KB
-
Sample
240114-lc2m4agfb6
-
MD5
5ae0f59c2b208b90d7a1d58c86f69416
-
SHA1
13d1257d938223af735c670608958cdee328cf8e
-
SHA256
09866a8d2ede13b512f3d6a4c57b5c9e286af70f63af018bb16c4bc4c314b134
-
SHA512
380f7133eac5aca6bab18215a29cb1c35dc69ea68a4d6eb9f2b197fb199e3840aa24f63fa9d1edf8ef2510071c9ed18b3b24c5335798f77910dd88d6c66f56e1
-
SSDEEP
3072:/H6aaeg3tZVuUXMqLvIP75rTTK/h4KtBfqXKPRPRU6/OYqF3+8/xHv:/HMDETTq7xPRU3P
Malware Config
Targets
-
-
Target
5ae0f59c2b208b90d7a1d58c86f69416
-
Size
144KB
-
MD5
5ae0f59c2b208b90d7a1d58c86f69416
-
SHA1
13d1257d938223af735c670608958cdee328cf8e
-
SHA256
09866a8d2ede13b512f3d6a4c57b5c9e286af70f63af018bb16c4bc4c314b134
-
SHA512
380f7133eac5aca6bab18215a29cb1c35dc69ea68a4d6eb9f2b197fb199e3840aa24f63fa9d1edf8ef2510071c9ed18b3b24c5335798f77910dd88d6c66f56e1
-
SSDEEP
3072:/H6aaeg3tZVuUXMqLvIP75rTTK/h4KtBfqXKPRPRU6/OYqF3+8/xHv:/HMDETTq7xPRU3P
Score10/10-
Modifies WinLogon for persistence
-
Modifies firewall policy service
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Winlogon Helper DLL
1Create or Modify System Process
1Windows Service
1