General

  • Target

    b2dcfdf9e7b09f2aa5004668370e77982963ace820e7285b2e264a294441da23

  • Size

    116KB

  • Sample

    240302-zn2dcshg78

  • MD5

    41789c704a0eecfdd0048b4b4193e752

  • SHA1

    fb1e8385691fa3293b7cbfb9b2656cf09f20e722

  • SHA256

    b2dcfdf9e7b09f2aa5004668370e77982963ace820e7285b2e264a294441da23

  • SHA512

    76391ac85fdc3be75441fcd6e19bed08b807d3946c7281c647f16a3be5388f7be307e6323fac8502430a4a6d800d52a88709592a49011ecc89de4f19102435ea

  • SSDEEP

    3072:pYV/aVHN9ySTn34w33FVTyuGAxsvBLSqAKZqoqrxy031l3y:8adNlltyu3Pa5gr33

Score
10/10

Malware Config

Targets

    • Target

      b2dcfdf9e7b09f2aa5004668370e77982963ace820e7285b2e264a294441da23

    • Size

      116KB

    • MD5

      41789c704a0eecfdd0048b4b4193e752

    • SHA1

      fb1e8385691fa3293b7cbfb9b2656cf09f20e722

    • SHA256

      b2dcfdf9e7b09f2aa5004668370e77982963ace820e7285b2e264a294441da23

    • SHA512

      76391ac85fdc3be75441fcd6e19bed08b807d3946c7281c647f16a3be5388f7be307e6323fac8502430a4a6d800d52a88709592a49011ecc89de4f19102435ea

    • SSDEEP

      3072:pYV/aVHN9ySTn34w33FVTyuGAxsvBLSqAKZqoqrxy031l3y:8adNlltyu3Pa5gr33

    Score
    10/10
    • Modifies WinLogon for persistence

    • UPX dump on OEP (original entry point)

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks