General
-
Target
MrsMajor2.0-main.zip
-
Size
19.7MB
-
Sample
240311-lvqzbahb5s
-
MD5
89aa6864c707f6f807714ab587c6557b
-
SHA1
c7ab8a280c95b45fedb236eaa7f83bd844be118e
-
SHA256
c859e7b6801f5b595b0aa77b3e03476888f0242044514af63c50f8fd8cb4eb26
-
SHA512
092e52498e19b844e7d877c5795c3e2d1a2e2f72e97f9b5978abcb3da7299308108de896f130c5dba6c382df31ecf14b3fc798d26fca3b9ee05d73fe42fbf139
-
SSDEEP
393216:pObYcuKh1Qg75KUy2ZVQbUHmoYPDWFesJ0CMPIjpmUv4GTMeG6jHvSCeEWHtGvnY:kuKhCg7sjIC0PKWFesax8uGQeHjHvSzR
Static task
static1
Behavioral task
behavioral1
Sample
MrsMajor2.0.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
MrsMajor2.0.exe
-
Size
25.6MB
-
MD5
247a35851fdee53a1696715d67bd0905
-
SHA1
d2e86020e1d48e527e81e550f06c651328bd58a4
-
SHA256
5dd4ea169cabf9226f54bb53e63ea6a1b5880a0d1222242aee378efb6255b57d
-
SHA512
a173801aaef4fab608d99b52223b5b2400d69b91edcbf33c21fcb47bd832eef9d771dfd36da350a502a371ed1739c869a7c2b4dca456c93f2feed9ac9c647c7c
-
SSDEEP
786432:7VQ4fX8siQIZwastE9oGH5UcnaAVBmn163+L2:7ywXwdwRQo2O1L2
Score10/10-
Modifies WinLogon for persistence
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Possible privilege escalation attempt
-
Executes dropped EXE
-
Modifies file permissions
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Event Triggered Execution
1Change Default File Association
1Privilege Escalation
Abuse Elevation Control Mechanism
1Bypass User Account Control
1Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Event Triggered Execution
1Change Default File Association
1