General
-
Target
dab20fc577ce696039b0df7f6f28cb76
-
Size
7KB
-
Sample
240321-e4gnnsbg85
-
MD5
dab20fc577ce696039b0df7f6f28cb76
-
SHA1
c0ac0b6f7975bdba981b12cfe207c5f9f7e8acb2
-
SHA256
6ab07e64e44056cecb166cc6da8c97dbbf6463bb9647d7adc9c826f811015d40
-
SHA512
77d1d6e1f9994e4435c6cb544d48dcda5d6b66f9972fae98dfc68266d2c4215d85f31c0ae2ead4a771ae2ef7cc50093e3f9672aa901d0b7e81e37c6caec1e373
-
SSDEEP
96:KCbTS8umad+dJRXqv4Q2hj5duWb9UuK1MiyAtfVZapMst8Gdv:HbTSRmawXKAhj5dpUuKnjVZaDt8Gdv
Behavioral task
behavioral1
Sample
dab20fc577ce696039b0df7f6f28cb76.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
dab20fc577ce696039b0df7f6f28cb76.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
dab20fc577ce696039b0df7f6f28cb76
-
Size
7KB
-
MD5
dab20fc577ce696039b0df7f6f28cb76
-
SHA1
c0ac0b6f7975bdba981b12cfe207c5f9f7e8acb2
-
SHA256
6ab07e64e44056cecb166cc6da8c97dbbf6463bb9647d7adc9c826f811015d40
-
SHA512
77d1d6e1f9994e4435c6cb544d48dcda5d6b66f9972fae98dfc68266d2c4215d85f31c0ae2ead4a771ae2ef7cc50093e3f9672aa901d0b7e81e37c6caec1e373
-
SSDEEP
96:KCbTS8umad+dJRXqv4Q2hj5duWb9UuK1MiyAtfVZapMst8Gdv:HbTSRmawXKAhj5dpUuKnjVZaDt8Gdv
Score10/10-
Modifies WinLogon for persistence
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Modifies WinLogon
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
4Registry Run Keys / Startup Folder
2Winlogon Helper DLL
2Browser Extensions
1Event Triggered Execution
1Change Default File Association
1