General

  • Target

    dab20fc577ce696039b0df7f6f28cb76

  • Size

    7KB

  • Sample

    240321-e4gnnsbg85

  • MD5

    dab20fc577ce696039b0df7f6f28cb76

  • SHA1

    c0ac0b6f7975bdba981b12cfe207c5f9f7e8acb2

  • SHA256

    6ab07e64e44056cecb166cc6da8c97dbbf6463bb9647d7adc9c826f811015d40

  • SHA512

    77d1d6e1f9994e4435c6cb544d48dcda5d6b66f9972fae98dfc68266d2c4215d85f31c0ae2ead4a771ae2ef7cc50093e3f9672aa901d0b7e81e37c6caec1e373

  • SSDEEP

    96:KCbTS8umad+dJRXqv4Q2hj5duWb9UuK1MiyAtfVZapMst8Gdv:HbTSRmawXKAhj5dpUuKnjVZaDt8Gdv

Malware Config

Targets

    • Target

      dab20fc577ce696039b0df7f6f28cb76

    • Size

      7KB

    • MD5

      dab20fc577ce696039b0df7f6f28cb76

    • SHA1

      c0ac0b6f7975bdba981b12cfe207c5f9f7e8acb2

    • SHA256

      6ab07e64e44056cecb166cc6da8c97dbbf6463bb9647d7adc9c826f811015d40

    • SHA512

      77d1d6e1f9994e4435c6cb544d48dcda5d6b66f9972fae98dfc68266d2c4215d85f31c0ae2ead4a771ae2ef7cc50093e3f9672aa901d0b7e81e37c6caec1e373

    • SSDEEP

      96:KCbTS8umad+dJRXqv4Q2hj5duWb9UuK1MiyAtfVZapMst8Gdv:HbTSRmawXKAhj5dpUuKnjVZaDt8Gdv

    • Modifies WinLogon for persistence

    • Drops file in Drivers directory

    • Sets service image path in registry

    • Modifies system executable filetype association

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Modifies WinLogon

MITRE ATT&CK Enterprise v15

Tasks