General
-
Target
cce15977bd2f07afc6203cf7686e6c49ed7f20603a2ba6a0bb4269b2a1d1f2ab
-
Size
1.1MB
-
Sample
240322-asz9esdf23
-
MD5
18327d35416e35c01e82453f12fb6bd0
-
SHA1
7be39d35ed15f69904cc3d4ec988fbb73a4ae056
-
SHA256
cce15977bd2f07afc6203cf7686e6c49ed7f20603a2ba6a0bb4269b2a1d1f2ab
-
SHA512
16538460f59239a54b514894b3a98ce3f13a8e4ef22aa4b3cdc9ef4d2e6c7e4fd72b684d989edb4fde2c97620edb36ff466b7df9fa218f5d009e51c797d87390
-
SSDEEP
24576:T+SlOaRgfVYVelNpy7r/LNqLNLKeZm5NdAeegGlPeWeeesiyeeeuk2ByO:qSUfVYVelNc7r/YtKeZm5IeegGBeWeeZ
Behavioral task
behavioral1
Sample
cce15977bd2f07afc6203cf7686e6c49ed7f20603a2ba6a0bb4269b2a1d1f2ab.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
cce15977bd2f07afc6203cf7686e6c49ed7f20603a2ba6a0bb4269b2a1d1f2ab.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
cce15977bd2f07afc6203cf7686e6c49ed7f20603a2ba6a0bb4269b2a1d1f2ab
-
Size
1.1MB
-
MD5
18327d35416e35c01e82453f12fb6bd0
-
SHA1
7be39d35ed15f69904cc3d4ec988fbb73a4ae056
-
SHA256
cce15977bd2f07afc6203cf7686e6c49ed7f20603a2ba6a0bb4269b2a1d1f2ab
-
SHA512
16538460f59239a54b514894b3a98ce3f13a8e4ef22aa4b3cdc9ef4d2e6c7e4fd72b684d989edb4fde2c97620edb36ff466b7df9fa218f5d009e51c797d87390
-
SSDEEP
24576:T+SlOaRgfVYVelNpy7r/LNqLNLKeZm5NdAeegGlPeWeeesiyeeeuk2ByO:qSUfVYVelNc7r/YtKeZm5IeegGBeWeeZ
Score10/10-
Modifies WinLogon for persistence
-
UPX dump on OEP (original entry point)
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Modifies system executable filetype association
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Modifies WinLogon
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
4Registry Run Keys / Startup Folder
2Winlogon Helper DLL
2Browser Extensions
1Event Triggered Execution
1Change Default File Association
1Privilege Escalation
Boot or Logon Autostart Execution
4Registry Run Keys / Startup Folder
2Winlogon Helper DLL
2Event Triggered Execution
1Change Default File Association
1