General
-
Target
.
-
Size
18KB
-
Sample
240328-df8ltabc33
-
MD5
280a1f12f3acc89e9f65c9add4c4c0e8
-
SHA1
48d1e8f0f2642321a458824fb3fdf38f01b2ab90
-
SHA256
c8b72c6ec96339cd96995d01bb7326009872f6e2e476bae67ae428c6d2cf731a
-
SHA512
ab20dfdc6869fd79c1afe846aa4d70914a1195a6553145a938f078f74034c7a8aadfbbf050c2d707de3a0522d594c4e14b86bbf37087015484835f43cd1dcdfa
-
SSDEEP
384:rZY3mIg4GDpmReVoOs4TN9ylKeGMbU8HhhbHPU7rS2LjFrSb+8VJCBXQL:rZb2GBVoOs4TryI1MjBhbvC7FrSzJQQL
Static task
static1
Behavioral task
behavioral1
Sample
.html
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
.
-
Size
18KB
-
MD5
280a1f12f3acc89e9f65c9add4c4c0e8
-
SHA1
48d1e8f0f2642321a458824fb3fdf38f01b2ab90
-
SHA256
c8b72c6ec96339cd96995d01bb7326009872f6e2e476bae67ae428c6d2cf731a
-
SHA512
ab20dfdc6869fd79c1afe846aa4d70914a1195a6553145a938f078f74034c7a8aadfbbf050c2d707de3a0522d594c4e14b86bbf37087015484835f43cd1dcdfa
-
SSDEEP
384:rZY3mIg4GDpmReVoOs4TN9ylKeGMbU8HhhbHPU7rS2LjFrSb+8VJCBXQL:rZb2GBVoOs4TryI1MjBhbvC7FrSzJQQL
Score10/10-
Modifies WinLogon for persistence
-
Disables RegEdit via registry modification
-
Drops desktop.ini file(s)
-
Legitimate hosting services abused for malware hosting/C2
-
Sets desktop wallpaper using registry
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Boot or Logon Autostart Execution
1Winlogon Helper DLL
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1