General
-
Target
3427a3de054f8448871f3b2f58ad33d0b5893b9483cdc43399dd3fa8befcc77f
-
Size
211KB
-
Sample
240422-zfqxnaga9t
-
MD5
c51fc2f3b5baf94edd0a789e86064513
-
SHA1
e5bd7871977d8edb5374035ef4d6628cf9514889
-
SHA256
3427a3de054f8448871f3b2f58ad33d0b5893b9483cdc43399dd3fa8befcc77f
-
SHA512
2d6a8aae9161ebc43abcefcac70363f1dd4cfafd874117c52f2ff0c1dc5e28ac512cc6e70bb24c5d799939395e609ec05e26a526d02808b014388f73c97e637d
-
SSDEEP
3072:JD6Xtx68yygRBE52mxkEOHLRMpZ4deth8PEAjAfIbAYGPhz6sPJBInxZqON:Jh8cBzHLRMpZ4d1ZN
Malware Config
Targets
-
-
Target
3427a3de054f8448871f3b2f58ad33d0b5893b9483cdc43399dd3fa8befcc77f
-
Size
211KB
-
MD5
c51fc2f3b5baf94edd0a789e86064513
-
SHA1
e5bd7871977d8edb5374035ef4d6628cf9514889
-
SHA256
3427a3de054f8448871f3b2f58ad33d0b5893b9483cdc43399dd3fa8befcc77f
-
SHA512
2d6a8aae9161ebc43abcefcac70363f1dd4cfafd874117c52f2ff0c1dc5e28ac512cc6e70bb24c5d799939395e609ec05e26a526d02808b014388f73c97e637d
-
SSDEEP
3072:JD6Xtx68yygRBE52mxkEOHLRMpZ4deth8PEAjAfIbAYGPhz6sPJBInxZqON:Jh8cBzHLRMpZ4d1ZN
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1