General
-
Target
e21d6217e7d9e11f33790e187c8ccd22fa2ed85fdebb650593fae04731151704
-
Size
283KB
-
Sample
240425-e2977sfc26
-
MD5
44e75d0f450a903f516e3afdf0fc4450
-
SHA1
16ecd1321ff91b2b4e28b8102eb96c650ae7cb5c
-
SHA256
e21d6217e7d9e11f33790e187c8ccd22fa2ed85fdebb650593fae04731151704
-
SHA512
b7cd5e2fb5a4210416362a1cb5948870cf0c8486359c3c1021b78b9690cc807d4fedec969e4237d4402aa15ebb8eae4207205ffff9247a0274eed8ce6814cc56
-
SSDEEP
6144:kvEN2U+T6i5LirrllHy4HUcMQY6kwzVdUsBbr/5m:WENN+T5xYrllrU7QY6kwzX/k
Static task
static1
Behavioral task
behavioral1
Sample
e21d6217e7d9e11f33790e187c8ccd22fa2ed85fdebb650593fae04731151704.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
e21d6217e7d9e11f33790e187c8ccd22fa2ed85fdebb650593fae04731151704.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
e21d6217e7d9e11f33790e187c8ccd22fa2ed85fdebb650593fae04731151704
-
Size
283KB
-
MD5
44e75d0f450a903f516e3afdf0fc4450
-
SHA1
16ecd1321ff91b2b4e28b8102eb96c650ae7cb5c
-
SHA256
e21d6217e7d9e11f33790e187c8ccd22fa2ed85fdebb650593fae04731151704
-
SHA512
b7cd5e2fb5a4210416362a1cb5948870cf0c8486359c3c1021b78b9690cc807d4fedec969e4237d4402aa15ebb8eae4207205ffff9247a0274eed8ce6814cc56
-
SSDEEP
6144:kvEN2U+T6i5LirrllHy4HUcMQY6kwzVdUsBbr/5m:WENN+T5xYrllrU7QY6kwzX/k
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1