General
-
Target
de114842968c01d6a5cca09dcb4df9e328f71e7f2bb03938657db33cddddc5b7
-
Size
148KB
-
Sample
240425-evfd9afc4s
-
MD5
c28e8d24d7f018d89b108d97436a95cf
-
SHA1
d7a8a723c69c9bc465cb9e27a509daec347887f6
-
SHA256
de114842968c01d6a5cca09dcb4df9e328f71e7f2bb03938657db33cddddc5b7
-
SHA512
312b7c59e53e67c832134dacf81655e5309ee4f7e1da07e31eaa2fbe9e4c13a49f20bc2a036bf43b8490cd49ba8830eecebfdbaf3488c97d6bd319c42a3dee8e
-
SSDEEP
1536:n4iA4UFVV+NVeTHNqIWKtIhXayH3l2TKjpX4iImVYpVcOB3IWVPdu:4eyVVKVe7NqDlhXaygCpXamVwcOdfTu
Malware Config
Targets
-
-
Target
de114842968c01d6a5cca09dcb4df9e328f71e7f2bb03938657db33cddddc5b7
-
Size
148KB
-
MD5
c28e8d24d7f018d89b108d97436a95cf
-
SHA1
d7a8a723c69c9bc465cb9e27a509daec347887f6
-
SHA256
de114842968c01d6a5cca09dcb4df9e328f71e7f2bb03938657db33cddddc5b7
-
SHA512
312b7c59e53e67c832134dacf81655e5309ee4f7e1da07e31eaa2fbe9e4c13a49f20bc2a036bf43b8490cd49ba8830eecebfdbaf3488c97d6bd319c42a3dee8e
-
SSDEEP
1536:n4iA4UFVV+NVeTHNqIWKtIhXayH3l2TKjpX4iImVYpVcOB3IWVPdu:4eyVVKVe7NqDlhXaygCpXamVwcOdfTu
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Drops file in Drivers directory
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1