General
-
Target
197a7eb580569665bf29d67c3ad05e927f876bdff58b4f4d0c398552c9d5c0d1
-
Size
207KB
-
Sample
240428-xqax3seh6t
-
MD5
2263f9031d6126f5e42493dc38abe95a
-
SHA1
06268124ab9eb62f03a589f5a42d1ac27d36306e
-
SHA256
197a7eb580569665bf29d67c3ad05e927f876bdff58b4f4d0c398552c9d5c0d1
-
SHA512
e3cf8dd7f51e0267c8041aa62c5d51ccbcc4a14c7af97155bdfd0bae822b1c49b15090a61d0b8dce6a0f1765b62853a014bd602114610f6d4cb26bdac5a92674
-
SSDEEP
3072:zvEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unz:zvEN2U+T6i5LirrllHy4HUcMQY6A
Malware Config
Targets
-
-
Target
197a7eb580569665bf29d67c3ad05e927f876bdff58b4f4d0c398552c9d5c0d1
-
Size
207KB
-
MD5
2263f9031d6126f5e42493dc38abe95a
-
SHA1
06268124ab9eb62f03a589f5a42d1ac27d36306e
-
SHA256
197a7eb580569665bf29d67c3ad05e927f876bdff58b4f4d0c398552c9d5c0d1
-
SHA512
e3cf8dd7f51e0267c8041aa62c5d51ccbcc4a14c7af97155bdfd0bae822b1c49b15090a61d0b8dce6a0f1765b62853a014bd602114610f6d4cb26bdac5a92674
-
SSDEEP
3072:zvEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unz:zvEN2U+T6i5LirrllHy4HUcMQY6A
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1