General
-
Target
09887c556940df9d1674b9545fc683f5ccb7c43270970cc4563952ef66848c8e
-
Size
211KB
-
Sample
240508-xpzj2sac4t
-
MD5
7a89eec390e688ddec6cb2de55dc99a7
-
SHA1
8590aeeb0098e8f5b3a732be23fe9336171faa37
-
SHA256
09887c556940df9d1674b9545fc683f5ccb7c43270970cc4563952ef66848c8e
-
SHA512
c2820aabeb045b98610e124145e4269f87ce074e89b2c7e46541a3bb54a581a068fcf093aaf9635992b96701b0c1cdef8559ecc56b955f8bdb9e6c1ae631b54d
-
SSDEEP
3072:JD6Xtx68yygRBE52mxkEOHLRMpZ4deth8PEAjAfIbAYGPhz6sPJBInxZqOr:Jh8cBzHLRMpZ4d1Zr
Malware Config
Targets
-
-
Target
09887c556940df9d1674b9545fc683f5ccb7c43270970cc4563952ef66848c8e
-
Size
211KB
-
MD5
7a89eec390e688ddec6cb2de55dc99a7
-
SHA1
8590aeeb0098e8f5b3a732be23fe9336171faa37
-
SHA256
09887c556940df9d1674b9545fc683f5ccb7c43270970cc4563952ef66848c8e
-
SHA512
c2820aabeb045b98610e124145e4269f87ce074e89b2c7e46541a3bb54a581a068fcf093aaf9635992b96701b0c1cdef8559ecc56b955f8bdb9e6c1ae631b54d
-
SSDEEP
3072:JD6Xtx68yygRBE52mxkEOHLRMpZ4deth8PEAjAfIbAYGPhz6sPJBInxZqOr:Jh8cBzHLRMpZ4d1Zr
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1