General
-
Target
77b75ef2b087e43af291b2dde7be123f91eeec5d67e918186884e67bfa69c02d
-
Size
2.1MB
-
Sample
240522-3bv8csch77
-
MD5
b020de0b8135bfd41b136eb5b8572f2e
-
SHA1
e9382178428409fde954fa4d1b7ad32781dbb305
-
SHA256
77b75ef2b087e43af291b2dde7be123f91eeec5d67e918186884e67bfa69c02d
-
SHA512
6cdef0024a5570c0e6549da081ce4aa94a088009626cb9571e15515c7ea2062d6f8cf54e3c7b9074c9e566e6ed8d4b65bf62ec27d759675339b97e502b63114d
-
SSDEEP
49152:bYi2aV8V9QaHywQlYAiN9ef/3IXtdOOqxbwPsR7mGhQ:EAQxUlYTqVRLhQ
Malware Config
Targets
-
-
Target
77b75ef2b087e43af291b2dde7be123f91eeec5d67e918186884e67bfa69c02d
-
Size
2.1MB
-
MD5
b020de0b8135bfd41b136eb5b8572f2e
-
SHA1
e9382178428409fde954fa4d1b7ad32781dbb305
-
SHA256
77b75ef2b087e43af291b2dde7be123f91eeec5d67e918186884e67bfa69c02d
-
SHA512
6cdef0024a5570c0e6549da081ce4aa94a088009626cb9571e15515c7ea2062d6f8cf54e3c7b9074c9e566e6ed8d4b65bf62ec27d759675339b97e502b63114d
-
SSDEEP
49152:bYi2aV8V9QaHywQlYAiN9ef/3IXtdOOqxbwPsR7mGhQ:EAQxUlYTqVRLhQ
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1