General
-
Target
3f8043c9ee50757444607d22f70c94ed3df175add0bd4dbb09239a44e1583c8c
-
Size
2.6MB
-
Sample
240522-zpkr1agc89
-
MD5
db9d14ae80710f32c9f7e678ebdc0928
-
SHA1
6cd2aca6b719bd8fd14ab6c7ef040910fa82afa7
-
SHA256
3f8043c9ee50757444607d22f70c94ed3df175add0bd4dbb09239a44e1583c8c
-
SHA512
fa06e543a6c9447ece98a9e70dfaceb387cc67edd4f4dffdb66d34f84c532bbdcf908680a45616594c1913710acbd7b970d9b1bb3d42def737f92da1af46cc6e
-
SSDEEP
49152:cYMum5+mnFOMaJGVAkfqKH64I66ZG4+uXBV4uTvM+v8g2qxL:ZMJrNAkfFI66f/M+v8g2qxL
Malware Config
Targets
-
-
Target
3f8043c9ee50757444607d22f70c94ed3df175add0bd4dbb09239a44e1583c8c
-
Size
2.6MB
-
MD5
db9d14ae80710f32c9f7e678ebdc0928
-
SHA1
6cd2aca6b719bd8fd14ab6c7ef040910fa82afa7
-
SHA256
3f8043c9ee50757444607d22f70c94ed3df175add0bd4dbb09239a44e1583c8c
-
SHA512
fa06e543a6c9447ece98a9e70dfaceb387cc67edd4f4dffdb66d34f84c532bbdcf908680a45616594c1913710acbd7b970d9b1bb3d42def737f92da1af46cc6e
-
SSDEEP
49152:cYMum5+mnFOMaJGVAkfqKH64I66ZG4+uXBV4uTvM+v8g2qxL:ZMJrNAkfFI66f/M+v8g2qxL
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1