General
-
Target
e9cfa8c66a985b7f8cbf4e23fdfd250f355faf5dc324566085a58a98420aec12
-
Size
206KB
-
Sample
240523-e1mqhsdf8z
-
MD5
ecd1fdb29139aed81d9784489f632b4f
-
SHA1
22c5293b1666200628b5ee718b71a69e42714a83
-
SHA256
e9cfa8c66a985b7f8cbf4e23fdfd250f355faf5dc324566085a58a98420aec12
-
SHA512
c64b23b814b360792b5c406d156fa0d2511eec8ce2f002fe03003cc1ce9573109ab7dc854846e809214c0cea09a6553cbe0ffb54efd22ccf26b07cf1be1f71ee
-
SSDEEP
3072:zvEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unZD:zvEN2U+T6i5LirrllHy4HUcMQY6W
Malware Config
Targets
-
-
Target
e9cfa8c66a985b7f8cbf4e23fdfd250f355faf5dc324566085a58a98420aec12
-
Size
206KB
-
MD5
ecd1fdb29139aed81d9784489f632b4f
-
SHA1
22c5293b1666200628b5ee718b71a69e42714a83
-
SHA256
e9cfa8c66a985b7f8cbf4e23fdfd250f355faf5dc324566085a58a98420aec12
-
SHA512
c64b23b814b360792b5c406d156fa0d2511eec8ce2f002fe03003cc1ce9573109ab7dc854846e809214c0cea09a6553cbe0ffb54efd22ccf26b07cf1be1f71ee
-
SSDEEP
3072:zvEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unZD:zvEN2U+T6i5LirrllHy4HUcMQY6W
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1