General
-
Target
06024bec06fb17db8314ad5d506bc43d6ac6ee5ca56594aa25670e6943165025
-
Size
41KB
-
Sample
240523-wxmd1sbe8x
-
MD5
00d8fb703a25b8455adbf6b33ecd0ff6
-
SHA1
49f2bdb6b902bbe5024792ca6da9ca33d9d6083f
-
SHA256
06024bec06fb17db8314ad5d506bc43d6ac6ee5ca56594aa25670e6943165025
-
SHA512
755a7f2cce2a9834af190ce9d2c075a63ac108f688f5773cf7263f589e753243b4f8f4090e8b35cf5fda4f6b8b7111ff8268f0c8a03de0a899d3d2a2d37ae3c5
-
SSDEEP
768:+iZNPp0b5BbrMVUTBv6mkZ8jA7IwnDoSdW:+WNBGBrM6Fv6mkqyoT
Malware Config
Targets
-
-
Target
06024bec06fb17db8314ad5d506bc43d6ac6ee5ca56594aa25670e6943165025
-
Size
41KB
-
MD5
00d8fb703a25b8455adbf6b33ecd0ff6
-
SHA1
49f2bdb6b902bbe5024792ca6da9ca33d9d6083f
-
SHA256
06024bec06fb17db8314ad5d506bc43d6ac6ee5ca56594aa25670e6943165025
-
SHA512
755a7f2cce2a9834af190ce9d2c075a63ac108f688f5773cf7263f589e753243b4f8f4090e8b35cf5fda4f6b8b7111ff8268f0c8a03de0a899d3d2a2d37ae3c5
-
SSDEEP
768:+iZNPp0b5BbrMVUTBv6mkZ8jA7IwnDoSdW:+WNBGBrM6Fv6mkqyoT
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Drops file in System32 directory
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Boot or Logon Autostart Execution
1Winlogon Helper DLL
1Event Triggered Execution
1Change Default File Association
1