General
-
Target
d5a27e0aa98accd3eca2870d7f6807dd6d27a955e2fac249421d715f6d82f29d
-
Size
1.2MB
-
Sample
240524-ee3vlsca7x
-
MD5
4cdc7aced2193e8bccaa734b2b0f3e1a
-
SHA1
b7b934a4d5c380f529ec82f3edbe974e2db6aef9
-
SHA256
d5a27e0aa98accd3eca2870d7f6807dd6d27a955e2fac249421d715f6d82f29d
-
SHA512
6a5409ef065a0b411a9872134b39beb69fe9c19e302e06e1115c1355fc9a8c9fd9f0133cd4c991ce18bcc1a31b0561c0410b01a66dc31626e7197bc2ab340090
-
SSDEEP
24576:N5xolYQY6elrLMeYSiGTpTLDxxwqQcqOj5eyHox6ZGmAuXE7ZBlbo:oYBtPbVvwqQpoLHontDrlbo
Malware Config
Targets
-
-
Target
d5a27e0aa98accd3eca2870d7f6807dd6d27a955e2fac249421d715f6d82f29d
-
Size
1.2MB
-
MD5
4cdc7aced2193e8bccaa734b2b0f3e1a
-
SHA1
b7b934a4d5c380f529ec82f3edbe974e2db6aef9
-
SHA256
d5a27e0aa98accd3eca2870d7f6807dd6d27a955e2fac249421d715f6d82f29d
-
SHA512
6a5409ef065a0b411a9872134b39beb69fe9c19e302e06e1115c1355fc9a8c9fd9f0133cd4c991ce18bcc1a31b0561c0410b01a66dc31626e7197bc2ab340090
-
SSDEEP
24576:N5xolYQY6elrLMeYSiGTpTLDxxwqQcqOj5eyHox6ZGmAuXE7ZBlbo:oYBtPbVvwqQpoLHontDrlbo
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1