General
-
Target
1e552925d700da3967e6e121111d3c8965148a1a11d1ad23f44a2aa069f876ad
-
Size
71KB
-
Sample
240524-x5m6ysgf63
-
MD5
1c8439b60ef52e85fbbb656d1465a908
-
SHA1
af19f3a155f5bfc896ad740838a4179c09dad630
-
SHA256
1e552925d700da3967e6e121111d3c8965148a1a11d1ad23f44a2aa069f876ad
-
SHA512
858eba8cd11bceb4da7bb429ebd4a949eda617ef06ddab08f5385e02ae05d1803961ca148b8df46bd3f4a1b6f2377d00c8619f4de3fe0de940caf897fe7627c8
-
SSDEEP
768:EXKeT2Si83nLt8tkGX8uxOHgRrW5YLKG9Y/HrSNm0kmG7xMsVAnc3yy85SBiLFMY:EFrmh0HgB3LKrL9AcnQFMc9zwR6i+Bt
Behavioral task
behavioral1
Sample
1e552925d700da3967e6e121111d3c8965148a1a11d1ad23f44a2aa069f876ad.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
1e552925d700da3967e6e121111d3c8965148a1a11d1ad23f44a2aa069f876ad.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
1e552925d700da3967e6e121111d3c8965148a1a11d1ad23f44a2aa069f876ad
-
Size
71KB
-
MD5
1c8439b60ef52e85fbbb656d1465a908
-
SHA1
af19f3a155f5bfc896ad740838a4179c09dad630
-
SHA256
1e552925d700da3967e6e121111d3c8965148a1a11d1ad23f44a2aa069f876ad
-
SHA512
858eba8cd11bceb4da7bb429ebd4a949eda617ef06ddab08f5385e02ae05d1803961ca148b8df46bd3f4a1b6f2377d00c8619f4de3fe0de940caf897fe7627c8
-
SSDEEP
768:EXKeT2Si83nLt8tkGX8uxOHgRrW5YLKG9Y/HrSNm0kmG7xMsVAnc3yy85SBiLFMY:EFrmh0HgB3LKrL9AcnQFMc9zwR6i+Bt
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
UPX dump on OEP (original entry point)
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1