General
-
Target
24634244941f324c0cd8a2f1b512ec8dd9d7881cf1442153d07cda05047e7ff1.exe
-
Size
211KB
-
Sample
240524-yk69rsha4t
-
MD5
2739a2c901b5d4e244a3701333fb4893
-
SHA1
2d857b3836ac532f5c6d2c7acd095645c2e90b8b
-
SHA256
24634244941f324c0cd8a2f1b512ec8dd9d7881cf1442153d07cda05047e7ff1
-
SHA512
b194d27222a522c2b38a177044dfe67065ab3ffb7a2d37251733dc8a2a3fcce886bfba992527a68c29437c9fc254c38bf945a479b2a0950d24c10116cd401e50
-
SSDEEP
3072:WD6Xtx68yygRBE52mxkEOHLRMpZ4deth8PEAjAfIbAYGPhz6sPJBInxZqO0:Wh8cBzHLRMpZ4d1Z0
Malware Config
Targets
-
-
Target
24634244941f324c0cd8a2f1b512ec8dd9d7881cf1442153d07cda05047e7ff1.exe
-
Size
211KB
-
MD5
2739a2c901b5d4e244a3701333fb4893
-
SHA1
2d857b3836ac532f5c6d2c7acd095645c2e90b8b
-
SHA256
24634244941f324c0cd8a2f1b512ec8dd9d7881cf1442153d07cda05047e7ff1
-
SHA512
b194d27222a522c2b38a177044dfe67065ab3ffb7a2d37251733dc8a2a3fcce886bfba992527a68c29437c9fc254c38bf945a479b2a0950d24c10116cd401e50
-
SSDEEP
3072:WD6Xtx68yygRBE52mxkEOHLRMpZ4deth8PEAjAfIbAYGPhz6sPJBInxZqO0:Wh8cBzHLRMpZ4d1Z0
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1