General
-
Target
71bbfb62559f10b2223ab136b33649fec7a7523b7a6cae0ddbf7d3289ab29634
-
Size
65KB
-
Sample
240525-23lybsee56
-
MD5
3e0a5f2894b963142f9034827c86749f
-
SHA1
683acdac3b2e85574933086dad84472d83b1b91d
-
SHA256
71bbfb62559f10b2223ab136b33649fec7a7523b7a6cae0ddbf7d3289ab29634
-
SHA512
bb8dd860d92284617fdf65739af86526dbe32fb39a25558714968e053a7ae71bedf8e25ca1a57afb7efdff705fc9039502029c94e9dc96e692bc88d0f282bfb6
-
SSDEEP
1536:ECq3yRuqrI01eArdW/O7JnI2e13XiLij40MkTUVqa/OuV:7WNqkOJWmo1HpM0MkTUmuV
Static task
static1
Behavioral task
behavioral1
Sample
71bbfb62559f10b2223ab136b33649fec7a7523b7a6cae0ddbf7d3289ab29634.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
71bbfb62559f10b2223ab136b33649fec7a7523b7a6cae0ddbf7d3289ab29634.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
71bbfb62559f10b2223ab136b33649fec7a7523b7a6cae0ddbf7d3289ab29634
-
Size
65KB
-
MD5
3e0a5f2894b963142f9034827c86749f
-
SHA1
683acdac3b2e85574933086dad84472d83b1b91d
-
SHA256
71bbfb62559f10b2223ab136b33649fec7a7523b7a6cae0ddbf7d3289ab29634
-
SHA512
bb8dd860d92284617fdf65739af86526dbe32fb39a25558714968e053a7ae71bedf8e25ca1a57afb7efdff705fc9039502029c94e9dc96e692bc88d0f282bfb6
-
SSDEEP
1536:ECq3yRuqrI01eArdW/O7JnI2e13XiLij40MkTUVqa/OuV:7WNqkOJWmo1HpM0MkTUmuV
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1