General
-
Target
df20327ae5c846b3dfc1d99bb1d617cc02a32b78d193487c07a1a6ab6f4916ab
-
Size
66KB
-
Sample
240529-dscd5sgd6s
-
MD5
9a605ca94d4c380c4e3065e3d7d9888c
-
SHA1
f799c08750e479f56f67b33f56b9a8d3c9199e84
-
SHA256
df20327ae5c846b3dfc1d99bb1d617cc02a32b78d193487c07a1a6ab6f4916ab
-
SHA512
e28863d8125a262ff6bc47caa6c4e7dd30d07b27236c4e67a1ef37a9f52050ab87b689740e51e7fcf9d42ab7dc7c075dd7076437bb7c6938f3e29f728cea1c2d
-
SSDEEP
1536:EHfetdklPp+07gDSrB8Xru2zGeJxgawTzpXzrDJrXiF:IeklMMYJhqezw/pXzH9iF
Malware Config
Targets
-
-
Target
df20327ae5c846b3dfc1d99bb1d617cc02a32b78d193487c07a1a6ab6f4916ab
-
Size
66KB
-
MD5
9a605ca94d4c380c4e3065e3d7d9888c
-
SHA1
f799c08750e479f56f67b33f56b9a8d3c9199e84
-
SHA256
df20327ae5c846b3dfc1d99bb1d617cc02a32b78d193487c07a1a6ab6f4916ab
-
SHA512
e28863d8125a262ff6bc47caa6c4e7dd30d07b27236c4e67a1ef37a9f52050ab87b689740e51e7fcf9d42ab7dc7c075dd7076437bb7c6938f3e29f728cea1c2d
-
SSDEEP
1536:EHfetdklPp+07gDSrB8Xru2zGeJxgawTzpXzrDJrXiF:IeklMMYJhqezw/pXzH9iF
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1