General
-
Target
798f538a063e6e5ebe8833d57c172ac008b7a5d058280c8d33c9e85cb8bec705
-
Size
65KB
-
Sample
240530-3k3nssed6t
-
MD5
9f3f4eab05bda1da219d9810f9860e72
-
SHA1
92e4ec6c7b4c3ab82082e7832c26b1220800137f
-
SHA256
798f538a063e6e5ebe8833d57c172ac008b7a5d058280c8d33c9e85cb8bec705
-
SHA512
84cfe77c1920d30d2c428a83fa80bb1c356dbe44f03d445673444c0c801c891561b22fd5b8bf7f82edeab4ad05bb241414b51f4cd1f9edc2b7f23df637912874
-
SSDEEP
1536:ECq3yRuqrI01eArdW/O7JnI2e13XiLij40MkTUVqa/Ouh:7WNqkOJWmo1HpM0MkTUmuh
Malware Config
Targets
-
-
Target
798f538a063e6e5ebe8833d57c172ac008b7a5d058280c8d33c9e85cb8bec705
-
Size
65KB
-
MD5
9f3f4eab05bda1da219d9810f9860e72
-
SHA1
92e4ec6c7b4c3ab82082e7832c26b1220800137f
-
SHA256
798f538a063e6e5ebe8833d57c172ac008b7a5d058280c8d33c9e85cb8bec705
-
SHA512
84cfe77c1920d30d2c428a83fa80bb1c356dbe44f03d445673444c0c801c891561b22fd5b8bf7f82edeab4ad05bb241414b51f4cd1f9edc2b7f23df637912874
-
SSDEEP
1536:ECq3yRuqrI01eArdW/O7JnI2e13XiLij40MkTUVqa/Ouh:7WNqkOJWmo1HpM0MkTUmuh
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1