General
-
Target
82ee727dbca60cbc09889e28d542c88e7f41d1cbdb80321f196bc083684abb63
-
Size
206KB
-
Sample
240603-akx44ade84
-
MD5
56a6af523a68f8f4f6076469cdfbef94
-
SHA1
be01694779217eb4ebd4b30d0e89aca7f0a6f2f7
-
SHA256
82ee727dbca60cbc09889e28d542c88e7f41d1cbdb80321f196bc083684abb63
-
SHA512
9afadfcc585bd39297dfaf44b9be60624a812b03d68acdef582d5609e654e4294f05667f72c3402ca3a80790fd00880166774e6a6bc10bc1077be19e7fad99ae
-
SSDEEP
3072:5vEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unL+:5vEN2U+T6i5LirrllHy4HUcMQY6K+
Static task
static1
Behavioral task
behavioral1
Sample
82ee727dbca60cbc09889e28d542c88e7f41d1cbdb80321f196bc083684abb63.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
82ee727dbca60cbc09889e28d542c88e7f41d1cbdb80321f196bc083684abb63.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
82ee727dbca60cbc09889e28d542c88e7f41d1cbdb80321f196bc083684abb63
-
Size
206KB
-
MD5
56a6af523a68f8f4f6076469cdfbef94
-
SHA1
be01694779217eb4ebd4b30d0e89aca7f0a6f2f7
-
SHA256
82ee727dbca60cbc09889e28d542c88e7f41d1cbdb80321f196bc083684abb63
-
SHA512
9afadfcc585bd39297dfaf44b9be60624a812b03d68acdef582d5609e654e4294f05667f72c3402ca3a80790fd00880166774e6a6bc10bc1077be19e7fad99ae
-
SSDEEP
3072:5vEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unL+:5vEN2U+T6i5LirrllHy4HUcMQY6K+
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1