General
-
Target
bc2d2787a6cf293b0c99904f2d71326fbe7bef475ac8327e18d003020ec97524
-
Size
206KB
-
Sample
240603-dhndnaac49
-
MD5
3c6a2457bbf354d63c0fb2f490d3d3c7
-
SHA1
3d0bc0b3fec16e10c979233b4c6a8e85e0336d44
-
SHA256
bc2d2787a6cf293b0c99904f2d71326fbe7bef475ac8327e18d003020ec97524
-
SHA512
db3a7f7a62df81df5fbe83005bfcc9d6b7e7070e7f646b537b7a4611e6a49bc8a282c809da7a7b45f42dba953f349301843f7c96b9c97f77a5b017d653d31c1d
-
SSDEEP
3072:5vEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unLt:5vEN2U+T6i5LirrllHy4HUcMQY6Kt
Static task
static1
Behavioral task
behavioral1
Sample
bc2d2787a6cf293b0c99904f2d71326fbe7bef475ac8327e18d003020ec97524.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
bc2d2787a6cf293b0c99904f2d71326fbe7bef475ac8327e18d003020ec97524.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
bc2d2787a6cf293b0c99904f2d71326fbe7bef475ac8327e18d003020ec97524
-
Size
206KB
-
MD5
3c6a2457bbf354d63c0fb2f490d3d3c7
-
SHA1
3d0bc0b3fec16e10c979233b4c6a8e85e0336d44
-
SHA256
bc2d2787a6cf293b0c99904f2d71326fbe7bef475ac8327e18d003020ec97524
-
SHA512
db3a7f7a62df81df5fbe83005bfcc9d6b7e7070e7f646b537b7a4611e6a49bc8a282c809da7a7b45f42dba953f349301843f7c96b9c97f77a5b017d653d31c1d
-
SSDEEP
3072:5vEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unLt:5vEN2U+T6i5LirrllHy4HUcMQY6Kt
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1