General
-
Target
dde0594197a2a9b23bdd70ad201a96d5004f8fe03aa86bd9828ed24b0196a635
-
Size
65KB
-
Sample
240603-e7874ach54
-
MD5
bc8a93d0892f72831157a0290f4304a5
-
SHA1
74033c75fcb4c976a7c4eb30d4c390c64a60ca94
-
SHA256
dde0594197a2a9b23bdd70ad201a96d5004f8fe03aa86bd9828ed24b0196a635
-
SHA512
ee7e22ec8b3ed48190c369616ce758f0a2cf37de1a3f0c285832581cb48ee9174cd7759fa683b39e4090c7813ab00dde33c1b8fe7c649093b7038af2fd9b407c
-
SSDEEP
1536:ECq3yRuqrI01eArdW/O7JnI2e13XiLij40MkTUVqa/OuY:7WNqkOJWmo1HpM0MkTUmuY
Static task
static1
Behavioral task
behavioral1
Sample
dde0594197a2a9b23bdd70ad201a96d5004f8fe03aa86bd9828ed24b0196a635.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
dde0594197a2a9b23bdd70ad201a96d5004f8fe03aa86bd9828ed24b0196a635.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
dde0594197a2a9b23bdd70ad201a96d5004f8fe03aa86bd9828ed24b0196a635
-
Size
65KB
-
MD5
bc8a93d0892f72831157a0290f4304a5
-
SHA1
74033c75fcb4c976a7c4eb30d4c390c64a60ca94
-
SHA256
dde0594197a2a9b23bdd70ad201a96d5004f8fe03aa86bd9828ed24b0196a635
-
SHA512
ee7e22ec8b3ed48190c369616ce758f0a2cf37de1a3f0c285832581cb48ee9174cd7759fa683b39e4090c7813ab00dde33c1b8fe7c649093b7038af2fd9b407c
-
SSDEEP
1536:ECq3yRuqrI01eArdW/O7JnI2e13XiLij40MkTUVqa/OuY:7WNqkOJWmo1HpM0MkTUmuY
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1