General
-
Target
eb61f992ed33d56d8d3b1cd8a10207c6e93847248951016cffbb768beb917621
-
Size
51KB
-
Sample
240603-fszksace7x
-
MD5
50c2804b452748c3e90fd0ee0cc9bc0f
-
SHA1
56771e7e07911cab1ffe10ab9ccc57d9530df041
-
SHA256
eb61f992ed33d56d8d3b1cd8a10207c6e93847248951016cffbb768beb917621
-
SHA512
4b19c9f88dd40876e64ee24dc107738bf59c87fa84ce0c42ef33b7bb7315baeeba0ddadb9aa7ac558affdd1844c047f1afcf6c49ab14363a597cd0feedcb9eda
-
SSDEEP
1536:nNJb/HkwoLe29UjQ4wqQOLIMVnS3b1111111111111111111111l:b+LKSOLIMdgb1111111111111111111X
Behavioral task
behavioral1
Sample
eb61f992ed33d56d8d3b1cd8a10207c6e93847248951016cffbb768beb917621.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
eb61f992ed33d56d8d3b1cd8a10207c6e93847248951016cffbb768beb917621.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
eb61f992ed33d56d8d3b1cd8a10207c6e93847248951016cffbb768beb917621
-
Size
51KB
-
MD5
50c2804b452748c3e90fd0ee0cc9bc0f
-
SHA1
56771e7e07911cab1ffe10ab9ccc57d9530df041
-
SHA256
eb61f992ed33d56d8d3b1cd8a10207c6e93847248951016cffbb768beb917621
-
SHA512
4b19c9f88dd40876e64ee24dc107738bf59c87fa84ce0c42ef33b7bb7315baeeba0ddadb9aa7ac558affdd1844c047f1afcf6c49ab14363a597cd0feedcb9eda
-
SSDEEP
1536:nNJb/HkwoLe29UjQ4wqQOLIMVnS3b1111111111111111111111l:b+LKSOLIMdgb1111111111111111111X
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
UPX dump on OEP (original entry point)
-
Drops file in Drivers directory
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1