General
-
Target
5cb51f159da23cb3b2e5db0261292fbf971cfb12c27485e36d8b82de5058ae0f
-
Size
65KB
-
Sample
240604-1ypmzsdg59
-
MD5
13db7a5460fd9a38f54786a695153506
-
SHA1
a8c3c18d82f6f0b8a12c4301cf8d8e7fc8768bbd
-
SHA256
5cb51f159da23cb3b2e5db0261292fbf971cfb12c27485e36d8b82de5058ae0f
-
SHA512
99a8580cce561b6920c0c2521bbbaa15286d2c3c0e1fd459e4ebcf6848b99756c2fc50d0e2f5201f5c7a9a937eaf9c705703c2c901d6baf12bda2b9b9fcdddf2
-
SSDEEP
1536:ECq3yRuqrI01eArdW/O7JnI2e13XiLij40MkTUVqa/Oug:7WNqkOJWmo1HpM0MkTUmug
Malware Config
Targets
-
-
Target
5cb51f159da23cb3b2e5db0261292fbf971cfb12c27485e36d8b82de5058ae0f
-
Size
65KB
-
MD5
13db7a5460fd9a38f54786a695153506
-
SHA1
a8c3c18d82f6f0b8a12c4301cf8d8e7fc8768bbd
-
SHA256
5cb51f159da23cb3b2e5db0261292fbf971cfb12c27485e36d8b82de5058ae0f
-
SHA512
99a8580cce561b6920c0c2521bbbaa15286d2c3c0e1fd459e4ebcf6848b99756c2fc50d0e2f5201f5c7a9a937eaf9c705703c2c901d6baf12bda2b9b9fcdddf2
-
SSDEEP
1536:ECq3yRuqrI01eArdW/O7JnI2e13XiLij40MkTUVqa/Oug:7WNqkOJWmo1HpM0MkTUmug
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1