General
-
Target
b6c2df057d0e11dabe39fe1800793d5b0b59d249f0ac0e353092fb9fb5c0ec73
-
Size
69KB
-
Sample
240604-cbr8laaa78
-
MD5
662caade13e8e4916b54ccd4a6037d64
-
SHA1
9b041029547ed8bb9527b03af24025cb63241f12
-
SHA256
b6c2df057d0e11dabe39fe1800793d5b0b59d249f0ac0e353092fb9fb5c0ec73
-
SHA512
a0de95b2fba0c2143df83ab4207be759b91f17addc4795a1561bec8383c8cc38d05c5af72125fd7cd34400c6f3ca4de97be3c037373dfb3473c0c2b6e1bda8e2
-
SSDEEP
1536:EJrFDMRyriCY/qXfatMp4Q2V6fIMxIpLi:0F8dCY85TE6fIMSRi
Behavioral task
behavioral1
Sample
b6c2df057d0e11dabe39fe1800793d5b0b59d249f0ac0e353092fb9fb5c0ec73.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
b6c2df057d0e11dabe39fe1800793d5b0b59d249f0ac0e353092fb9fb5c0ec73.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
b6c2df057d0e11dabe39fe1800793d5b0b59d249f0ac0e353092fb9fb5c0ec73
-
Size
69KB
-
MD5
662caade13e8e4916b54ccd4a6037d64
-
SHA1
9b041029547ed8bb9527b03af24025cb63241f12
-
SHA256
b6c2df057d0e11dabe39fe1800793d5b0b59d249f0ac0e353092fb9fb5c0ec73
-
SHA512
a0de95b2fba0c2143df83ab4207be759b91f17addc4795a1561bec8383c8cc38d05c5af72125fd7cd34400c6f3ca4de97be3c037373dfb3473c0c2b6e1bda8e2
-
SSDEEP
1536:EJrFDMRyriCY/qXfatMp4Q2V6fIMxIpLi:0F8dCY85TE6fIMSRi
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
UPX dump on OEP (original entry point)
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1