General
-
Target
26dddb79fa243827956a02ee89c46b5fb8377069306b6052bbd9e2dc3f2a07de
-
Size
199KB
-
Sample
240604-ygxadshd4v
-
MD5
2a0b94d0d136294286eb0b1e9fb42a7c
-
SHA1
b52f7133b6d0de2ddca3c9d3f19dec3583dd7bbc
-
SHA256
26dddb79fa243827956a02ee89c46b5fb8377069306b6052bbd9e2dc3f2a07de
-
SHA512
31f668810dc19ba398ead98474bf58ccb9538667096c84312043f71c8d392c256c4fc7b0cb9be8994d9bdfd2a4a9ecb4735939aa8c77e6d437e9dcade929d836
-
SSDEEP
3072:7vEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6u4Pmu+:7vEN2U+T6i5LirrllHy4HUcMQY64
Malware Config
Targets
-
-
Target
26dddb79fa243827956a02ee89c46b5fb8377069306b6052bbd9e2dc3f2a07de
-
Size
199KB
-
MD5
2a0b94d0d136294286eb0b1e9fb42a7c
-
SHA1
b52f7133b6d0de2ddca3c9d3f19dec3583dd7bbc
-
SHA256
26dddb79fa243827956a02ee89c46b5fb8377069306b6052bbd9e2dc3f2a07de
-
SHA512
31f668810dc19ba398ead98474bf58ccb9538667096c84312043f71c8d392c256c4fc7b0cb9be8994d9bdfd2a4a9ecb4735939aa8c77e6d437e9dcade929d836
-
SSDEEP
3072:7vEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6u4Pmu+:7vEN2U+T6i5LirrllHy4HUcMQY64
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1