General

  • Target

    7f29b947179c3a396bececffe1ffbe5e00db15a0016eff06725df585912a5a95

  • Size

    2.3MB

  • Sample

    240606-b7fc8seb4w

  • MD5

    703e39b826f8f94fc1d1423cee8b5abf

  • SHA1

    51e6e6f9ddb023f7d749c26157931ecfb27c4615

  • SHA256

    7f29b947179c3a396bececffe1ffbe5e00db15a0016eff06725df585912a5a95

  • SHA512

    639aa4158cb878816e853b976871ca4fe678eb45042b28e0cd550731acdd5387ab4ba06bc5023e41a8103d77cc1507911a2af6297ecdf4a05a2e9ea60782f91e

  • SSDEEP

    49152:SLDEfWcnLJ6I3BUz8fsK5CdoQmTZMCpylljm:tXnL73XHdFHpqm

Score
10/10

Malware Config

Targets

    • Target

      7f29b947179c3a396bececffe1ffbe5e00db15a0016eff06725df585912a5a95

    • Size

      2.3MB

    • MD5

      703e39b826f8f94fc1d1423cee8b5abf

    • SHA1

      51e6e6f9ddb023f7d749c26157931ecfb27c4615

    • SHA256

      7f29b947179c3a396bececffe1ffbe5e00db15a0016eff06725df585912a5a95

    • SHA512

      639aa4158cb878816e853b976871ca4fe678eb45042b28e0cd550731acdd5387ab4ba06bc5023e41a8103d77cc1507911a2af6297ecdf4a05a2e9ea60782f91e

    • SSDEEP

      49152:SLDEfWcnLJ6I3BUz8fsK5CdoQmTZMCpylljm:tXnL73XHdFHpqm

    Score
    10/10
    • Modifies WinLogon for persistence

    • Modifies visiblity of hidden/system files in Explorer

    • Modifies Installed Components in the registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks