General
-
Target
9296967bd7520e26732cb92dc2e7adb28ca69ee68d58cdd891bc26a2b7a1bdc0
-
Size
211KB
-
Sample
240606-djr38sgb99
-
MD5
d3c5c0b268c2d7c671fc0099c1fabdfa
-
SHA1
989457fbbab0d05e851e67aec64e8c3137d46765
-
SHA256
9296967bd7520e26732cb92dc2e7adb28ca69ee68d58cdd891bc26a2b7a1bdc0
-
SHA512
5d79ab391465abc6aa71bde6188ed60c9dd9d0d7465fc6875f2c5ab9c7598d74983ad0a4787fe431a7edc60b30904daeafe6965670c9a943de3e7f5f56a3244a
-
SSDEEP
3072:JD6Xtx68yygRBE52mxkEOHLRMpZ4deth8PEAjAfIbAYGPhz6sPJBInxZqOZ:Jh8cBzHLRMpZ4d1ZZ
Malware Config
Targets
-
-
Target
9296967bd7520e26732cb92dc2e7adb28ca69ee68d58cdd891bc26a2b7a1bdc0
-
Size
211KB
-
MD5
d3c5c0b268c2d7c671fc0099c1fabdfa
-
SHA1
989457fbbab0d05e851e67aec64e8c3137d46765
-
SHA256
9296967bd7520e26732cb92dc2e7adb28ca69ee68d58cdd891bc26a2b7a1bdc0
-
SHA512
5d79ab391465abc6aa71bde6188ed60c9dd9d0d7465fc6875f2c5ab9c7598d74983ad0a4787fe431a7edc60b30904daeafe6965670c9a943de3e7f5f56a3244a
-
SSDEEP
3072:JD6Xtx68yygRBE52mxkEOHLRMpZ4deth8PEAjAfIbAYGPhz6sPJBInxZqOZ:Jh8cBzHLRMpZ4d1ZZ
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1