General
-
Target
cee5050e27da379c7b9a44e9dd8f16e9792e2e958d36610cf475d80fe9f17e65
-
Size
211KB
-
Sample
240611-dyw1qstamk
-
MD5
df4545cef58f21d0d9efa10559dd6b9a
-
SHA1
d2301ead7d85593b01f3098b802142cd17e9e5b4
-
SHA256
cee5050e27da379c7b9a44e9dd8f16e9792e2e958d36610cf475d80fe9f17e65
-
SHA512
913125b399c9f4b7976f9f1aa18c94f508c60f20d50479ee3fdd8fd5a0ae093e77e25420c920982be86989c139036a2edc465bed19b52f1b6e55a8da61683229
-
SSDEEP
3072:JD6Xtx68yygRBE52mxkEOHLRMpZ4deth8PEAjAfIbAYGPhz6sPJBInxZqOC:Jh8cBzHLRMpZ4d1ZC
Malware Config
Targets
-
-
Target
cee5050e27da379c7b9a44e9dd8f16e9792e2e958d36610cf475d80fe9f17e65
-
Size
211KB
-
MD5
df4545cef58f21d0d9efa10559dd6b9a
-
SHA1
d2301ead7d85593b01f3098b802142cd17e9e5b4
-
SHA256
cee5050e27da379c7b9a44e9dd8f16e9792e2e958d36610cf475d80fe9f17e65
-
SHA512
913125b399c9f4b7976f9f1aa18c94f508c60f20d50479ee3fdd8fd5a0ae093e77e25420c920982be86989c139036a2edc465bed19b52f1b6e55a8da61683229
-
SSDEEP
3072:JD6Xtx68yygRBE52mxkEOHLRMpZ4deth8PEAjAfIbAYGPhz6sPJBInxZqOC:Jh8cBzHLRMpZ4d1ZC
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Adds Run key to start application
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1