General
-
Target
1db8c87ffb3f7291885afe5d9be823bb4ddd7825fa4d09e32e530eaca43edc8a
-
Size
206KB
-
Sample
240611-x2mq1sybrj
-
MD5
57eb5252c1c32b79c0a8a159d3746ed4
-
SHA1
363a253435345172a4e93e2e9b5e697bd9026f33
-
SHA256
1db8c87ffb3f7291885afe5d9be823bb4ddd7825fa4d09e32e530eaca43edc8a
-
SHA512
12e01bb5e4cd0778ddfeb89a49cfc01459d99a8607798c09d037abd754397d0a02f80acf30a6ac7069b1b58219328ca799a2e854cf50bcd31a768eed5ff2cccc
-
SSDEEP
3072:zvEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unl:zvEN2U+T6i5LirrllHy4HUcMQY6e
Malware Config
Targets
-
-
Target
1db8c87ffb3f7291885afe5d9be823bb4ddd7825fa4d09e32e530eaca43edc8a
-
Size
206KB
-
MD5
57eb5252c1c32b79c0a8a159d3746ed4
-
SHA1
363a253435345172a4e93e2e9b5e697bd9026f33
-
SHA256
1db8c87ffb3f7291885afe5d9be823bb4ddd7825fa4d09e32e530eaca43edc8a
-
SHA512
12e01bb5e4cd0778ddfeb89a49cfc01459d99a8607798c09d037abd754397d0a02f80acf30a6ac7069b1b58219328ca799a2e854cf50bcd31a768eed5ff2cccc
-
SSDEEP
3072:zvEfVUzSLhIVbV6i5LirrlZrHyrUHUckoMQ2RN6unl:zvEN2U+T6i5LirrllHy4HUcMQY6e
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1