General
-
Target
51fb2a086644269d7813b251e6520581716cf48c06a4f10b809aa1dd7c23d870
-
Size
65KB
-
Sample
240613-2rw9xstemg
-
MD5
398dd1e0b169bd264f59437fcdc8ce96
-
SHA1
323f022e6b734875afa6f74e5765787092dc6717
-
SHA256
51fb2a086644269d7813b251e6520581716cf48c06a4f10b809aa1dd7c23d870
-
SHA512
6c89d4ae1b20660e8a7c460395290698bc6fc10a9ab564ff8c0948f725f7897ced02121a968e7c75d0fca2f4647ee1b00a68b007740e583f7be3797a873f8518
-
SSDEEP
1536:ECq3yRuqrI01eArdW/O7JnI2e13XiLij40MkTUVqa/OuF:7WNqkOJWmo1HpM0MkTUmuF
Malware Config
Targets
-
-
Target
51fb2a086644269d7813b251e6520581716cf48c06a4f10b809aa1dd7c23d870
-
Size
65KB
-
MD5
398dd1e0b169bd264f59437fcdc8ce96
-
SHA1
323f022e6b734875afa6f74e5765787092dc6717
-
SHA256
51fb2a086644269d7813b251e6520581716cf48c06a4f10b809aa1dd7c23d870
-
SHA512
6c89d4ae1b20660e8a7c460395290698bc6fc10a9ab564ff8c0948f725f7897ced02121a968e7c75d0fca2f4647ee1b00a68b007740e583f7be3797a873f8518
-
SSDEEP
1536:ECq3yRuqrI01eArdW/O7JnI2e13XiLij40MkTUVqa/OuF:7WNqkOJWmo1HpM0MkTUmuF
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1