General
-
Target
52d393ec1f615747d387b19b0a3e59d7cc91a40ca86e974aba6c1d0e6eacbf7c
-
Size
66KB
-
Sample
240614-1cmw9szhpn
-
MD5
20a9daea9d2b3f164ad0ae633c70cdfb
-
SHA1
a400feba12aee22e3dd53bdbcdbc26269a6f6c31
-
SHA256
52d393ec1f615747d387b19b0a3e59d7cc91a40ca86e974aba6c1d0e6eacbf7c
-
SHA512
28788b1f61df3d67490009127f0692aa179472553275cba1d2f22c004ea912900086d68c69549ccaad45c48010eedf4e4da318d27dca537ab9dfe7116aa2d38e
-
SSDEEP
1536:EHfetdklPp+07gDSrB8Xru2zGeJxgawTzpXzrDJrXiy:IeklMMYJhqezw/pXzH9iy
Malware Config
Targets
-
-
Target
52d393ec1f615747d387b19b0a3e59d7cc91a40ca86e974aba6c1d0e6eacbf7c
-
Size
66KB
-
MD5
20a9daea9d2b3f164ad0ae633c70cdfb
-
SHA1
a400feba12aee22e3dd53bdbcdbc26269a6f6c31
-
SHA256
52d393ec1f615747d387b19b0a3e59d7cc91a40ca86e974aba6c1d0e6eacbf7c
-
SHA512
28788b1f61df3d67490009127f0692aa179472553275cba1d2f22c004ea912900086d68c69549ccaad45c48010eedf4e4da318d27dca537ab9dfe7116aa2d38e
-
SSDEEP
1536:EHfetdklPp+07gDSrB8Xru2zGeJxgawTzpXzrDJrXiy:IeklMMYJhqezw/pXzH9iy
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1