General
-
Target
c96ceb5e5479331fc290df0fab290f70N.exe
-
Size
143KB
-
Sample
240806-s8rw4axajd
-
MD5
c96ceb5e5479331fc290df0fab290f70
-
SHA1
9098c70a94d0cee2b021d7f6145dea6a39d4a20f
-
SHA256
e4b1733f8e475472746c9d5e5981d6fbda984938a7af460ffd312a5cb0860bb3
-
SHA512
8c21f15cbcbe9b5b7086d3b6f42b389c34bc32082575af3dbf92be64a105724aa976a1647f96846bdc4ca1293d1aeecfa6a7b3b578591b68a147c5bcf3eef096
-
SSDEEP
3072:3LVoDvPd+A4WhkhXDl+i1lApwH08TdTIIIIIIIIIIIIIIIIIIfIIIIyIIIITIIIu:ZopGGgbiwU8J6
Malware Config
Targets
-
-
Target
c96ceb5e5479331fc290df0fab290f70N.exe
-
Size
143KB
-
MD5
c96ceb5e5479331fc290df0fab290f70
-
SHA1
9098c70a94d0cee2b021d7f6145dea6a39d4a20f
-
SHA256
e4b1733f8e475472746c9d5e5981d6fbda984938a7af460ffd312a5cb0860bb3
-
SHA512
8c21f15cbcbe9b5b7086d3b6f42b389c34bc32082575af3dbf92be64a105724aa976a1647f96846bdc4ca1293d1aeecfa6a7b3b578591b68a147c5bcf3eef096
-
SSDEEP
3072:3LVoDvPd+A4WhkhXDl+i1lApwH08TdTIIIIIIIIIIIIIIIIIIfIIIIyIIIITIIIu:ZopGGgbiwU8J6
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Disables RegEdit via registry modification
-
Executes dropped EXE
-
Modifies system executable filetype association
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Event Triggered Execution
1Change Default File Association
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Event Triggered Execution
1Change Default File Association
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
4