General
-
Target
d6b4d656a00fd7aae69fb558bb5dba30N.exe
-
Size
80KB
-
Sample
240806-wvfhpawcql
-
MD5
d6b4d656a00fd7aae69fb558bb5dba30
-
SHA1
587b128fa375a51082e249dd8ab6d7a64c59eecd
-
SHA256
ba4e9f1436254a4e3ee987d63fff0d137dc939d8575f1d5a2f7be7d8d3d86258
-
SHA512
35434db98d31164b4fdc7867798d75e4ca4b2546ede0b06350d65ab07c82f7290691889644d3cdb5c35114467a349378ff4a81bfa6f856d1e068618ecdb964f9
-
SSDEEP
768:eLxqBt1sJw5pVNUP1/kvtbWcpmCKXTak3QIXjLZJ2bXfqQKMq+gjTAfu/MB8QKp2:Bteq0QIXJJyXEv/MBK67lALNtnd1PBwN
Malware Config
Targets
-
-
Target
d6b4d656a00fd7aae69fb558bb5dba30N.exe
-
Size
80KB
-
MD5
d6b4d656a00fd7aae69fb558bb5dba30
-
SHA1
587b128fa375a51082e249dd8ab6d7a64c59eecd
-
SHA256
ba4e9f1436254a4e3ee987d63fff0d137dc939d8575f1d5a2f7be7d8d3d86258
-
SHA512
35434db98d31164b4fdc7867798d75e4ca4b2546ede0b06350d65ab07c82f7290691889644d3cdb5c35114467a349378ff4a81bfa6f856d1e068618ecdb964f9
-
SSDEEP
768:eLxqBt1sJw5pVNUP1/kvtbWcpmCKXTak3QIXjLZJ2bXfqQKMq+gjTAfu/MB8QKp2:Bteq0QIXJJyXEv/MBK67lALNtnd1PBwN
Score10/10-
Windows security bypass
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Indicator Removal: Clear Persistence
remove IFEO.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Active Setup
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Boot or Logon Autostart Execution
1Active Setup
1Event Triggered Execution
1Image File Execution Options Injection
1