General
-
Target
f271c36e86959b65aeb0f83dbfbfd398bc2baddc9f5d7180834a293d4a4bdd5fN
-
Size
23KB
-
Sample
240920-bsmh1a1gjc
-
MD5
e7143caa31ddda3e8e5f059042171b90
-
SHA1
558dd412e7f69590a95d30175176596ccc0d286d
-
SHA256
f271c36e86959b65aeb0f83dbfbfd398bc2baddc9f5d7180834a293d4a4bdd5f
-
SHA512
0afe7ac1f3e67aca21bba828d802cc2d5d4b5ca384b2db359c594e937599745b495c4408587b64eda4546cb58a6dc1c583a066091cb1f03e6e6c772639359ff4
-
SSDEEP
384:6bHlmJ/Q2T0oLB61s7atgXBpP73HBJIPGXe+QYtWS4s45nDrkJpZU1:gl72goX7a2Bh7X/IPGXeKL1ePyG
Malware Config
Targets
-
-
Target
f271c36e86959b65aeb0f83dbfbfd398bc2baddc9f5d7180834a293d4a4bdd5fN
-
Size
23KB
-
MD5
e7143caa31ddda3e8e5f059042171b90
-
SHA1
558dd412e7f69590a95d30175176596ccc0d286d
-
SHA256
f271c36e86959b65aeb0f83dbfbfd398bc2baddc9f5d7180834a293d4a4bdd5f
-
SHA512
0afe7ac1f3e67aca21bba828d802cc2d5d4b5ca384b2db359c594e937599745b495c4408587b64eda4546cb58a6dc1c583a066091cb1f03e6e6c772639359ff4
-
SSDEEP
384:6bHlmJ/Q2T0oLB61s7atgXBpP73HBJIPGXe+QYtWS4s45nDrkJpZU1:gl72goX7a2Bh7X/IPGXeKL1ePyG
Score10/10-
Modifies WinLogon for persistence
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-