35b4e8741b7dbac277c6c0b52921f60a95469c5f5982eeda7b2976a31bbff9e6 | Triage

Sharing

General

Target

unins000.zip
Size

590KB
Sample

240920-dkn3zavfrc
MD5

6886d496a678080f2b6418210aeb7046
SHA1

af7e986debecf4746ca16a87426757e367e8a607
SHA256

35b4e8741b7dbac277c6c0b52921f60a95469c5f5982eeda7b2976a31bbff9e6
SHA512

54dd4ca0e43f51c3b9df26262a369ca44eceb555f8ef13e5aeea30db33b8640e9f80e436e1c1e5c7a0765e4e3bf7339f2350a7e51706cdcdfb37f5970f24e4c5
SSDEEP

12288:GDyI83XoqEia9+hNEu2ZrgPqehn6AzapKztVfETuT9GKZKxfy+D:j3Xf7a9WNE3ZyqeR6o5f6uTswKxf9

Score

10^/10

discovery evasion persistence

Malware Config

Targets

- Target
  
  unins000.exe
- Size
  
  1.2MB
- MD5
  
  834d0bc7abd1b336f905dbfe51f32ed9
- SHA1
  
  c51c187de6df4ed9f3b29b2b6e7bf94fe6eee3cb
- SHA256
  
  607842155e4f7cfc63448601808a12bd409cc14d6ac588dd31da60e805091828
- SHA512
  
  29c7922c4c6b31fdb6b8c327373af1fb3d3920f43782c25deaa4eaefba0a22a79890264b8095cc89d9acb7c7d6e0ef7ca1c2d8e7214db88e1dc4a0b88a95a888
- SSDEEP
  
  24576:xOl4OghT53jK9kKMIuQjmOmhCdmG/cAJw92N+86MYCrlOh5x9ES:hpg9m4Yr2NVYCID
Score

10^/10

discovery evasion persistence
- Modifies WinLogon for persistence
  persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

discoveryevasionpersistence