General
-
Target
79ff5fa1c1228673e5055887945cdb96ef0710907031750f5f589c365853e2f9N
-
Size
283KB
-
Sample
240928-db3j1awaqe
-
MD5
cc0f306117c650d8572599522a6e1d10
-
SHA1
823f03b1e736ac4c88698cb490e2b3e097a2a570
-
SHA256
79ff5fa1c1228673e5055887945cdb96ef0710907031750f5f589c365853e2f9
-
SHA512
090f0a4e3b1a06e378be07d296e600bd707f6ad227ae898189073b4197a4c092a3e8582b2c10fd5bebb36e1a82468d76f137bc88ac0464a839c28ebc963c4671
-
SSDEEP
6144:zbq15Dd4XV8bt9fI/hzL2KT667qOIzbIwXFS9mfui:/cDd4F8bt9M2e57qdSo
Malware Config
Targets
-
-
Target
79ff5fa1c1228673e5055887945cdb96ef0710907031750f5f589c365853e2f9N
-
Size
283KB
-
MD5
cc0f306117c650d8572599522a6e1d10
-
SHA1
823f03b1e736ac4c88698cb490e2b3e097a2a570
-
SHA256
79ff5fa1c1228673e5055887945cdb96ef0710907031750f5f589c365853e2f9
-
SHA512
090f0a4e3b1a06e378be07d296e600bd707f6ad227ae898189073b4197a4c092a3e8582b2c10fd5bebb36e1a82468d76f137bc88ac0464a839c28ebc963c4671
-
SSDEEP
6144:zbq15Dd4XV8bt9fI/hzL2KT667qOIzbIwXFS9mfui:/cDd4F8bt9M2e57qdSo
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Active Setup
1Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Active Setup
1Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
4