General
-
Target
b0928f731e7ef8ed467e77b2062144c630e577f8ba62058d3dbb57d60dc36bf9N
-
Size
82KB
-
Sample
240930-3nvscszgnr
-
MD5
8515176c859c363c1b6d36b613c4c9f0
-
SHA1
027f470a5620730114b38ead01eec5b7b974d052
-
SHA256
b0928f731e7ef8ed467e77b2062144c630e577f8ba62058d3dbb57d60dc36bf9
-
SHA512
dfeb088af24ac104cdeb70943963cf6c515db6a278f662d8e8e70ebce1e6b3b8971e51aa28080ab67f65dbc1c92407d2c1ff8ea85239782461f603ad960142b3
-
SSDEEP
1536:xyLw62p7KTxU0II7mgKkhmYItSXHIiMOphO6G:pgTJjYt9Op/G
Malware Config
Targets
-
-
Target
b0928f731e7ef8ed467e77b2062144c630e577f8ba62058d3dbb57d60dc36bf9N
-
Size
82KB
-
MD5
8515176c859c363c1b6d36b613c4c9f0
-
SHA1
027f470a5620730114b38ead01eec5b7b974d052
-
SHA256
b0928f731e7ef8ed467e77b2062144c630e577f8ba62058d3dbb57d60dc36bf9
-
SHA512
dfeb088af24ac104cdeb70943963cf6c515db6a278f662d8e8e70ebce1e6b3b8971e51aa28080ab67f65dbc1c92407d2c1ff8ea85239782461f603ad960142b3
-
SSDEEP
1536:xyLw62p7KTxU0II7mgKkhmYItSXHIiMOphO6G:pgTJjYt9Op/G
Score10/10-
Windows security bypass
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Indicator Removal: Clear Persistence
remove IFEO.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Active Setup
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Boot or Logon Autostart Execution
1Active Setup
1Event Triggered Execution
1Image File Execution Options Injection
1