General
-
Target
18678aaa1466bd443fcf96de66a2b26a9dcffdad78988d0deffbf2ead7743092N
-
Size
148KB
-
Sample
241002-m5ppnswgnb
-
MD5
392e0c5de18e3719853da43a4f93d860
-
SHA1
00551727e055087481bf76c639dd213e9947fb79
-
SHA256
18678aaa1466bd443fcf96de66a2b26a9dcffdad78988d0deffbf2ead7743092
-
SHA512
de98722b1d4fcc03038ea9d26cec1b0a5c459e70cd1e5779fbb74d2d156453b77cf7bbf2a9740786f0c26463c053a4d35db50487264f9ba294f792d724aefb43
-
SSDEEP
1536:nrel3XWo2VxyMcCbncBVZWX5HzvCxGYCBbxTNyThXPr:rC3XWoixXDncBV4X5HzKxGYCzTNyTJr
Malware Config
Targets
-
-
Target
18678aaa1466bd443fcf96de66a2b26a9dcffdad78988d0deffbf2ead7743092N
-
Size
148KB
-
MD5
392e0c5de18e3719853da43a4f93d860
-
SHA1
00551727e055087481bf76c639dd213e9947fb79
-
SHA256
18678aaa1466bd443fcf96de66a2b26a9dcffdad78988d0deffbf2ead7743092
-
SHA512
de98722b1d4fcc03038ea9d26cec1b0a5c459e70cd1e5779fbb74d2d156453b77cf7bbf2a9740786f0c26463c053a4d35db50487264f9ba294f792d724aefb43
-
SSDEEP
1536:nrel3XWo2VxyMcCbncBVZWX5HzvCxGYCBbxTNyThXPr:rC3XWoixXDncBV4X5HzKxGYCzTNyTJr
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Drops file in Drivers directory
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Active Setup
1Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Active Setup
1Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
4