General
-
Target
0df225a5429b374f0f34de4ce118eda11ff29ee45c2a38d8c8960e54c5195e71
-
Size
30KB
-
Sample
241014-xfjr8svalq
-
MD5
3d3b62e2e2cead1964850cf898517d1f
-
SHA1
d18a8085d368795e907d97a0c98471841df31eb8
-
SHA256
0df225a5429b374f0f34de4ce118eda11ff29ee45c2a38d8c8960e54c5195e71
-
SHA512
ee7b9481d731d1ce56b56bf05ae8947d0796266ea3ea0a91bfb23391ae482599905da5da635cbe422e30682e04b3ebdaca27d412ff097bf71bdafd0eaee7dc64
-
SSDEEP
768:zIWM0kkB+AQYIWAdO4VpQCp94FFU3F3wImiBDQE:XM7kB5zefVSmeFilwIZBDQE
Malware Config
Targets
-
-
Target
0df225a5429b374f0f34de4ce118eda11ff29ee45c2a38d8c8960e54c5195e71
-
Size
30KB
-
MD5
3d3b62e2e2cead1964850cf898517d1f
-
SHA1
d18a8085d368795e907d97a0c98471841df31eb8
-
SHA256
0df225a5429b374f0f34de4ce118eda11ff29ee45c2a38d8c8960e54c5195e71
-
SHA512
ee7b9481d731d1ce56b56bf05ae8947d0796266ea3ea0a91bfb23391ae482599905da5da635cbe422e30682e04b3ebdaca27d412ff097bf71bdafd0eaee7dc64
-
SSDEEP
768:zIWM0kkB+AQYIWAdO4VpQCp94FFU3F3wImiBDQE:XM7kB5zefVSmeFilwIZBDQE
Score10/10-
Modifies WinLogon for persistence
-
Modifies firewall policy service
-
Executes dropped EXE
-
Loads dropped DLL
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Winlogon Helper DLL
1Create or Modify System Process
1Windows Service
1Privilege Escalation
Boot or Logon Autostart Execution
1Winlogon Helper DLL
1Create or Modify System Process
1Windows Service
1