General
-
Target
c641fe590c8dbe4fa53a7459ba062a8746824971f78255f64c1da468c5112abaN
-
Size
45KB
-
Sample
241104-cl5axa1emq
-
MD5
f6a9bc81490383124784ca790f5b0a70
-
SHA1
e75eeffaab511485da2a2bb47bcad1273d0335dc
-
SHA256
c641fe590c8dbe4fa53a7459ba062a8746824971f78255f64c1da468c5112aba
-
SHA512
5aa58b0c4aaaa6a706fa15527e7d5b14d2a61630a3896b5ff05fc73d7c2f48f02569b452196b8b8d0cf0f309d34e924055843ef89e1ab2426cf0523c74723825
-
SSDEEP
768:WAUJmQCcmLCXQq6fsKiJYsIkjJVzqsVG5kuGVAQvRWrE5+:RUNHFKQbIkHvGkAzm+
Static task
static1
Behavioral task
behavioral1
Sample
c641fe590c8dbe4fa53a7459ba062a8746824971f78255f64c1da468c5112abaN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
c641fe590c8dbe4fa53a7459ba062a8746824971f78255f64c1da468c5112abaN.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
c641fe590c8dbe4fa53a7459ba062a8746824971f78255f64c1da468c5112abaN
-
Size
45KB
-
MD5
f6a9bc81490383124784ca790f5b0a70
-
SHA1
e75eeffaab511485da2a2bb47bcad1273d0335dc
-
SHA256
c641fe590c8dbe4fa53a7459ba062a8746824971f78255f64c1da468c5112aba
-
SHA512
5aa58b0c4aaaa6a706fa15527e7d5b14d2a61630a3896b5ff05fc73d7c2f48f02569b452196b8b8d0cf0f309d34e924055843ef89e1ab2426cf0523c74723825
-
SSDEEP
768:WAUJmQCcmLCXQq6fsKiJYsIkjJVzqsVG5kuGVAQvRWrE5+:RUNHFKQbIkHvGkAzm+
Score10/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Drops file in Drivers directory
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies WinLogon
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1