General
-
Target
6abf57132a87bcc95ac32f5b77f4dbc9813730de4e8f7ba9974827833ea5ecd4
-
Size
71KB
-
Sample
241112-23nrxsshpb
-
MD5
dd2d03337e613410aab6625c608b0fa9
-
SHA1
f657a0674a25898596b6f3937ecfb3d522979ffe
-
SHA256
6abf57132a87bcc95ac32f5b77f4dbc9813730de4e8f7ba9974827833ea5ecd4
-
SHA512
365e48a53de93d44f1478c69b692fbafc540a2a5002f3ce2d9f8ef6cba6c649764285ee39a45e67f5d5ce9304abf14454a1c6da3adc33b57151c93a72af46fc1
-
SSDEEP
1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8sl5Y:Olg35GTslA5t3/w8gY
Static task
static1
Behavioral task
behavioral1
Sample
6abf57132a87bcc95ac32f5b77f4dbc9813730de4e8f7ba9974827833ea5ecd4.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
6abf57132a87bcc95ac32f5b77f4dbc9813730de4e8f7ba9974827833ea5ecd4.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
6abf57132a87bcc95ac32f5b77f4dbc9813730de4e8f7ba9974827833ea5ecd4
-
Size
71KB
-
MD5
dd2d03337e613410aab6625c608b0fa9
-
SHA1
f657a0674a25898596b6f3937ecfb3d522979ffe
-
SHA256
6abf57132a87bcc95ac32f5b77f4dbc9813730de4e8f7ba9974827833ea5ecd4
-
SHA512
365e48a53de93d44f1478c69b692fbafc540a2a5002f3ce2d9f8ef6cba6c649764285ee39a45e67f5d5ce9304abf14454a1c6da3adc33b57151c93a72af46fc1
-
SSDEEP
1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8sl5Y:Olg35GTslA5t3/w8gY
Score10/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies WinLogon
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1