General
-
Target
e79134bbf4fc06f04534bb5c904e716a6aaf3dcd9103578bddc9e258539357d8.exe
-
Size
70KB
-
Sample
241112-3dbxhawnfn
-
MD5
68afcdc8ad14b49e19f33146a0287c3c
-
SHA1
47566c80fc803bc39e3d62f1b6bef298e4954b32
-
SHA256
e79134bbf4fc06f04534bb5c904e716a6aaf3dcd9103578bddc9e258539357d8
-
SHA512
9426e0566b7bd2283a9d62483ae82f57b3aa9164d7b49ab674dd6b7e5dd77a3e9c25d9886623b4ceb514a1439595e0dec39af1f90e4b744fea11bce370b1a821
-
SSDEEP
1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8Yq:Olg35GTslA5t3/w8Yq
Static task
static1
Behavioral task
behavioral1
Sample
e79134bbf4fc06f04534bb5c904e716a6aaf3dcd9103578bddc9e258539357d8.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
e79134bbf4fc06f04534bb5c904e716a6aaf3dcd9103578bddc9e258539357d8.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
e79134bbf4fc06f04534bb5c904e716a6aaf3dcd9103578bddc9e258539357d8.exe
-
Size
70KB
-
MD5
68afcdc8ad14b49e19f33146a0287c3c
-
SHA1
47566c80fc803bc39e3d62f1b6bef298e4954b32
-
SHA256
e79134bbf4fc06f04534bb5c904e716a6aaf3dcd9103578bddc9e258539357d8
-
SHA512
9426e0566b7bd2283a9d62483ae82f57b3aa9164d7b49ab674dd6b7e5dd77a3e9c25d9886623b4ceb514a1439595e0dec39af1f90e4b744fea11bce370b1a821
-
SSDEEP
1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8Yq:Olg35GTslA5t3/w8Yq
Score10/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies WinLogon
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1