General

  • Target

    7b58cbd9f9bc039787b8d8641932415cfa82ab58152ae8c5169a6c848871b817

  • Size

    71KB

  • Sample

    241112-3vg5vatbqh

  • MD5

    9a33d2aac3ba771f5701126732193212

  • SHA1

    ed17642a2117409ff350f1299532f467b7a27fbc

  • SHA256

    7b58cbd9f9bc039787b8d8641932415cfa82ab58152ae8c5169a6c848871b817

  • SHA512

    5d76bbb9284125e590a6133c87bc987d8969f3717f310294c931a9f1ce204a7db259857d11154d81e9ec327f93ff60b801c7c69a24313a409d9efed6bd53dbe7

  • SSDEEP

    1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8slKd:Olg35GTslA5t3/w8Xd

Malware Config

Targets

    • Target

      7b58cbd9f9bc039787b8d8641932415cfa82ab58152ae8c5169a6c848871b817

    • Size

      71KB

    • MD5

      9a33d2aac3ba771f5701126732193212

    • SHA1

      ed17642a2117409ff350f1299532f467b7a27fbc

    • SHA256

      7b58cbd9f9bc039787b8d8641932415cfa82ab58152ae8c5169a6c848871b817

    • SHA512

      5d76bbb9284125e590a6133c87bc987d8969f3717f310294c931a9f1ce204a7db259857d11154d81e9ec327f93ff60b801c7c69a24313a409d9efed6bd53dbe7

    • SSDEEP

      1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8slKd:Olg35GTslA5t3/w8Xd

    • Windows security bypass

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Event Triggered Execution: Image File Execution Options Injection

    • Executes dropped EXE

    • Loads dropped DLL

    • Windows security modification

    • Indicator Removal: Clear Persistence

      remove IFEO.

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks