General
-
Target
e5f6704df110055a0c7111271796451f357255738792a14f9a96f415e96cb6f0N.exe
-
Size
81KB
-
Sample
241113-hghh8szqam
-
MD5
bf7b28919b74dc6aa82bb8167dcec3f1
-
SHA1
aa1398a124c3b66ec896f59af7c3a363ea282c85
-
SHA256
2f7e03402ede5005d182387ad20bde41f5eed1056df955435a2da64dab128a1b
-
SHA512
9ed1eb113d5489640f4128ffe6a86c3fab9fcebcefe91f8afa81b70fa7cf0ef2f7adef806a9f2eec177ef7babfef09d5d75f94b8f1d033a151ca72644aaa9eea
-
SSDEEP
1536:BteqGDlXvCDB04f5Gn/L8ZlALNtnd17i9wi:Olg35GTclABtnDi9wi
Static task
static1
Behavioral task
behavioral1
Sample
e5f6704df110055a0c7111271796451f357255738792a14f9a96f415e96cb6f0N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
e5f6704df110055a0c7111271796451f357255738792a14f9a96f415e96cb6f0N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
e5f6704df110055a0c7111271796451f357255738792a14f9a96f415e96cb6f0N.exe
-
Size
81KB
-
MD5
bf7b28919b74dc6aa82bb8167dcec3f1
-
SHA1
aa1398a124c3b66ec896f59af7c3a363ea282c85
-
SHA256
2f7e03402ede5005d182387ad20bde41f5eed1056df955435a2da64dab128a1b
-
SHA512
9ed1eb113d5489640f4128ffe6a86c3fab9fcebcefe91f8afa81b70fa7cf0ef2f7adef806a9f2eec177ef7babfef09d5d75f94b8f1d033a151ca72644aaa9eea
-
SSDEEP
1536:BteqGDlXvCDB04f5Gn/L8ZlALNtnd17i9wi:Olg35GTclABtnDi9wi
Score10/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies WinLogon
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1