General
-
Target
913175e9e0e0224e7e699f49db6ed61ded4b87b8e66c07533d17005ed04966d8
-
Size
71KB
-
Sample
241114-arew4avqal
-
MD5
b97dad59ad749963438ba6e88828ce06
-
SHA1
6074280b4965f7da2851c01db5522341663ece6a
-
SHA256
913175e9e0e0224e7e699f49db6ed61ded4b87b8e66c07533d17005ed04966d8
-
SHA512
fe965f398ea79d8706bdcbb05b751bf77e0146858628bd26ca46c8a721c7e4ce3ed585adff4799f79caaf34174820eb95dfc054640e569914604fa259d3d7da6
-
SSDEEP
1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8slf:Olg35GTslA5t3/w8u
Static task
static1
Behavioral task
behavioral1
Sample
913175e9e0e0224e7e699f49db6ed61ded4b87b8e66c07533d17005ed04966d8.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
913175e9e0e0224e7e699f49db6ed61ded4b87b8e66c07533d17005ed04966d8.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
913175e9e0e0224e7e699f49db6ed61ded4b87b8e66c07533d17005ed04966d8
-
Size
71KB
-
MD5
b97dad59ad749963438ba6e88828ce06
-
SHA1
6074280b4965f7da2851c01db5522341663ece6a
-
SHA256
913175e9e0e0224e7e699f49db6ed61ded4b87b8e66c07533d17005ed04966d8
-
SHA512
fe965f398ea79d8706bdcbb05b751bf77e0146858628bd26ca46c8a721c7e4ce3ed585adff4799f79caaf34174820eb95dfc054640e569914604fa259d3d7da6
-
SSDEEP
1536:1teqKDlXvCDB04f5Gn/L8FlADNt3d1Hw8slf:Olg35GTslA5t3/w8u
Score10/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies WinLogon
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1