General
-
Target
a81b318fbfd733366340305a6f77bd73e879049b26d1a5e42c3e59f424fe822e
-
Size
34KB
-
Sample
241114-bqeqdawkel
-
MD5
43641196e0d4c8995133d4d3c721a0c4
-
SHA1
422ef769e8eaf0ef26ebb71b43d3f762a25dadce
-
SHA256
a81b318fbfd733366340305a6f77bd73e879049b26d1a5e42c3e59f424fe822e
-
SHA512
eb00d08f1dbcf2aed302d4499d6589ff1e5f73ad7986804668d0c2a0b0c1009e2f4c556a386e4340a789098f32604e6f3c4ac286a3a66c72ae94a96a2e4f681b
-
SSDEEP
768:tQbuQRy2UjmUndnlTttxDn+3jiSkjRY6AB7kKfYoJ+ifBEewzKOwkV:QuQRylaUDTDxDXjy6AB7koYy2TT
Behavioral task
behavioral1
Sample
a81b318fbfd733366340305a6f77bd73e879049b26d1a5e42c3e59f424fe822e.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
a81b318fbfd733366340305a6f77bd73e879049b26d1a5e42c3e59f424fe822e.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
a81b318fbfd733366340305a6f77bd73e879049b26d1a5e42c3e59f424fe822e
-
Size
34KB
-
MD5
43641196e0d4c8995133d4d3c721a0c4
-
SHA1
422ef769e8eaf0ef26ebb71b43d3f762a25dadce
-
SHA256
a81b318fbfd733366340305a6f77bd73e879049b26d1a5e42c3e59f424fe822e
-
SHA512
eb00d08f1dbcf2aed302d4499d6589ff1e5f73ad7986804668d0c2a0b0c1009e2f4c556a386e4340a789098f32604e6f3c4ac286a3a66c72ae94a96a2e4f681b
-
SSDEEP
768:tQbuQRy2UjmUndnlTttxDn+3jiSkjRY6AB7kKfYoJ+ifBEewzKOwkV:QuQRylaUDTDxDXjy6AB7koYy2TT
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies WinLogon
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1