General
-
Target
c3a32be797d2ac87e8768977188bfce50335dc7c834de51bbbaf00b1993be58aN.exe
-
Size
21KB
-
Sample
241114-e7phpavdlq
-
MD5
26be2722114513c8271df792f829cc30
-
SHA1
dc8b03c4ae694c507a5fb012b0d93f5535f7f93e
-
SHA256
c3a32be797d2ac87e8768977188bfce50335dc7c834de51bbbaf00b1993be58a
-
SHA512
7ec0bdf2d7da0be6dc514334bbc8ffdc4dbdec456cd655acdcfd83714db6c3dcd9acf2d9040751fdefc0719b08086b68a7589bc325660e68ca2764b08adfa7f1
-
SSDEEP
384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvXk284EjIm1rz:rRkiLw3HsDSARGG/+4EjR
Behavioral task
behavioral1
Sample
c3a32be797d2ac87e8768977188bfce50335dc7c834de51bbbaf00b1993be58aN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
c3a32be797d2ac87e8768977188bfce50335dc7c834de51bbbaf00b1993be58aN.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
c3a32be797d2ac87e8768977188bfce50335dc7c834de51bbbaf00b1993be58aN.exe
-
Size
21KB
-
MD5
26be2722114513c8271df792f829cc30
-
SHA1
dc8b03c4ae694c507a5fb012b0d93f5535f7f93e
-
SHA256
c3a32be797d2ac87e8768977188bfce50335dc7c834de51bbbaf00b1993be58a
-
SHA512
7ec0bdf2d7da0be6dc514334bbc8ffdc4dbdec456cd655acdcfd83714db6c3dcd9acf2d9040751fdefc0719b08086b68a7589bc325660e68ca2764b08adfa7f1
-
SSDEEP
384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvXk284EjIm1rz:rRkiLw3HsDSARGG/+4EjR
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Drops file in Drivers directory
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies WinLogon
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1