General
-
Target
621f7e3d68bb323d2c15ec0fb7c0179777f043e422b50c95f63f2df7d8d98dd2N.exe
-
Size
21KB
-
Sample
241117-jlnrgsvejd
-
MD5
0643c1499ac752463c8a2a73cfb48c50
-
SHA1
376c54b1e74b5539f6fae10b88cb38f3de997ec8
-
SHA256
621f7e3d68bb323d2c15ec0fb7c0179777f043e422b50c95f63f2df7d8d98dd2
-
SHA512
04a88bb1ca4f3fb5dca75f5b224640eae6f71c18f740b7714a3fd2eb92f15720b0f6fb72e2a4d73821dc9c6e6b2963adecf246a40ff3700e5ab75563ba8cc1fe
-
SSDEEP
384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvX8Mb7a6hNOQ:rRkiLw3HsDSARGG/MMb7rnOQ
Behavioral task
behavioral1
Sample
621f7e3d68bb323d2c15ec0fb7c0179777f043e422b50c95f63f2df7d8d98dd2N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
621f7e3d68bb323d2c15ec0fb7c0179777f043e422b50c95f63f2df7d8d98dd2N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
621f7e3d68bb323d2c15ec0fb7c0179777f043e422b50c95f63f2df7d8d98dd2N.exe
-
Size
21KB
-
MD5
0643c1499ac752463c8a2a73cfb48c50
-
SHA1
376c54b1e74b5539f6fae10b88cb38f3de997ec8
-
SHA256
621f7e3d68bb323d2c15ec0fb7c0179777f043e422b50c95f63f2df7d8d98dd2
-
SHA512
04a88bb1ca4f3fb5dca75f5b224640eae6f71c18f740b7714a3fd2eb92f15720b0f6fb72e2a4d73821dc9c6e6b2963adecf246a40ff3700e5ab75563ba8cc1fe
-
SSDEEP
384:UBWoC5GDr6wc/w3HgM6vDUTAXBGCVf4WVlFvX8Mb7a6hNOQ:rRkiLw3HsDSARGG/MMb7rnOQ
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Drops file in Drivers directory
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies WinLogon
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1