General
-
Target
c09e1a35ea35ccb0436ae3f732c53e79f7e916c62a031d2a6f7a016d37a599f3
-
Size
49KB
-
Sample
241117-kwa4tazrbm
-
MD5
95adad2137b3f9e67fa6b15143dec0a7
-
SHA1
26462e254869ecfd4a68c95e0523216c54544098
-
SHA256
c09e1a35ea35ccb0436ae3f732c53e79f7e916c62a031d2a6f7a016d37a599f3
-
SHA512
51b5562358c0963883f914c3b9f11cdfe85b1e19d13b6fbfa599d826c033404b098e358606145829b2f05e913ec0210af432a52c809373ca312234be3916726a
-
SSDEEP
768:jIUidxNet9ygRCmpTtlXTXmJPcRjwnU/AfzJU+NqEFlLKLNzHryi:jrPt1XDmJkiNLuZrryi
Static task
static1
Behavioral task
behavioral1
Sample
c09e1a35ea35ccb0436ae3f732c53e79f7e916c62a031d2a6f7a016d37a599f3.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
c09e1a35ea35ccb0436ae3f732c53e79f7e916c62a031d2a6f7a016d37a599f3.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
c09e1a35ea35ccb0436ae3f732c53e79f7e916c62a031d2a6f7a016d37a599f3
-
Size
49KB
-
MD5
95adad2137b3f9e67fa6b15143dec0a7
-
SHA1
26462e254869ecfd4a68c95e0523216c54544098
-
SHA256
c09e1a35ea35ccb0436ae3f732c53e79f7e916c62a031d2a6f7a016d37a599f3
-
SHA512
51b5562358c0963883f914c3b9f11cdfe85b1e19d13b6fbfa599d826c033404b098e358606145829b2f05e913ec0210af432a52c809373ca312234be3916726a
-
SSDEEP
768:jIUidxNet9ygRCmpTtlXTXmJPcRjwnU/AfzJU+NqEFlLKLNzHryi:jrPt1XDmJkiNLuZrryi
Score10/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Drops file in Drivers directory
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies WinLogon
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1