General
-
Target
4edcf75cb2ea7a2be22f72ba972d8b2749129123fb06a9cf3aa3424e0577c976N.exe
-
Size
49KB
-
Sample
241117-q5xl3a1eng
-
MD5
99db74e6b8f17f919042a9b8c3ddbfa0
-
SHA1
dcf14d5f246d649e3e781d43088f9d61bea83dd5
-
SHA256
4edcf75cb2ea7a2be22f72ba972d8b2749129123fb06a9cf3aa3424e0577c976
-
SHA512
7083b0af9d7e56011ec79157b77283f458e97f87ebdb74bd8257511cb9a5fce85ba590ea729ee58b51f453213175a07579763bb4d0bba86967d1fdd1cb29f75a
-
SSDEEP
768:jIUWEPjngBnD/nrpPlOs6tSTMHhORSkVZWodeYmPVIdJ:jsAnGj9PkLST+WSkVZWycPVKJ
Static task
static1
Behavioral task
behavioral1
Sample
4edcf75cb2ea7a2be22f72ba972d8b2749129123fb06a9cf3aa3424e0577c976N.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
4edcf75cb2ea7a2be22f72ba972d8b2749129123fb06a9cf3aa3424e0577c976N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
4edcf75cb2ea7a2be22f72ba972d8b2749129123fb06a9cf3aa3424e0577c976N.exe
-
Size
49KB
-
MD5
99db74e6b8f17f919042a9b8c3ddbfa0
-
SHA1
dcf14d5f246d649e3e781d43088f9d61bea83dd5
-
SHA256
4edcf75cb2ea7a2be22f72ba972d8b2749129123fb06a9cf3aa3424e0577c976
-
SHA512
7083b0af9d7e56011ec79157b77283f458e97f87ebdb74bd8257511cb9a5fce85ba590ea729ee58b51f453213175a07579763bb4d0bba86967d1fdd1cb29f75a
-
SSDEEP
768:jIUWEPjngBnD/nrpPlOs6tSTMHhORSkVZWodeYmPVIdJ:jsAnGj9PkLST+WSkVZWycPVKJ
Score10/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Drops file in Drivers directory
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies WinLogon
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1