General
-
Target
1ef6cd42023e9b6fca4168019bd49b8b3544a28541c041cd2c22e073ec1f9ab2.exe
-
Size
62KB
-
Sample
241120-wja4tsvnek
-
MD5
fb7f1c3c694ea35946a1fe0415f882de
-
SHA1
c51196f374e9f21a7086f24929ab20a257432873
-
SHA256
1ef6cd42023e9b6fca4168019bd49b8b3544a28541c041cd2c22e073ec1f9ab2
-
SHA512
7e7ecea62af28573761848d2742aa9cff02e4dcfa74b3b918545ebd42add3b051e7afb4ef66e1fc900e8c917d18e1771175cbf80495334f3d26497556f707385
-
SSDEEP
1536:8g/9T8ROcQupqqusN3mrS/ztMhkywRFUnTmc5n4IIIIIIIIIIIIIIIIIIDIIIIIC:8g585LpPCrQt7F84IIIIIIIIIIIIIIIU
Malware Config
Targets
-
-
Target
1ef6cd42023e9b6fca4168019bd49b8b3544a28541c041cd2c22e073ec1f9ab2.exe
-
Size
62KB
-
MD5
fb7f1c3c694ea35946a1fe0415f882de
-
SHA1
c51196f374e9f21a7086f24929ab20a257432873
-
SHA256
1ef6cd42023e9b6fca4168019bd49b8b3544a28541c041cd2c22e073ec1f9ab2
-
SHA512
7e7ecea62af28573761848d2742aa9cff02e4dcfa74b3b918545ebd42add3b051e7afb4ef66e1fc900e8c917d18e1771175cbf80495334f3d26497556f707385
-
SSDEEP
1536:8g/9T8ROcQupqqusN3mrS/ztMhkywRFUnTmc5n4IIIIIIIIIIIIIIIIIIDIIIIIC:8g585LpPCrQt7F84IIIIIIIIIIIIIIIU
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Disables RegEdit via registry modification
-
ASPack v2.12-2.42
Detects executables packed with ASPack v2.12-2.42
-
Executes dropped EXE
-
Modifies system executable filetype association
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Event Triggered Execution
1Change Default File Association
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Event Triggered Execution
1Change Default File Association
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
4