General
-
Target
a4c39c18a0b3f023fe2ffdf2fbe82b5cce157e90b46c9ffd362e207a57974641
-
Size
92KB
-
Sample
241121-ecm2dasrck
-
MD5
cc4ce4dfb72cdbe07b67bdd69e73091d
-
SHA1
e839c152ca9e9d0c69d7cb5cdbc0be82a57a1201
-
SHA256
a4c39c18a0b3f023fe2ffdf2fbe82b5cce157e90b46c9ffd362e207a57974641
-
SHA512
e2ee95fbfab37cab337d0d50122d6a1184c6673d226f0e89ebcbadb6c0469df33e3822fb7c0f843a10f797347eb32e66c8fe3c648c06680157a56e030e3ea4ff
-
SSDEEP
768:4zW4wnebSdDlmkok6lRGXu+jKZAOWjpiRHVAGr4PzpyRAJ7IwnDoSdj:41bC4Bk6lMTOWw4PkRAPoW
Malware Config
Targets
-
-
Target
a4c39c18a0b3f023fe2ffdf2fbe82b5cce157e90b46c9ffd362e207a57974641
-
Size
92KB
-
MD5
cc4ce4dfb72cdbe07b67bdd69e73091d
-
SHA1
e839c152ca9e9d0c69d7cb5cdbc0be82a57a1201
-
SHA256
a4c39c18a0b3f023fe2ffdf2fbe82b5cce157e90b46c9ffd362e207a57974641
-
SHA512
e2ee95fbfab37cab337d0d50122d6a1184c6673d226f0e89ebcbadb6c0469df33e3822fb7c0f843a10f797347eb32e66c8fe3c648c06680157a56e030e3ea4ff
-
SSDEEP
768:4zW4wnebSdDlmkok6lRGXu+jKZAOWjpiRHVAGr4PzpyRAJ7IwnDoSdj:41bC4Bk6lMTOWw4PkRAPoW
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Winlogon Helper DLL
1Event Triggered Execution
1Change Default File Association
1