General
-
Target
cc47723541af26a118739c5a9b464ae8a11f8581bd659c09feee2fff2f16a750
-
Size
1013KB
-
Sample
241121-kdghwavlgj
-
MD5
1743b703e18d0803cbe9181ad9a41c6f
-
SHA1
9ae83b191b15cc3aa52f252d1cca2b7c11c01200
-
SHA256
cc47723541af26a118739c5a9b464ae8a11f8581bd659c09feee2fff2f16a750
-
SHA512
9faa4fde10f68bb1946a1fc1ebc5143ee6153ac3bd1e532e616d8fceb431bfec19576bfc2a43310bfe8153e22cde93641e2ef439aa4c71d5f2ceef45604921c9
-
SSDEEP
24576:QRmJkcoQricOIQxiZY1iaAOTy/zPDCWdjNnMK8:lJZoQrbTFZY1iaAmy/jMn
Static task
static1
Behavioral task
behavioral1
Sample
cc47723541af26a118739c5a9b464ae8a11f8581bd659c09feee2fff2f16a750.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
cc47723541af26a118739c5a9b464ae8a11f8581bd659c09feee2fff2f16a750.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
cc47723541af26a118739c5a9b464ae8a11f8581bd659c09feee2fff2f16a750
-
Size
1013KB
-
MD5
1743b703e18d0803cbe9181ad9a41c6f
-
SHA1
9ae83b191b15cc3aa52f252d1cca2b7c11c01200
-
SHA256
cc47723541af26a118739c5a9b464ae8a11f8581bd659c09feee2fff2f16a750
-
SHA512
9faa4fde10f68bb1946a1fc1ebc5143ee6153ac3bd1e532e616d8fceb431bfec19576bfc2a43310bfe8153e22cde93641e2ef439aa4c71d5f2ceef45604921c9
-
SSDEEP
24576:QRmJkcoQricOIQxiZY1iaAOTy/zPDCWdjNnMK8:lJZoQrbTFZY1iaAmy/jMn
Score10/10-
Modifies WinLogon for persistence
-
Adds policy Run key to start application
-
Modifies Windows Firewall
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Privilege Escalation
Boot or Logon Autostart Execution
3Registry Run Keys / Startup Folder
2Winlogon Helper DLL
1Create or Modify System Process
1Windows Service
1Event Triggered Execution
1Netsh Helper DLL
1Defense Evasion
Impair Defenses
1Disable or Modify System Firewall
1Modify Registry
4Subvert Trust Controls
1Install Root Certificate
1