General
-
Target
28699bc835568e4b34a52fab3ce19a81d9e4cfa375c4c6225712ba3783c88c53
-
Size
63KB
-
Sample
241121-zhmb9asjcl
-
MD5
f38b77863edd34f621504f43de3f21f1
-
SHA1
08e45197c7a96f1767fb5336ce7557a9de317c85
-
SHA256
28699bc835568e4b34a52fab3ce19a81d9e4cfa375c4c6225712ba3783c88c53
-
SHA512
2f6cb7b3165c4c3171c24c65b7397d22cca158599c0c8cac3fa7808529485ec872ac43df3a07d0f2cf07bc7811f35ac7b8ca0c4059a5d8434d8ef65bc6bfd549
-
SSDEEP
768:LAUJmQCcmLCXQq6fsKiJYsIkjJVzqsVG5kuGyLddOW/CtNKB4Ejv:MUNHFKQbIkHvGtdO9K+Wv
Behavioral task
behavioral1
Sample
28699bc835568e4b34a52fab3ce19a81d9e4cfa375c4c6225712ba3783c88c53.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
28699bc835568e4b34a52fab3ce19a81d9e4cfa375c4c6225712ba3783c88c53.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
28699bc835568e4b34a52fab3ce19a81d9e4cfa375c4c6225712ba3783c88c53
-
Size
63KB
-
MD5
f38b77863edd34f621504f43de3f21f1
-
SHA1
08e45197c7a96f1767fb5336ce7557a9de317c85
-
SHA256
28699bc835568e4b34a52fab3ce19a81d9e4cfa375c4c6225712ba3783c88c53
-
SHA512
2f6cb7b3165c4c3171c24c65b7397d22cca158599c0c8cac3fa7808529485ec872ac43df3a07d0f2cf07bc7811f35ac7b8ca0c4059a5d8434d8ef65bc6bfd549
-
SSDEEP
768:LAUJmQCcmLCXQq6fsKiJYsIkjJVzqsVG5kuGyLddOW/CtNKB4Ejv:MUNHFKQbIkHvGtdO9K+Wv
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Drops file in Drivers directory
-
Event Triggered Execution: Image File Execution Options Injection
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies WinLogon
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Winlogon Helper DLL
1Event Triggered Execution
1Image File Execution Options Injection
1