General
-
Target
a812ed1d18abc7ac7a202c491ce11a2166a5848118eed23502ed91a102d862c7
-
Size
64KB
-
Sample
241122-dek45ayqbm
-
MD5
d721e2bf9abc01139dcebd832734eb86
-
SHA1
a1c1f777e8b73dd61b89166798bf05163355c0ef
-
SHA256
a812ed1d18abc7ac7a202c491ce11a2166a5848118eed23502ed91a102d862c7
-
SHA512
b8d04c658f5a9ad4bd4b3c0940ff24b8f9fc00447293fa3c285d2ac917829aa97864ad6da914e05bce09ecae60a997b69e52978f44dc15fa402e8324e655216a
-
SSDEEP
1536:8g/9T8ROcQupqqusN3mrS/ztMhkywRFUnTmc5n4IIIIIIIIIIIIIIIIII/IIIIIn:8g585LpPCrQt7F84IIIIIIIIIIIIIIIl
Malware Config
Targets
-
-
Target
a812ed1d18abc7ac7a202c491ce11a2166a5848118eed23502ed91a102d862c7
-
Size
64KB
-
MD5
d721e2bf9abc01139dcebd832734eb86
-
SHA1
a1c1f777e8b73dd61b89166798bf05163355c0ef
-
SHA256
a812ed1d18abc7ac7a202c491ce11a2166a5848118eed23502ed91a102d862c7
-
SHA512
b8d04c658f5a9ad4bd4b3c0940ff24b8f9fc00447293fa3c285d2ac917829aa97864ad6da914e05bce09ecae60a997b69e52978f44dc15fa402e8324e655216a
-
SSDEEP
1536:8g/9T8ROcQupqqusN3mrS/ztMhkywRFUnTmc5n4IIIIIIIIIIIIIIIIII/IIIIIn:8g585LpPCrQt7F84IIIIIIIIIIIIIIIl
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Disables RegEdit via registry modification
-
ASPack v2.12-2.42
Detects executables packed with ASPack v2.12-2.42
-
Executes dropped EXE
-
Modifies system executable filetype association
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Event Triggered Execution
1Change Default File Association
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Event Triggered Execution
1Change Default File Association
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
4