General
-
Target
7a8f43187deaf0aa1ba244995e24ebf6fbc1cb2a7475d55fabf97f33685d25e5.exe
-
Size
64KB
-
Sample
241122-jqpvcawrez
-
MD5
bd27b7bfa460b44a0852c2692d519e61
-
SHA1
89fe3f30e7d4074b0afb7038acbcd91783a63ae6
-
SHA256
7a8f43187deaf0aa1ba244995e24ebf6fbc1cb2a7475d55fabf97f33685d25e5
-
SHA512
781d01ab86c69546b30a3a2ae1f5251b3f7487bcca1482958da78413353b0dfb152226be3de9909377490d1c57eab6feca2e7aea9df274692fb833a96a187520
-
SSDEEP
1536:8g/9T8ROcQupqqusN3mrS/ztMhkywRFUnTmc5n4IIIIIIIIIIIIIIIIII/IIIIIN:8g585LpPCrQt7F84IIIIIIIIIIIIIIIT
Malware Config
Targets
-
-
Target
7a8f43187deaf0aa1ba244995e24ebf6fbc1cb2a7475d55fabf97f33685d25e5.exe
-
Size
64KB
-
MD5
bd27b7bfa460b44a0852c2692d519e61
-
SHA1
89fe3f30e7d4074b0afb7038acbcd91783a63ae6
-
SHA256
7a8f43187deaf0aa1ba244995e24ebf6fbc1cb2a7475d55fabf97f33685d25e5
-
SHA512
781d01ab86c69546b30a3a2ae1f5251b3f7487bcca1482958da78413353b0dfb152226be3de9909377490d1c57eab6feca2e7aea9df274692fb833a96a187520
-
SSDEEP
1536:8g/9T8ROcQupqqusN3mrS/ztMhkywRFUnTmc5n4IIIIIIIIIIIIIIIIII/IIIIIN:8g585LpPCrQt7F84IIIIIIIIIIIIIIIT
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Disables RegEdit via registry modification
-
ASPack v2.12-2.42
Detects executables packed with ASPack v2.12-2.42
-
Executes dropped EXE
-
Modifies system executable filetype association
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Event Triggered Execution
1Change Default File Association
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Event Triggered Execution
1Change Default File Association
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
4