General
-
Target
3245971170227807104fe959af3bf08d050905a3777044c064932dbc795787b6N.exe
-
Size
92KB
-
Sample
241122-rcx8kaxqek
-
MD5
f18247b28fecf828f707fbd68e25e450
-
SHA1
c629280553a4ffbe5be59dca3d3130b47d241b3c
-
SHA256
3245971170227807104fe959af3bf08d050905a3777044c064932dbc795787b6
-
SHA512
9a94038faa7bfab0070507b6fc64891de8bd03d9e91db713af22c872031776b44ee79eae98068e4279acff1ea25a042247bd73a80c5d00ee5c8dd166b33732d7
-
SSDEEP
768:4zW4wnebSdDlmkok6lRGXu+jKZAOWjpiRHVAGr4PzpyRAJ7IwnDoSdj:41bC4Bk6lMTOWw4PkRAPoI
Malware Config
Targets
-
-
Target
3245971170227807104fe959af3bf08d050905a3777044c064932dbc795787b6N.exe
-
Size
92KB
-
MD5
f18247b28fecf828f707fbd68e25e450
-
SHA1
c629280553a4ffbe5be59dca3d3130b47d241b3c
-
SHA256
3245971170227807104fe959af3bf08d050905a3777044c064932dbc795787b6
-
SHA512
9a94038faa7bfab0070507b6fc64891de8bd03d9e91db713af22c872031776b44ee79eae98068e4279acff1ea25a042247bd73a80c5d00ee5c8dd166b33732d7
-
SSDEEP
768:4zW4wnebSdDlmkok6lRGXu+jKZAOWjpiRHVAGr4PzpyRAJ7IwnDoSdj:41bC4Bk6lMTOWw4PkRAPoI
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Winlogon Helper DLL
1Event Triggered Execution
1Change Default File Association
1