General
-
Target
609e3a4e71537df2af6902d6cacc7d1f72089823ecfdfab987b293d2530a8a51N.exe
-
Size
136KB
-
Sample
241203-t6xv1atmex
-
MD5
6b9f3f1d51c4c4608e9459fb2a30d390
-
SHA1
63aed05364191d433c6055f727ad2c669f019af5
-
SHA256
609e3a4e71537df2af6902d6cacc7d1f72089823ecfdfab987b293d2530a8a51
-
SHA512
a5aaef1da126388613ada546b56a456822206d802f0c8138382130b0594391ef8cf04422227a85fa59d6449c70e0bf5e469ccff4bd8a54ea5123a67a71ff722d
-
SSDEEP
3072:3LVoDvPd+A4WhkhXDl+i1lApwH08TdpIIIIIIIIIIIIIIIII/IIIIIIIIIIIIII5:ZopGGgbiwU8J+
Malware Config
Targets
-
-
Target
609e3a4e71537df2af6902d6cacc7d1f72089823ecfdfab987b293d2530a8a51N.exe
-
Size
136KB
-
MD5
6b9f3f1d51c4c4608e9459fb2a30d390
-
SHA1
63aed05364191d433c6055f727ad2c669f019af5
-
SHA256
609e3a4e71537df2af6902d6cacc7d1f72089823ecfdfab987b293d2530a8a51
-
SHA512
a5aaef1da126388613ada546b56a456822206d802f0c8138382130b0594391ef8cf04422227a85fa59d6449c70e0bf5e469ccff4bd8a54ea5123a67a71ff722d
-
SSDEEP
3072:3LVoDvPd+A4WhkhXDl+i1lApwH08TdpIIIIIIIIIIIIIIIII/IIIIIIIIIIIIII5:ZopGGgbiwU8J+
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Disables RegEdit via registry modification
-
Executes dropped EXE
-
Modifies system executable filetype association
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Event Triggered Execution
1Change Default File Association
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Event Triggered Execution
1Change Default File Association
1Defense Evasion
Hide Artifacts
1Hidden Files and Directories
1Modify Registry
4