General

  • Target

    Scan34295420.scr

  • Size

    875KB

  • Sample

    210113-8sjwdndyee

  • MD5

    389ca41e54649946a7b8b1c15d0da2df

  • SHA1

    3ce9137efc80c5e169cb9b0a200339fae09c1202

  • SHA256

    75674ba2558d6fcf6d3992f09bd87aab282ea0b2d9bd01d6e0149a869506e3ce

  • SHA512

    6fc158d738aa3112ad81b84e8c2b68f73828c40dec9654abd8d6ee2147b50f47b7e7df87cb277b5bd9cd4e95f73905438f12346407aac0ca545c6a0591210c95

Score
10/10

Malware Config

Targets

    • Target

      Scan34295420.scr

    • Size

      875KB

    • MD5

      389ca41e54649946a7b8b1c15d0da2df

    • SHA1

      3ce9137efc80c5e169cb9b0a200339fae09c1202

    • SHA256

      75674ba2558d6fcf6d3992f09bd87aab282ea0b2d9bd01d6e0149a869506e3ce

    • SHA512

      6fc158d738aa3112ad81b84e8c2b68f73828c40dec9654abd8d6ee2147b50f47b7e7df87cb277b5bd9cd4e95f73905438f12346407aac0ca545c6a0591210c95

    Score
    10/10
    • Modifies WinLogon for persistence

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Winlogon Helper DLL

1
T1004

Defense Evasion

Modify Registry

1
T1112

Tasks