General
-
Target
Froggy_1 (1).webp
-
Size
176KB
-
Sample
240630-ln55naygrn
-
MD5
e72ac0161f6462b9ad18a3ceb57c8ba2
-
SHA1
1d5ba71ee7e298e97b389146a6e60df4792a03aa
-
SHA256
9c225a9e6aa60a9b431313dfcb56b1498b4b7a9fc73b5ab4d87a498c8b9424e5
-
SHA512
bde489438d0658e18b9ec9a8008ca6a76ea1d8166ef8c991c7e5281e85869a80ed04ed25a897c74ae2ba19d055890535fb023c6419db89608367e4af6eaf2aee
-
SSDEEP
3072:gdRoa3lNsyj5dHnAp0A9gRkMKIfB5q+xsnZuBVpFUT6IImUdud2ZojqIDSNI2MRu:36KgHn40+NUiuCTCujlS2du
Static task
static1
Behavioral task
behavioral1
Sample
Froggy_1 (1).webp
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
Froggy_1 (1).webp
Resource
win10-20240404-en
Behavioral task
behavioral3
Sample
Froggy_1 (1).webp
Resource
win10v2004-20240611-en
Behavioral task
behavioral4
Sample
Froggy_1 (1).webp
Resource
win11-20240611-en
Malware Config
Targets
-
-
Target
Froggy_1 (1).webp
-
Size
176KB
-
MD5
e72ac0161f6462b9ad18a3ceb57c8ba2
-
SHA1
1d5ba71ee7e298e97b389146a6e60df4792a03aa
-
SHA256
9c225a9e6aa60a9b431313dfcb56b1498b4b7a9fc73b5ab4d87a498c8b9424e5
-
SHA512
bde489438d0658e18b9ec9a8008ca6a76ea1d8166ef8c991c7e5281e85869a80ed04ed25a897c74ae2ba19d055890535fb023c6419db89608367e4af6eaf2aee
-
SSDEEP
3072:gdRoa3lNsyj5dHnAp0A9gRkMKIfB5q+xsnZuBVpFUT6IImUdud2ZojqIDSNI2MRu:36KgHn40+NUiuCTCujlS2du
Score10/10-
Modifies WinLogon for persistence
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
MITRE ATT&CK Matrix ATT&CK v13
Persistence
Boot or Logon Autostart Execution
1Winlogon Helper DLL
1Pre-OS Boot
1Bootkit
1Privilege Escalation
Boot or Logon Autostart Execution
1Winlogon Helper DLL
1Abuse Elevation Control Mechanism
1Bypass User Account Control
1