Overview
overview
10Static
static
3PISUNGOVNO.exe
windows11-21h2-x64
10PISUNGOVNO.exe
windows7-x64
10PISUNGOVNO.exe
windows10-1703-x64
10PISUNGOVNO.exe
windows10-2004-x64
10PISUNGOVNO.exe
windows11-21h2-x64
10PISUNGOVNO.exe
android-9-x86
PISUNGOVNO.exe
android-10-x64
PISUNGOVNO.exe
android-11-x64
PISUNGOVNO.exe
android-13-x64
PISUNGOVNO.exe
android-9-x86
PISUNGOVNO.exe
macos-10.15-amd64
PISUNGOVNO.exe
macos-10.15-amd64
4PISUNGOVNO.exe
debian-12-armhf
PISUNGOVNO.exe
debian-12-mipsel
PISUNGOVNO.exe
debian-9-armhf
PISUNGOVNO.exe
debian-9-mips
General
-
Target
PISUNGOVNO.exe
-
Size
578KB
-
Sample
240706-j78c1svbrd
-
MD5
af68a885c579a1e4b7fec2d67254fb90
-
SHA1
cbba23e160ba0f759a38bc7681ce4aec53f3d220
-
SHA256
89cc026f98feadc56ef6ff6068c06b8ba1b723feed88b6b5c07b0c6733f4bd44
-
SHA512
47cd596aafd7fd5a80d18315a38d3a6415a68d19e3cfc4ed41111a20a4881ee3358bf923564a636936c8c51c3de41a786b60e254497c33618b769914ac349155
-
SSDEEP
6144:NQuFa77aQWHdYKtE09hviWW50RlPyx/3kcHGe6VlWT8b9U73VsPQkK6UVs/k8b5R:TA7rtG65gydSPVle8ot6UVsYXQFDkW
Static task
static1
Behavioral task
behavioral1
Sample
PISUNGOVNO.exe
Resource
win11-20240704-en
Behavioral task
behavioral2
Sample
PISUNGOVNO.exe
Resource
win7-20240221-en
Behavioral task
behavioral3
Sample
PISUNGOVNO.exe
Resource
win10-20240611-en
Behavioral task
behavioral4
Sample
PISUNGOVNO.exe
Resource
win10v2004-20240508-en
Behavioral task
behavioral5
Sample
PISUNGOVNO.exe
Resource
win11-20240704-en
Behavioral task
behavioral6
Sample
PISUNGOVNO.exe
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral7
Sample
PISUNGOVNO.exe
Resource
android-x64-20240624-en
Behavioral task
behavioral8
Sample
PISUNGOVNO.exe
Resource
android-x64-arm64-20240624-en
Behavioral task
behavioral9
Sample
PISUNGOVNO.exe
Resource
android-33-x64-arm64-20240624-en
Behavioral task
behavioral10
Sample
PISUNGOVNO.exe
Resource
android-x86-arm-20240624-en
Behavioral task
behavioral11
Sample
PISUNGOVNO.exe
Resource
macos-20240611-en
Behavioral task
behavioral12
Sample
PISUNGOVNO.exe
Resource
macos-20240611-en
Behavioral task
behavioral13
Sample
PISUNGOVNO.exe
Resource
debian12-armhf-20240418-en
Behavioral task
behavioral14
Sample
PISUNGOVNO.exe
Resource
debian12-mipsel-20240221-en
Behavioral task
behavioral15
Sample
PISUNGOVNO.exe
Resource
debian9-armhf-20240418-en
Behavioral task
behavioral16
Sample
PISUNGOVNO.exe
Resource
debian9-mipsbe-20240611-en
Malware Config
Targets
-
-
Target
PISUNGOVNO.exe
-
Size
578KB
-
MD5
af68a885c579a1e4b7fec2d67254fb90
-
SHA1
cbba23e160ba0f759a38bc7681ce4aec53f3d220
-
SHA256
89cc026f98feadc56ef6ff6068c06b8ba1b723feed88b6b5c07b0c6733f4bd44
-
SHA512
47cd596aafd7fd5a80d18315a38d3a6415a68d19e3cfc4ed41111a20a4881ee3358bf923564a636936c8c51c3de41a786b60e254497c33618b769914ac349155
-
SSDEEP
6144:NQuFa77aQWHdYKtE09hviWW50RlPyx/3kcHGe6VlWT8b9U73VsPQkK6UVs/k8b5R:TA7rtG65gydSPVle8ot6UVsYXQFDkW
Score10/10-
Modifies WinLogon for persistence
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
MITRE ATT&CK Matrix ATT&CK v13
Execution
Command and Scripting Interpreter
1PowerShell
1Scheduled Task/Job
1Scheduled Task
1Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
1Winlogon Helper DLL
1Event Triggered Execution
1AppInit DLLs
1Scheduled Task/Job
1Scheduled Task
1