defa4bbf78e4e2330ed2f8dbd98c66bf4e4713d7e2b336ba96b8b99e2f80dd0d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Payment Advice - Advice Ref[GLV404865688] Priority payment Customer Ref[200012052N47095].exe
Size

372KB
Sample

200713-mcj8f74kw6
MD5

18c0f51d5d161edcce0b4e60173c6295
SHA1

8c6e5569298cb9c84019a36bebb8a03956623842
SHA256

defa4bbf78e4e2330ed2f8dbd98c66bf4e4713d7e2b336ba96b8b99e2f80dd0d
SHA512

9a2bc776e10c9ca727acfea2b5ac8adaf323c9e3120ada76f451b3c47c264010b57fdc87082059b976830a79f6e973e5ca06a5a7ef7cdd93969d7a9f9959bd49

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  Payment Advice - Advice Ref[GLV404865688] Priority payment Customer Ref[200012052N47095].exe
- Size
  
  372KB
- MD5
  
  18c0f51d5d161edcce0b4e60173c6295
- SHA1
  
  8c6e5569298cb9c84019a36bebb8a03956623842
- SHA256
  
  defa4bbf78e4e2330ed2f8dbd98c66bf4e4713d7e2b336ba96b8b99e2f80dd0d
- SHA512
  
  9a2bc776e10c9ca727acfea2b5ac8adaf323c9e3120ada76f451b3c47c264010b57fdc87082059b976830a79f6e973e5ca06a5a7ef7cdd93969d7a9f9959bd49
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2