Scan34295420.scr

General
Target

Scan34295420.scr

Size

875KB

Sample

210113-8sjwdndyee

Score
10 /10
MD5

389ca41e54649946a7b8b1c15d0da2df

SHA1

3ce9137efc80c5e169cb9b0a200339fae09c1202

SHA256

75674ba2558d6fcf6d3992f09bd87aab282ea0b2d9bd01d6e0149a869506e3ce

SHA512

6fc158d738aa3112ad81b84e8c2b68f73828c40dec9654abd8d6ee2147b50f47b7e7df87cb277b5bd9cd4e95f73905438f12346407aac0ca545c6a0591210c95

Malware Config
Targets
Target

Scan34295420.scr

MD5

389ca41e54649946a7b8b1c15d0da2df

Filesize

875KB

Score
10 /10
SHA1

3ce9137efc80c5e169cb9b0a200339fae09c1202

SHA256

75674ba2558d6fcf6d3992f09bd87aab282ea0b2d9bd01d6e0149a869506e3ce

SHA512

6fc158d738aa3112ad81b84e8c2b68f73828c40dec9654abd8d6ee2147b50f47b7e7df87cb277b5bd9cd4e95f73905438f12346407aac0ca545c6a0591210c95

Tags

Signatures

  • Modifies WinLogon for persistence

    Tags

    TTPs

    Winlogon Helper DLL Modify Registry
  • Executes dropped EXE

  • Loads dropped DLL

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Discovery
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                    Privilege Escalation
                      Tasks

                      static1

                      behavioral1

                      10/10

                      behavioral2

                      10/10