c141860c27f7a08e60f28fde73dc7fc2be3239189d47d25c1825a0a660629433 | Triage

Sharing

General

Target

c141860c27f7a08e60f28fde73dc7fc2be3239189d47d25c1825a0a660629433
Size

433KB
Sample

210511-xnapgbsb9a
MD5

24b45e3076bdb6602d691083a76c8f62
SHA1

1a06aa273820f9e6b43f529cf3f4ee96b6e8b839
SHA256

c141860c27f7a08e60f28fde73dc7fc2be3239189d47d25c1825a0a660629433
SHA512

37543c23e7ff7500ea2a98b05a7cb029b70da40fed4c408471030295b354cba4d69f90134b370e533fb655a2b15fa0655e703d33a46f4b3fd553fb6f10c2e29a

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  c141860c27f7a08e60f28fde73dc7fc2be3239189d47d25c1825a0a660629433
- Size
  
  433KB
- MD5
  
  24b45e3076bdb6602d691083a76c8f62
- SHA1
  
  1a06aa273820f9e6b43f529cf3f4ee96b6e8b839
- SHA256
  
  c141860c27f7a08e60f28fde73dc7fc2be3239189d47d25c1825a0a660629433
- SHA512
  
  37543c23e7ff7500ea2a98b05a7cb029b70da40fed4c408471030295b354cba4d69f90134b370e533fb655a2b15fa0655e703d33a46f4b3fd553fb6f10c2e29a
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2