31eb62891e255c944cd4020721f3e5fbb0d122156426b48580ed7a6e5e31eaf0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

31eb62891e255c944cd4020721f3e5fbb0d122156426b48580ed7a6e5e31eaf0
Size

316KB
Sample

221003-tsknhsedhk
MD5

05486d9a8dac0a378aca8aff4711bda6
SHA1

c8d8ff3c3e5848aabf1cd9156ea68124e7ce8330
SHA256

31eb62891e255c944cd4020721f3e5fbb0d122156426b48580ed7a6e5e31eaf0
SHA512

014de6fcdbf949187fd27041856d945eb8dd297aba21b5cddf9beaaa59ceb17a64c0e80afa31d7992621307a5c347ee1a19acf7b83658a987211fd0e80571652
SSDEEP

3072:5Yt8BdoraghZS2/iKM42om06aYmfOxTVd3X8E7wiLmeCyQxgvjL:5td2nPvq7vfAfg5dX8E0EmPgr

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  31eb62891e255c944cd4020721f3e5fbb0d122156426b48580ed7a6e5e31eaf0
- Size
  
  316KB
- MD5
  
  05486d9a8dac0a378aca8aff4711bda6
- SHA1
  
  c8d8ff3c3e5848aabf1cd9156ea68124e7ce8330
- SHA256
  
  31eb62891e255c944cd4020721f3e5fbb0d122156426b48580ed7a6e5e31eaf0
- SHA512
  
  014de6fcdbf949187fd27041856d945eb8dd297aba21b5cddf9beaaa59ceb17a64c0e80afa31d7992621307a5c347ee1a19acf7b83658a987211fd0e80571652
- SSDEEP
  
  3072:5Yt8BdoraghZS2/iKM42om06aYmfOxTVd3X8E7wiLmeCyQxgvjL:5td2nPvq7vfAfg5dX8E0EmPgr
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2