09049fb5294ed85e9f38e2e17e4999f5f866f9c3365ab55c1687d9c302acb458 | Triage

Sharing

General

Target

09049fb5294ed85e9f38e2e17e4999f5f866f9c3365ab55c1687d9c302acb458
Size

110KB
Sample

221106-d7v5ssbab6
MD5

39c42eb53c5d7bc20589be15fd6c68e1
SHA1

020eb218f3a860487d3dd4cc1cdc2c4054a862ef
SHA256

09049fb5294ed85e9f38e2e17e4999f5f866f9c3365ab55c1687d9c302acb458
SHA512

2289a8e6f35657240612b374a43eda9235b622b7db6524308eb6a6cc236828e1a9e6d126c97abd371951300ddc287b0ed4d61a8341f70975dd52949ce940d702
SSDEEP

1536:J3mg+pp1mHK4DKOj1/y/A/ZvNkzMzk/XQuaVe4cCTOFWIkNU7zJgRoZ:7+pp4ll/t+MduuczF/kyNgRoZ

Score

10^/10

persistence upx

Malware Config

Targets

- Target
  
  09049fb5294ed85e9f38e2e17e4999f5f866f9c3365ab55c1687d9c302acb458
- Size
  
  110KB
- MD5
  
  39c42eb53c5d7bc20589be15fd6c68e1
- SHA1
  
  020eb218f3a860487d3dd4cc1cdc2c4054a862ef
- SHA256
  
  09049fb5294ed85e9f38e2e17e4999f5f866f9c3365ab55c1687d9c302acb458
- SHA512
  
  2289a8e6f35657240612b374a43eda9235b622b7db6524308eb6a6cc236828e1a9e6d126c97abd371951300ddc287b0ed4d61a8341f70975dd52949ce940d702
- SSDEEP
  
  1536:J3mg+pp1mHK4DKOj1/y/A/ZvNkzMzk/XQuaVe4cCTOFWIkNU7zJgRoZ:7+pp4ll/t+MduuczF/kyNgRoZ
Score

10^/10

persistence upx
- Modifies WinLogon for persistence
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2