Overview

overview

10

Static

static

3b15c6d199...d0.exe

windows7-x64

10

3b15c6d199...d0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3b15c6d1995ba535a82fff107cb487a2ef1a7a5c673f9adfe1b6ace45d3032d0

  • Size

    71KB

  • Sample

    221124-axk1asag6x

  • MD5

    3d1a2fc473f42ee4a7fa33042c692ec0

  • SHA1

    81a5254970e046502b3f3d9329550c4eb43213fd

  • SHA256

    3b15c6d1995ba535a82fff107cb487a2ef1a7a5c673f9adfe1b6ace45d3032d0

  • SHA512

    e98d2569952f2c3a24693ed8bb1cd61e1bdb7ad5a7c0f64cb5efeea839a118c877a1e85da1b9b5ed3c68ed750c1023ff497ed1bdda21984861e45fdb10ceae19

  • SSDEEP

    1536:Xjk6Dwdg28ez4+pmxiHA8f1zwQVgvQmG:Xj+dg28ez4iAc1zwLvQmG

Score
10/10
persistence

Malware Config

Targets

    • Target

      3b15c6d1995ba535a82fff107cb487a2ef1a7a5c673f9adfe1b6ace45d3032d0

    • Size

      71KB

    • MD5

      3d1a2fc473f42ee4a7fa33042c692ec0

    • SHA1

      81a5254970e046502b3f3d9329550c4eb43213fd

    • SHA256

      3b15c6d1995ba535a82fff107cb487a2ef1a7a5c673f9adfe1b6ace45d3032d0

    • SHA512

      e98d2569952f2c3a24693ed8bb1cd61e1bdb7ad5a7c0f64cb5efeea839a118c877a1e85da1b9b5ed3c68ed750c1023ff497ed1bdda21984861e45fdb10ceae19

    • SSDEEP

      1536:Xjk6Dwdg28ez4+pmxiHA8f1zwQVgvQmG:Xj+dg28ez4iAc1zwLvQmG

    Score
    10/10
    persistence

    • Modifies WinLogon for persistence

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

1
T1004

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks