ba5a4a291390fca658338488275503c3da9ccbc438a645ca5f31a9b2ac389d35 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba5a4a291390fca658338488275503c3da9ccbc438a645ca5f31a9b2ac389d35
Size

292KB
Sample

221205-jkx9jahf46
MD5

e3addf6522f1a3b7f5bf29a78afe21ba
SHA1

46adf18a4091edf40759a8945e3bd67641a875c2
SHA256

ba5a4a291390fca658338488275503c3da9ccbc438a645ca5f31a9b2ac389d35
SHA512

e7e1d7629bbd8f6ed2ef64688e1818c72cf1a301b0f8631c736d00c4f9987571234e90175b000a626d764823dc3e4f9a27b2781e6f755b8fc270f6b4af797ffd
SSDEEP

6144:BjxSLyYx88y4nCO2o5w///k38Qi2gwjh+xJx0IIV1zE5gJgVD:BjcmYx834nCObq/i8QiOUJqP3YWJgVD

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  ba5a4a291390fca658338488275503c3da9ccbc438a645ca5f31a9b2ac389d35
- Size
  
  292KB
- MD5
  
  e3addf6522f1a3b7f5bf29a78afe21ba
- SHA1
  
  46adf18a4091edf40759a8945e3bd67641a875c2
- SHA256
  
  ba5a4a291390fca658338488275503c3da9ccbc438a645ca5f31a9b2ac389d35
- SHA512
  
  e7e1d7629bbd8f6ed2ef64688e1818c72cf1a301b0f8631c736d00c4f9987571234e90175b000a626d764823dc3e4f9a27b2781e6f755b8fc270f6b4af797ffd
- SSDEEP
  
  6144:BjxSLyYx88y4nCO2o5w///k38Qi2gwjh+xJx0IIV1zE5gJgVD:BjcmYx834nCObq/i8QiOUJqP3YWJgVD
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2