511bd4f1051444242dda8ae6df80720106a6b4d60eab89658baffb142affe730 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PO FILE87965345 exl.exe
Size

1.8MB
Sample

230510-k3a3dsha6z
MD5

26fa36b587e07bde2d99f329ba553e9c
SHA1

5d2b42a954666f85fcf91475c3ec361c4c254764
SHA256

511bd4f1051444242dda8ae6df80720106a6b4d60eab89658baffb142affe730
SHA512

413bf79332518b6af56cc23c162d2b981a94744e463b1a01ab8f3699c681cad077d177e3213132d1791969810bc7065667b331deb4f51570a31c96a625b4c694
SSDEEP

12288:9d7uix2TBXVnBGw4I/6QTdp7lRpIlfMer5iiTvdyEp8NMXzp4J2cT3RnnrgYs3aF:98MXzCYqBrfGadT

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  PO FILE87965345 exl.exe
- Size
  
  1.8MB
- MD5
  
  26fa36b587e07bde2d99f329ba553e9c
- SHA1
  
  5d2b42a954666f85fcf91475c3ec361c4c254764
- SHA256
  
  511bd4f1051444242dda8ae6df80720106a6b4d60eab89658baffb142affe730
- SHA512
  
  413bf79332518b6af56cc23c162d2b981a94744e463b1a01ab8f3699c681cad077d177e3213132d1791969810bc7065667b331deb4f51570a31c96a625b4c694
- SSDEEP
  
  12288:9d7uix2TBXVnBGw4I/6QTdp7lRpIlfMer5iiTvdyEp8NMXzp4J2cT3RnnrgYs3aF:98MXzCYqBrfGadT
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Remote System Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2