30aa6ed4bf80553de2406b91601d215de6ea9f682af906e83c5e7773c8d13037 | Triage

Sharing

General

Target

30aa6ed4bf80553de2406b91601d215de6ea9f682af906e83c5e7773c8d13037
Size

1.2MB
Sample

230524-vs8k1sea9y
MD5

f3c3805d41ca881e16a9998f0bfc2444
SHA1

4c4b90cd23167b387d282ec9c3155b3af32c8b3b
SHA256

30aa6ed4bf80553de2406b91601d215de6ea9f682af906e83c5e7773c8d13037
SHA512

5ff26a57d9caa226080d774afa0235e055d3c288d760dac71ab3146c5313318e2cfc315bcabd21837bb006a17ff0a67c3a07dce7dfc785612a1e58ef1c03a5e9
SSDEEP

24576:or0w2IPEIbM0vAVx123MBAKx9nf4L7XFz3zZ9oAq:wbY123M6KDnfirFDzZ9oAq

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  30aa6ed4bf80553de2406b91601d215de6ea9f682af906e83c5e7773c8d13037
- Size
  
  1.2MB
- MD5
  
  f3c3805d41ca881e16a9998f0bfc2444
- SHA1
  
  4c4b90cd23167b387d282ec9c3155b3af32c8b3b
- SHA256
  
  30aa6ed4bf80553de2406b91601d215de6ea9f682af906e83c5e7773c8d13037
- SHA512
  
  5ff26a57d9caa226080d774afa0235e055d3c288d760dac71ab3146c5313318e2cfc315bcabd21837bb006a17ff0a67c3a07dce7dfc785612a1e58ef1c03a5e9
- SSDEEP
  
  24576:or0w2IPEIbM0vAVx123MBAKx9nf4L7XFz3zZ9oAq:wbY123M6KDnfirFDzZ9oAq
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Remote System Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1