3af90f03d3c66f34961a6a9f07d2df0b51fdebf346900bb5cf564c8956a32a50 | Triage

Sharing

General

Target

tmp
Size

1.5MB
Sample

230525-khsrpsha35
MD5

06168af4a9d358eab028fb62b550299f
SHA1

ca5f4a9bf1f5aee03299662b0cf1289f5a786bde
SHA256

3af90f03d3c66f34961a6a9f07d2df0b51fdebf346900bb5cf564c8956a32a50
SHA512

e48f94361b82160cb26090022ae762b8d9453b37efe8ef64e67d828abe8a81fdfd73b9528365750f46bcde2c92da0ee8a9f3f3e7086a1824e71017bbd1d62c12
SSDEEP

24576:J6oV9I0oh2pEGxobDWMAVx123MBAKx9nf4L7XFz3zI9oRe:uhEEVbih123M6KDnfirFDzI9o

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  tmp
- Size
  
  1.5MB
- MD5
  
  06168af4a9d358eab028fb62b550299f
- SHA1
  
  ca5f4a9bf1f5aee03299662b0cf1289f5a786bde
- SHA256
  
  3af90f03d3c66f34961a6a9f07d2df0b51fdebf346900bb5cf564c8956a32a50
- SHA512
  
  e48f94361b82160cb26090022ae762b8d9453b37efe8ef64e67d828abe8a81fdfd73b9528365750f46bcde2c92da0ee8a9f3f3e7086a1824e71017bbd1d62c12
- SSDEEP
  
  24576:J6oV9I0oh2pEGxobDWMAVx123MBAKx9nf4L7XFz3zI9oRe:uhEEVbih123M6KDnfirFDzI9o
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Remote System Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2