e036ae5b66f446b921133e33d7b8e9f9aa4acb40aba12a5987150127611bf7fb | Triage

Resubmissions

02/07/2023, 11:24

230702-nhn1asbc93 10

02/07/2023, 11:13

230702-nbes2sbc74 10

Sharing

General

Target

0761a640d2bd3ec40745af1df8780febf347dff79a89ed3a67b95bf68b59cb9a.exe
Size

1.6MB
Sample

230702-nbes2sbc74
MD5

160b58b58d0c37944ad030dc27548c11
SHA1

91f0e5896a9f30cd4294c9389cbbd7572e6264e5
SHA256

e036ae5b66f446b921133e33d7b8e9f9aa4acb40aba12a5987150127611bf7fb
SHA512

104219beea895629976cdf307433b42f7bf3d49bf8a5353eaa3139d970ffd9fe7f909d144b0bcbca57a1525543102dba6a05f24f6ecfb7faa7b8f896adc4f756
SSDEEP

49152:55tLuoO1/5ZGiqE0tixMUsMS5zDCsRXrciTtMJm2/O3YI:zvOl58VdtiDs3JXr7hMJRm3YI

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  0761a640d2bd3ec40745af1df8780febf347dff79a89ed3a67b95bf68b59cb9a.exe
- Size
  
  1.6MB
- MD5
  
  160b58b58d0c37944ad030dc27548c11
- SHA1
  
  91f0e5896a9f30cd4294c9389cbbd7572e6264e5
- SHA256
  
  e036ae5b66f446b921133e33d7b8e9f9aa4acb40aba12a5987150127611bf7fb
- SHA512
  
  104219beea895629976cdf307433b42f7bf3d49bf8a5353eaa3139d970ffd9fe7f909d144b0bcbca57a1525543102dba6a05f24f6ecfb7faa7b8f896adc4f756
- SSDEEP
  
  49152:55tLuoO1/5ZGiqE0tixMUsMS5zDCsRXrciTtMJm2/O3YI:zvOl58VdtiDs3JXr7hMJRm3YI
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2