d1f5f8329a9d7e29899f1c171ad24b96210208caabbe2f41d408bb390ee691e1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aslsgh.exe
Size

1.1MB
Sample

230802-gskmasdb48
MD5

e50a1bcd64d09e30d14808184359f693
SHA1

1886dc9ff0fdc999194601db689c04e90a6876df
SHA256

d1f5f8329a9d7e29899f1c171ad24b96210208caabbe2f41d408bb390ee691e1
SHA512

8376f1c03b2c4a573697c4c00f0c73eb1412c91e0af08f5002a51818a7d32b42748427b00204b2f5539763ab5d96ddcdeacd8f2722d7d4031d7f254eacc3178d
SSDEEP

12288:bTPgbpXnkP2IbuRPXNHBhjyEKx2DWNz2Ud6GYFlD2p:bT4JnPLRftQNPwG4g

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  aslsgh.exe
- Size
  
  1.1MB
- MD5
  
  e50a1bcd64d09e30d14808184359f693
- SHA1
  
  1886dc9ff0fdc999194601db689c04e90a6876df
- SHA256
  
  d1f5f8329a9d7e29899f1c171ad24b96210208caabbe2f41d408bb390ee691e1
- SHA512
  
  8376f1c03b2c4a573697c4c00f0c73eb1412c91e0af08f5002a51818a7d32b42748427b00204b2f5539763ab5d96ddcdeacd8f2722d7d4031d7f254eacc3178d
- SSDEEP
  
  12288:bTPgbpXnkP2IbuRPXNHBhjyEKx2DWNz2Ud6GYFlD2p:bT4JnPLRftQNPwG4g
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2