65d029c81de68b2db56238ef3016dc0da5831510c62b0b14f805d89c2da3aaa8 | Triage

Resubmissions

08/08/2023, 15:11

230808-skprtsdc92 10

08/08/2023, 15:06

230808-sgsdjsdc47 10

Sharing

General

Target

0060fa563c86399ac56dfc261181beeeafc3a74ded1f88ee248d794fcb14e178.zip
Size

772KB
Sample

230808-sgsdjsdc47
MD5

ef11828ae9c6c100eb077120fc619fd2
SHA1

41be91c0acf2340ac9d8de002cbff0d3e0081185
SHA256

65d029c81de68b2db56238ef3016dc0da5831510c62b0b14f805d89c2da3aaa8
SHA512

1d71e3eb07525fa80901a09332a5ea49c1fafc2cf96682f5c7b456febda149a683d5bdc442dada6886e6bd4ff58b0c0110d74d1bcd59084a02a2d7c1bc5a981a
SSDEEP

12288:ht0rlifyrOR1X/b45Xh5A/XdNZg2ioFsCCskw34aeGMrON2mG0a6LwTRSg:0rlJrU1wXhAW2fuCCsF34Q6UsSg

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  0060fa563c86399ac56dfc261181beeeafc3a74ded1f88ee248d794fcb14e178.exe
- Size
  
  843KB
- MD5
  
  63f04650961b3a4450c5bd784a63fa66
- SHA1
  
  6712833546ab1e1d94d7d92e03fcf118d9551c85
- SHA256
  
  0060fa563c86399ac56dfc261181beeeafc3a74ded1f88ee248d794fcb14e178
- SHA512
  
  5622baa6a032e2fd33298a0203ca11fc790c5dcac788f4edb67255ae64cf463f6785f5112e1cca85b8188600947cf3f610209597535dbc4dbbc40c42143e5a9d
- SSDEEP
  
  12288:WrfR/+ayO8nQqCqPEFShI3R0HaYoHpKWPQAUkUbz3mcP0t9CybrzRPZ1brjmLQso:WAaYbzMFSIRWbgUvbUOyJZl3eZfy
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2