cdc9231ecd74fa8863e8e4cdfab93160029286fce6242cc439fb0a37a3388784 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6ca629d84d5453a186759ac2689b79c7_JC.exe
Size

1.3MB
Sample

230917-vnszrseb25
MD5

6ca629d84d5453a186759ac2689b79c7
SHA1

2b5aac216b32e8cbd7979f813838141835df3889
SHA256

cdc9231ecd74fa8863e8e4cdfab93160029286fce6242cc439fb0a37a3388784
SHA512

d40481e6ddeb5fe5f416a1d9d72143eb933b515125ecad05bf48be7cd7291309bd12423babf9558bd34e335591f506688825673dc5eda8f8a12683ef27171a89
SSDEEP

24576:eXLDCKSfbE134sEM01rynXk6yVX+2q2Fx3ff5LMLcrRKzrVCOm:efvSfbwK3yU1423xwiRKNzm

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  6ca629d84d5453a186759ac2689b79c7_JC.exe
- Size
  
  1.3MB
- MD5
  
  6ca629d84d5453a186759ac2689b79c7
- SHA1
  
  2b5aac216b32e8cbd7979f813838141835df3889
- SHA256
  
  cdc9231ecd74fa8863e8e4cdfab93160029286fce6242cc439fb0a37a3388784
- SHA512
  
  d40481e6ddeb5fe5f416a1d9d72143eb933b515125ecad05bf48be7cd7291309bd12423babf9558bd34e335591f506688825673dc5eda8f8a12683ef27171a89
- SSDEEP
  
  24576:eXLDCKSfbE134sEM01rynXk6yVX+2q2Fx3ff5LMLcrRKzrVCOm:efvSfbwK3yU1423xwiRKNzm
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2