ca765611fb45c07df4a2ab2bb3262f49b60d14901b38d1eddcaa3c8ade8b2b48 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8daab94340ffa26b108751e171d9be89_JC.exe
Size

847KB
Sample

231011-1n9v6sgc87
MD5

8daab94340ffa26b108751e171d9be89
SHA1

9e94a26cfa550debd55afb50ba7a0577ffc69121
SHA256

ca765611fb45c07df4a2ab2bb3262f49b60d14901b38d1eddcaa3c8ade8b2b48
SHA512

51333f8a732b56746f9283e97440a20aed4aac7c22352476158799258319738fb9980e37922e061096aabdf37bdedb06b9bf43e58d391a93e40bd103d8ff7d82
SSDEEP

24576:p1bjsz0aEFuE3bs7a+mmK+x5C1OVURKs4sC:phKhBE3bs7Y+xs1OyD4sC

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  8daab94340ffa26b108751e171d9be89_JC.exe
- Size
  
  847KB
- MD5
  
  8daab94340ffa26b108751e171d9be89
- SHA1
  
  9e94a26cfa550debd55afb50ba7a0577ffc69121
- SHA256
  
  ca765611fb45c07df4a2ab2bb3262f49b60d14901b38d1eddcaa3c8ade8b2b48
- SHA512
  
  51333f8a732b56746f9283e97440a20aed4aac7c22352476158799258319738fb9980e37922e061096aabdf37bdedb06b9bf43e58d391a93e40bd103d8ff7d82
- SSDEEP
  
  24576:p1bjsz0aEFuE3bs7a+mmK+x5C1OVURKs4sC:phKhBE3bs7Y+xs1OyD4sC
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2