37182438a8ed1c91a5a063fe33747d3d58519b25f576149537568d83d9cecbff | Triage

Sharing

General

Target

0f95370471e73f81879f6d31feeec209_JC.exe
Size

201KB
Sample

231011-2vdxraab2t
MD5

0f95370471e73f81879f6d31feeec209
SHA1

966dca71ef1ef9eada19878d1a3117d893e98c93
SHA256

37182438a8ed1c91a5a063fe33747d3d58519b25f576149537568d83d9cecbff
SHA512

cfbebbc82c7dda01c5f4a5a39e940dc0aa5959a9cfeff3947402f16213954ee689fbc9a5b24fc4074adac7bc1157e997df80f7d2f8a180d78264d828f0d3a3f8
SSDEEP

6144:Ut++Jbojf5Vq5OC4qZhZcKYhc/ZfUozY:n+cff22qZhZcKYhc/

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  0f95370471e73f81879f6d31feeec209_JC.exe
- Size
  
  201KB
- MD5
  
  0f95370471e73f81879f6d31feeec209
- SHA1
  
  966dca71ef1ef9eada19878d1a3117d893e98c93
- SHA256
  
  37182438a8ed1c91a5a063fe33747d3d58519b25f576149537568d83d9cecbff
- SHA512
  
  cfbebbc82c7dda01c5f4a5a39e940dc0aa5959a9cfeff3947402f16213954ee689fbc9a5b24fc4074adac7bc1157e997df80f7d2f8a180d78264d828f0d3a3f8
- SSDEEP
  
  6144:Ut++Jbojf5Vq5OC4qZhZcKYhc/ZfUozY:n+cff22qZhZcKYhc/
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2