e4df4f1d218a173056dec860b8036fd720df41b49a3ed69024322de944b2359a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2e1ed3e4ec37c6a20728d3c9701b92d0_JC.exe
Size

847KB
Sample

231011-g3m56see7s
MD5

2e1ed3e4ec37c6a20728d3c9701b92d0
SHA1

df2f0f0b06f9a2ea9c4c2a4a629de8e06666a74f
SHA256

e4df4f1d218a173056dec860b8036fd720df41b49a3ed69024322de944b2359a
SHA512

b05dfa9721a671d4069cf70238f4472ee424bb771950ce3030d17a68b52e0ac2eb0ff6567d097c08c65dd8740ba351ecdef375609762b7b54111638c902a01f9
SSDEEP

24576:e1bpmYy/oGIMpiZKa26rdYKZ8p62ipL+J:ePTyAjbmKdYs2eL+J

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  2e1ed3e4ec37c6a20728d3c9701b92d0_JC.exe
- Size
  
  847KB
- MD5
  
  2e1ed3e4ec37c6a20728d3c9701b92d0
- SHA1
  
  df2f0f0b06f9a2ea9c4c2a4a629de8e06666a74f
- SHA256
  
  e4df4f1d218a173056dec860b8036fd720df41b49a3ed69024322de944b2359a
- SHA512
  
  b05dfa9721a671d4069cf70238f4472ee424bb771950ce3030d17a68b52e0ac2eb0ff6567d097c08c65dd8740ba351ecdef375609762b7b54111638c902a01f9
- SSDEEP
  
  24576:e1bpmYy/oGIMpiZKa26rdYKZ8p62ipL+J:ePTyAjbmKdYs2eL+J
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2