9fb1ec646ac2593304ebc8f76f76a1e1700dad43428c4f86af2655a803cacafa | Triage

Sharing

General

Target

ec53ed6a792bb9c27f222bd577f63472_JC.exe
Size

2.3MB
Sample

231011-wgdf6sda51
MD5

ec53ed6a792bb9c27f222bd577f63472
SHA1

b170b504e0bdf800cc1710577774bf1e1629a69d
SHA256

9fb1ec646ac2593304ebc8f76f76a1e1700dad43428c4f86af2655a803cacafa
SHA512

b1d6cef7a62bf25a0ff9426269091cae99be5e84627fdd587ac18462ba0fec91e35de3e3df51d72d92711891538262a4020cc9d362df332e7521c15317f29154
SSDEEP

49152:54J9DASQbPXEyh59VuYzYKPIuepa/vsRZ7lp/pu2IKCQl73JCB:uDEbP0+wpacblnugCQTo

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  ec53ed6a792bb9c27f222bd577f63472_JC.exe
- Size
  
  2.3MB
- MD5
  
  ec53ed6a792bb9c27f222bd577f63472
- SHA1
  
  b170b504e0bdf800cc1710577774bf1e1629a69d
- SHA256
  
  9fb1ec646ac2593304ebc8f76f76a1e1700dad43428c4f86af2655a803cacafa
- SHA512
  
  b1d6cef7a62bf25a0ff9426269091cae99be5e84627fdd587ac18462ba0fec91e35de3e3df51d72d92711891538262a4020cc9d362df332e7521c15317f29154
- SSDEEP
  
  49152:54J9DASQbPXEyh59VuYzYKPIuepa/vsRZ7lp/pu2IKCQl73JCB:uDEbP0+wpacblnugCQTo
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2