3c736a5302f15d0866dbdd2ff3db647e8257b61820913dafb580c53a6ca70c8c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f512a5666891a62563a255801e8f00b4_JC.exe
Size

389KB
Sample

231011-xh1hrsgg87
MD5

f512a5666891a62563a255801e8f00b4
SHA1

d63b9091acfe2e19b9724ff80b5ab72426da0137
SHA256

3c736a5302f15d0866dbdd2ff3db647e8257b61820913dafb580c53a6ca70c8c
SHA512

ed789bd34e88b0c3d3ec20409e594929134c1a29e47033485e1acc574e0d239c9ae0948366bb11bc220258dbd4f7419f8cb4bc7b470015bfb14f53b8dd3fdc29
SSDEEP

12288:NMs1MVOT824zPb3BOkeJuDMUiPOg/sX8Jg6UsE:NMs1MVbP7LbAdUykXRRsE

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  f512a5666891a62563a255801e8f00b4_JC.exe
- Size
  
  389KB
- MD5
  
  f512a5666891a62563a255801e8f00b4
- SHA1
  
  d63b9091acfe2e19b9724ff80b5ab72426da0137
- SHA256
  
  3c736a5302f15d0866dbdd2ff3db647e8257b61820913dafb580c53a6ca70c8c
- SHA512
  
  ed789bd34e88b0c3d3ec20409e594929134c1a29e47033485e1acc574e0d239c9ae0948366bb11bc220258dbd4f7419f8cb4bc7b470015bfb14f53b8dd3fdc29
- SSDEEP
  
  12288:NMs1MVOT824zPb3BOkeJuDMUiPOg/sX8Jg6UsE:NMs1MVbP7LbAdUykXRRsE
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2