91530941dc03ed37d8541c6a3ed3825de87d69ba51e981255c2349edf5f5a596 | Triage

Sharing

General

Target

c61796746deecad0c38b7a191e9141af_JC.exe
Size

413KB
Sample

231012-bypkjsga7y
MD5

c61796746deecad0c38b7a191e9141af
SHA1

955be95fffd608df2d5a06e4ad221c20d58d1c66
SHA256

91530941dc03ed37d8541c6a3ed3825de87d69ba51e981255c2349edf5f5a596
SHA512

40adacc52a293594efff04772ea150c93191285ce509721f7e116bae0b8ac1e0c9e05903d4ed939e16153bac92895bfd1fb50cbceac80938850b52e70b7d8a5d
SSDEEP

6144:OmRokCkrU46PDgCaB9Zk9xjcf01zzm0mRNimnZZGS+tGG8ZcHnxoKLI7nW:OmRE/4oD4rk9xjL9mSkZckG8ZeNV

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  c61796746deecad0c38b7a191e9141af_JC.exe
- Size
  
  413KB
- MD5
  
  c61796746deecad0c38b7a191e9141af
- SHA1
  
  955be95fffd608df2d5a06e4ad221c20d58d1c66
- SHA256
  
  91530941dc03ed37d8541c6a3ed3825de87d69ba51e981255c2349edf5f5a596
- SHA512
  
  40adacc52a293594efff04772ea150c93191285ce509721f7e116bae0b8ac1e0c9e05903d4ed939e16153bac92895bfd1fb50cbceac80938850b52e70b7d8a5d
- SSDEEP
  
  6144:OmRokCkrU46PDgCaB9Zk9xjcf01zzm0mRNimnZZGS+tGG8ZcHnxoKLI7nW:OmRE/4oD4rk9xjL9mSkZckG8ZeNV
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2