6bd1a5257b7618b6551098aca5d01d6e70e6c2a7a931ac3fedeae89097806c7f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.2af48ddb752b77b2ea8f4bc05b3f6340.exe
Size

832KB
Sample

231014-wd5q9aae73
MD5

2af48ddb752b77b2ea8f4bc05b3f6340
SHA1

ccc58a806adfd18cb713cc5a892db5db9c5e32de
SHA256

6bd1a5257b7618b6551098aca5d01d6e70e6c2a7a931ac3fedeae89097806c7f
SHA512

e64779ffbf658e2dfe6293d9d8669451fcc004fca269ce9f108fad0bb0a65845c461b07ec9e14ce9d21c08cdb3cb5edaa72d0c62c13b61d410160e20e49de30b
SSDEEP

24576:Z1bXVid1u6QiJ+GBd4+wXU/4keB6tzB+zV61gKwMiuj:Z5ViS63R/4ke0tX1j

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.2af48ddb752b77b2ea8f4bc05b3f6340.exe
- Size
  
  832KB
- MD5
  
  2af48ddb752b77b2ea8f4bc05b3f6340
- SHA1
  
  ccc58a806adfd18cb713cc5a892db5db9c5e32de
- SHA256
  
  6bd1a5257b7618b6551098aca5d01d6e70e6c2a7a931ac3fedeae89097806c7f
- SHA512
  
  e64779ffbf658e2dfe6293d9d8669451fcc004fca269ce9f108fad0bb0a65845c461b07ec9e14ce9d21c08cdb3cb5edaa72d0c62c13b61d410160e20e49de30b
- SSDEEP
  
  24576:Z1bXVid1u6QiJ+GBd4+wXU/4keB6tzB+zV61gKwMiuj:Z5ViS63R/4ke0tX1j
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2