787b4fb5a16be480ff4fae9e401346a5329cf0166140d47153305e011ede7075 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.b26ccf024d65970a6223aa398af0ec20.exe
Size

201KB
Sample

231014-xtzqlsfa4t
MD5

b26ccf024d65970a6223aa398af0ec20
SHA1

af41284f5bbab6da948a8a31768c1560a0fa0cbb
SHA256

787b4fb5a16be480ff4fae9e401346a5329cf0166140d47153305e011ede7075
SHA512

d9aa1185ab4fe4c1010be2768d2be303a53029ae80986af1ef59f573f11fdf310dce9f379845a63dba287f1819d1b2f7dc79a6ff5fe73b4ea221f7190b55d17a
SSDEEP

6144:yt++Jbojf5Vq5OC4qZhZcKYhc/ZfUozY:d+cff22qZhZcKYhc/

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.b26ccf024d65970a6223aa398af0ec20.exe
- Size
  
  201KB
- MD5
  
  b26ccf024d65970a6223aa398af0ec20
- SHA1
  
  af41284f5bbab6da948a8a31768c1560a0fa0cbb
- SHA256
  
  787b4fb5a16be480ff4fae9e401346a5329cf0166140d47153305e011ede7075
- SHA512
  
  d9aa1185ab4fe4c1010be2768d2be303a53029ae80986af1ef59f573f11fdf310dce9f379845a63dba287f1819d1b2f7dc79a6ff5fe73b4ea221f7190b55d17a
- SSDEEP
  
  6144:yt++Jbojf5Vq5OC4qZhZcKYhc/ZfUozY:d+cff22qZhZcKYhc/
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2