c03ccacccc527516dc721ce99a374e66ca6ea208f6373ebfe2c0e56b8802ae02 | Triage

Sharing

General

Target

NEAS.8199b628a8ebb1957638a02b1ed102b9.exe
Size

215KB
Sample

231031-kkbwzacb43
MD5

8199b628a8ebb1957638a02b1ed102b9
SHA1

e279629fd5eb9c2afbb0c7862e1c837cf3737b41
SHA256

c03ccacccc527516dc721ce99a374e66ca6ea208f6373ebfe2c0e56b8802ae02
SHA512

0792ed0d4a5d9c8bebecae583a1f1a76864c1b0b9a5cd9e376cbe011e19534a96c283e1410a34e84227bdb57b5baf4bdc11ca619c029fc08c7b02197b7dc1696
SSDEEP

3072:woAbvJrZ/CEp1Td3INNAILgwKRpP3fJ2pwLAt/iw1JmWTe1eyfLUH+xW6Lyk:w7vJN/CE/TZINiPPBIwcuWTegi9W

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.8199b628a8ebb1957638a02b1ed102b9.exe
- Size
  
  215KB
- MD5
  
  8199b628a8ebb1957638a02b1ed102b9
- SHA1
  
  e279629fd5eb9c2afbb0c7862e1c837cf3737b41
- SHA256
  
  c03ccacccc527516dc721ce99a374e66ca6ea208f6373ebfe2c0e56b8802ae02
- SHA512
  
  0792ed0d4a5d9c8bebecae583a1f1a76864c1b0b9a5cd9e376cbe011e19534a96c283e1410a34e84227bdb57b5baf4bdc11ca619c029fc08c7b02197b7dc1696
- SSDEEP
  
  3072:woAbvJrZ/CEp1Td3INNAILgwKRpP3fJ2pwLAt/iw1JmWTe1eyfLUH+xW6Lyk:w7vJN/CE/TZINiPPBIwcuWTegi9W
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2