7d5c270146fcd8c9842329173325627720b0044afbbe18aa9284b11fbaded2c9 | Triage

Sharing

General

Target

NEAS.97e56aa309979f8c89fdb79dc1b16a60.exe
Size

209KB
Sample

231031-kv41hadb5v
MD5

97e56aa309979f8c89fdb79dc1b16a60
SHA1

6e761078382e7380d97737c4b00d48c77c799803
SHA256

7d5c270146fcd8c9842329173325627720b0044afbbe18aa9284b11fbaded2c9
SHA512

eb35751b2acbd071cb68e3ea69cf43fd59c86d447830a55d5e0adc84d9bf13c17474e7b7918a69e1242843241ed85ca2aa9ccde2f7b081f77049f0d5604aea96
SSDEEP

6144:Z731bdBaHdcpHo9fv85syGUnCA2Gs4a3GhV:Z1bucp+fv85syQtGsCV

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.97e56aa309979f8c89fdb79dc1b16a60.exe
- Size
  
  209KB
- MD5
  
  97e56aa309979f8c89fdb79dc1b16a60
- SHA1
  
  6e761078382e7380d97737c4b00d48c77c799803
- SHA256
  
  7d5c270146fcd8c9842329173325627720b0044afbbe18aa9284b11fbaded2c9
- SHA512
  
  eb35751b2acbd071cb68e3ea69cf43fd59c86d447830a55d5e0adc84d9bf13c17474e7b7918a69e1242843241ed85ca2aa9ccde2f7b081f77049f0d5604aea96
- SSDEEP
  
  6144:Z731bdBaHdcpHo9fv85syGUnCA2Gs4a3GhV:Z1bucp+fv85syQtGsCV
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2