29a1f972f996a86d630cef166fc9e43f0808a46d34065f101e8a4340af5e1927 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.6072383ec2e6baeaec5693a1db712e60_JC.exe
Size

208KB
Sample

231031-vaaahabc5x
MD5

6072383ec2e6baeaec5693a1db712e60
SHA1

9cd510927facc62570436a09a9d0d12ea36b86a6
SHA256

29a1f972f996a86d630cef166fc9e43f0808a46d34065f101e8a4340af5e1927
SHA512

f210f647fa6c3b30971631e9aeef92e6945df32239552c5d3c6c8578088907f85abecc86ea4aca7ee61f9469bff6ea507c203576d9ccde4f6689a25fb503e306
SSDEEP

6144:Ba1oB/yvpK0JCmRcRRR8N0e2kXfCqNidkfk:BbapK0JCmRcU9vVokf

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.6072383ec2e6baeaec5693a1db712e60_JC.exe
- Size
  
  208KB
- MD5
  
  6072383ec2e6baeaec5693a1db712e60
- SHA1
  
  9cd510927facc62570436a09a9d0d12ea36b86a6
- SHA256
  
  29a1f972f996a86d630cef166fc9e43f0808a46d34065f101e8a4340af5e1927
- SHA512
  
  f210f647fa6c3b30971631e9aeef92e6945df32239552c5d3c6c8578088907f85abecc86ea4aca7ee61f9469bff6ea507c203576d9ccde4f6689a25fb503e306
- SSDEEP
  
  6144:Ba1oB/yvpK0JCmRcRRR8N0e2kXfCqNidkfk:BbapK0JCmRcU9vVokf
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2