a9f4447a61809548a3a16e22a6fb30bdbf717b1ad9f7a3c7a4a4f0bf741ac606 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.a0c466c97dd009a8d10c0c595876f310.exe
Size

196KB
Sample

231101-ddssksbe34
MD5

a0c466c97dd009a8d10c0c595876f310
SHA1

79932fb8958850fde9305fc22e11e81bb0eeb034
SHA256

a9f4447a61809548a3a16e22a6fb30bdbf717b1ad9f7a3c7a4a4f0bf741ac606
SHA512

4cd04d5aa614fe12a97347e2274dd8a2a1063d75017b1e7af7b4c5101161844e20cf2b55a2cefac815ddfe5f7af06b253135a5fc35f17bcf3335f40d6d1a0161
SSDEEP

6144:Bc6BtUaNMtLLowRg4uLhuMXUk4m5xnt0Vu:BjuaWLJgzLMkvou

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.a0c466c97dd009a8d10c0c595876f310.exe
- Size
  
  196KB
- MD5
  
  a0c466c97dd009a8d10c0c595876f310
- SHA1
  
  79932fb8958850fde9305fc22e11e81bb0eeb034
- SHA256
  
  a9f4447a61809548a3a16e22a6fb30bdbf717b1ad9f7a3c7a4a4f0bf741ac606
- SHA512
  
  4cd04d5aa614fe12a97347e2274dd8a2a1063d75017b1e7af7b4c5101161844e20cf2b55a2cefac815ddfe5f7af06b253135a5fc35f17bcf3335f40d6d1a0161
- SSDEEP
  
  6144:Bc6BtUaNMtLLowRg4uLhuMXUk4m5xnt0Vu:BjuaWLJgzLMkvou
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2