288e5bd303f94651bd1962cb874584188144bdbec67c9bc96d0c9ad5c9c4b72f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.9b599ea3cb26db715bcd31dd49e08190.exe
Size

1.6MB
Sample

231101-h9n7gscc2t
MD5

9b599ea3cb26db715bcd31dd49e08190
SHA1

4f61c5c75eb3870a946d7f047bf6510def69d6ab
SHA256

288e5bd303f94651bd1962cb874584188144bdbec67c9bc96d0c9ad5c9c4b72f
SHA512

556ade5c18de3b0c3d5e37db650fabf1170603de2e46bd0698689a4f1a5c34a1b79f379983b757e91a28bdfcf68344196f389bfe97879c3cfdcc92a90a20787b
SSDEEP

24576:51byTX472DqoCEAB+0ZTEWpaoO7HkfGSLyjwxXydnnvT7qGOQHBg01FCB1:5wb4yDqrBFPw7HktUdnnr7qGOWbU1

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.9b599ea3cb26db715bcd31dd49e08190.exe
- Size
  
  1.6MB
- MD5
  
  9b599ea3cb26db715bcd31dd49e08190
- SHA1
  
  4f61c5c75eb3870a946d7f047bf6510def69d6ab
- SHA256
  
  288e5bd303f94651bd1962cb874584188144bdbec67c9bc96d0c9ad5c9c4b72f
- SHA512
  
  556ade5c18de3b0c3d5e37db650fabf1170603de2e46bd0698689a4f1a5c34a1b79f379983b757e91a28bdfcf68344196f389bfe97879c3cfdcc92a90a20787b
- SSDEEP
  
  24576:51byTX472DqoCEAB+0ZTEWpaoO7HkfGSLyjwxXydnnvT7qGOQHBg01FCB1:5wb4yDqrBFPw7HktUdnnr7qGOWbU1
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2