8f3676221f008c33e6c51a0f137c28a483fcc2044e9f304d74a93a35db207292 | Triage

Sharing

General

Target

NEAS.77cdc8f0f3bdface7191d8a9c45c3ce0.exe
Size

202KB
Sample

231101-rh3p8sdb7y
MD5

77cdc8f0f3bdface7191d8a9c45c3ce0
SHA1

48e53b42543477f3cad01cb7b8f5f19bd31f9f72
SHA256

8f3676221f008c33e6c51a0f137c28a483fcc2044e9f304d74a93a35db207292
SHA512

2d9b1cfed245bccd6d9321cb6b7c6047c60625e2d747ba406e3c7274e9aeb7bc3bbbdecc8b190820bfdcb6c179b68a825acb6f9a8fab6ff568d218b85be43a58
SSDEEP

6144:oBdMOv5SuYP/CcNmRmCG9aSebFjhQmarNPemxY:oJ5+dNSmTaplQxBxY

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.77cdc8f0f3bdface7191d8a9c45c3ce0.exe
- Size
  
  202KB
- MD5
  
  77cdc8f0f3bdface7191d8a9c45c3ce0
- SHA1
  
  48e53b42543477f3cad01cb7b8f5f19bd31f9f72
- SHA256
  
  8f3676221f008c33e6c51a0f137c28a483fcc2044e9f304d74a93a35db207292
- SHA512
  
  2d9b1cfed245bccd6d9321cb6b7c6047c60625e2d747ba406e3c7274e9aeb7bc3bbbdecc8b190820bfdcb6c179b68a825acb6f9a8fab6ff568d218b85be43a58
- SSDEEP
  
  6144:oBdMOv5SuYP/CcNmRmCG9aSebFjhQmarNPemxY:oJ5+dNSmTaplQxBxY
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2