df6b94cffee8b98182948733297b67e056b426088d3538672d44e473a4fcb139 | Triage

Sharing

General

Target

NEAS.94a5536a6f5c294ab403c6fbbdc43b60.exe
Size

69KB
Sample

231101-rkf91sdh7t
MD5

94a5536a6f5c294ab403c6fbbdc43b60
SHA1

a095c6fc503a47b30152b67b8b996118d29e7d48
SHA256

df6b94cffee8b98182948733297b67e056b426088d3538672d44e473a4fcb139
SHA512

89da5c9e42ce9a92870ff851501231a06244d1843fd57e20c6be842ee59e553216a907b9aa2ccebeb710a19f02812a554772bc93bb0d7b3a22ad8950fc5459b4
SSDEEP

1536:IaiqH1s+kCtrA2UMT0mTFibDKa1Xohf6ntQc:p1B31bdBob2QXoAtQc

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.94a5536a6f5c294ab403c6fbbdc43b60.exe
- Size
  
  69KB
- MD5
  
  94a5536a6f5c294ab403c6fbbdc43b60
- SHA1
  
  a095c6fc503a47b30152b67b8b996118d29e7d48
- SHA256
  
  df6b94cffee8b98182948733297b67e056b426088d3538672d44e473a4fcb139
- SHA512
  
  89da5c9e42ce9a92870ff851501231a06244d1843fd57e20c6be842ee59e553216a907b9aa2ccebeb710a19f02812a554772bc93bb0d7b3a22ad8950fc5459b4
- SSDEEP
  
  1536:IaiqH1s+kCtrA2UMT0mTFibDKa1Xohf6ntQc:p1B31bdBob2QXoAtQc
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2