0b33fff8d58a484fae10d4a864b66b5587c86cb2221cd5fb54b018707ce93127 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.c061de5c3ab097cd917e3394a56db320.exe
Size

101KB
Sample

231101-rmsqtsha84
MD5

c061de5c3ab097cd917e3394a56db320
SHA1

74b71611c07c2a0fb2d12c7d236c3457bb88119d
SHA256

0b33fff8d58a484fae10d4a864b66b5587c86cb2221cd5fb54b018707ce93127
SHA512

62cdf53aa87d785f9e8956334ff7ab563c58968285edc136b5c78cb32b64c242502f0d2d7c5161875ae5a7b19c2c1c32d568b1c25fbbbaa3ece2083a996a0c85
SSDEEP

1536:WaaiqH1s+kCtrA2UMT0mTFibDKa1tuLhIE0bx7cO/me:s1B31bdBob2Qm2EW+e

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.c061de5c3ab097cd917e3394a56db320.exe
- Size
  
  101KB
- MD5
  
  c061de5c3ab097cd917e3394a56db320
- SHA1
  
  74b71611c07c2a0fb2d12c7d236c3457bb88119d
- SHA256
  
  0b33fff8d58a484fae10d4a864b66b5587c86cb2221cd5fb54b018707ce93127
- SHA512
  
  62cdf53aa87d785f9e8956334ff7ab563c58968285edc136b5c78cb32b64c242502f0d2d7c5161875ae5a7b19c2c1c32d568b1c25fbbbaa3ece2083a996a0c85
- SSDEEP
  
  1536:WaaiqH1s+kCtrA2UMT0mTFibDKa1tuLhIE0bx7cO/me:s1B31bdBob2Qm2EW+e
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2