d1f5f04b883d54d10209a18bed911f0f931498a109c2cd7d6947f7383d3fc75c | Triage

Sharing

General

Target

NEAS.d653768d8277397a993493e9aa85d070_JC.exe
Size

1.0MB
Sample

231102-spjrdadg81
MD5

d653768d8277397a993493e9aa85d070
SHA1

1962f7d02ed3003a2a7a486d5b51e0b6eb972ae6
SHA256

d1f5f04b883d54d10209a18bed911f0f931498a109c2cd7d6947f7383d3fc75c
SHA512

dd17cdd097ce3611f46d277d0846e72ec9de9390f70e853ee91959ea4ee3187ebb4834f34ae774e832d4d240959a0dde612150a8585dd912ac86519cbb6bb1fe
SSDEEP

24576:S1b348X6Px7H3FKfPbKJO5ce2jOjTZdTi6Nw+7fp8ClohpPL:SHUBHVKYO5c0jFN/p8CloH

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.d653768d8277397a993493e9aa85d070_JC.exe
- Size
  
  1.0MB
- MD5
  
  d653768d8277397a993493e9aa85d070
- SHA1
  
  1962f7d02ed3003a2a7a486d5b51e0b6eb972ae6
- SHA256
  
  d1f5f04b883d54d10209a18bed911f0f931498a109c2cd7d6947f7383d3fc75c
- SHA512
  
  dd17cdd097ce3611f46d277d0846e72ec9de9390f70e853ee91959ea4ee3187ebb4834f34ae774e832d4d240959a0dde612150a8585dd912ac86519cbb6bb1fe
- SSDEEP
  
  24576:S1b348X6Px7H3FKfPbKJO5ce2jOjTZdTi6Nw+7fp8ClohpPL:SHUBHVKYO5c0jFN/p8CloH
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2