34a4dbf3e94f9fd662e17301cdbdd74a0409d3fd3a0f0ea277c1db94e3b41130 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.1acb0815cbf6c4f14be2a5e1be03dac0_JC.exe
Size

152KB
Sample

231103-dep33sba4z
MD5

1acb0815cbf6c4f14be2a5e1be03dac0
SHA1

ae3fe61517baec8ffd2dffe51730bad4342ff03d
SHA256

34a4dbf3e94f9fd662e17301cdbdd74a0409d3fd3a0f0ea277c1db94e3b41130
SHA512

fa0314aa561291166ef16a4ae19836be892ca79eeb88b23caf6e39b0b1b56e9e69b48bb3f80441d6dd75b500714b5f4befe6df2637f47f5837ac545c424e398e
SSDEEP

3072:fic5BRJWPoHxVzto9dZZTt2yxD/9YqOnSXcr7jv4:fic5bqJAG/9YN8q

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.1acb0815cbf6c4f14be2a5e1be03dac0_JC.exe
- Size
  
  152KB
- MD5
  
  1acb0815cbf6c4f14be2a5e1be03dac0
- SHA1
  
  ae3fe61517baec8ffd2dffe51730bad4342ff03d
- SHA256
  
  34a4dbf3e94f9fd662e17301cdbdd74a0409d3fd3a0f0ea277c1db94e3b41130
- SHA512
  
  fa0314aa561291166ef16a4ae19836be892ca79eeb88b23caf6e39b0b1b56e9e69b48bb3f80441d6dd75b500714b5f4befe6df2637f47f5837ac545c424e398e
- SSDEEP
  
  3072:fic5BRJWPoHxVzto9dZZTt2yxD/9YqOnSXcr7jv4:fic5bqJAG/9YN8q
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2