db6fc755ec67fd45bb871eabe34af18ce3eac3ad7a5f47f3c00f38ccf9426e7b | Triage

Sharing

General

Target

NEAS.aa806a685c63b0af346eee1825f93340.exe
Size

109KB
Sample

231103-n1kqlaca66
MD5

aa806a685c63b0af346eee1825f93340
SHA1

f6cee52ba557e3a5b44a9bcd06bb8cd9cada627b
SHA256

db6fc755ec67fd45bb871eabe34af18ce3eac3ad7a5f47f3c00f38ccf9426e7b
SHA512

97d7221fe8ee5994b48044b93eafd641292b68d8134447254c14f898ba98a0ce65999ada2539d285309c2058d334430b86b6d585f153faf67af3261dc9a6efac
SSDEEP

3072:p1B31bdBob2QXotFERY4VhkMU4zrCoxeHr2:p731bdBaBozsdhzUQV2r2

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.aa806a685c63b0af346eee1825f93340.exe
- Size
  
  109KB
- MD5
  
  aa806a685c63b0af346eee1825f93340
- SHA1
  
  f6cee52ba557e3a5b44a9bcd06bb8cd9cada627b
- SHA256
  
  db6fc755ec67fd45bb871eabe34af18ce3eac3ad7a5f47f3c00f38ccf9426e7b
- SHA512
  
  97d7221fe8ee5994b48044b93eafd641292b68d8134447254c14f898ba98a0ce65999ada2539d285309c2058d334430b86b6d585f153faf67af3261dc9a6efac
- SSDEEP
  
  3072:p1B31bdBob2QXotFERY4VhkMU4zrCoxeHr2:p731bdBaBozsdhzUQV2r2
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2