3a0106d212c4598f3a9d3f2a5681136d83bbcc6b8deb00df68156a807bd0dfc5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NEAS.c52045319e0aebc9c2455e31bb1210a0.exe
Size

486KB
Sample

231104-rlxy6adc36
MD5

c52045319e0aebc9c2455e31bb1210a0
SHA1

6d6ec2cceab64d9a7eb6f1f45c10e2b1fefd1910
SHA256

3a0106d212c4598f3a9d3f2a5681136d83bbcc6b8deb00df68156a807bd0dfc5
SHA512

60d62b24bd29e2e28ca955fc060ae0080c132a3746927c3a69f17cff36c69be3f09558c745ff4f290273c072b26bdcecfb8b4fcfd503e973ef559cc43ee45296
SSDEEP

12288:S1bKd6kxW8DSacCB+Zy5ZMSA3R0NnvqC5kZWp+YjE:S1bKxW8eaN8SBnvqC551Y

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.c52045319e0aebc9c2455e31bb1210a0.exe
- Size
  
  486KB
- MD5
  
  c52045319e0aebc9c2455e31bb1210a0
- SHA1
  
  6d6ec2cceab64d9a7eb6f1f45c10e2b1fefd1910
- SHA256
  
  3a0106d212c4598f3a9d3f2a5681136d83bbcc6b8deb00df68156a807bd0dfc5
- SHA512
  
  60d62b24bd29e2e28ca955fc060ae0080c132a3746927c3a69f17cff36c69be3f09558c745ff4f290273c072b26bdcecfb8b4fcfd503e973ef559cc43ee45296
- SSDEEP
  
  12288:S1bKd6kxW8DSacCB+Zy5ZMSA3R0NnvqC5kZWp+YjE:S1bKxW8eaN8SBnvqC551Y
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2