7921430bd122856c7a586729109f1ffac679071ac91f1c345d1942157ce10c5a | Triage

Sharing

General

Target

NEAS.7ff3fb48f73f8481b359382afbd44acb.exe
Size

399KB
Sample

231107-q8r6raff7y
MD5

7ff3fb48f73f8481b359382afbd44acb
SHA1

4666a392b15186da0b04f4246e977ff7ae846fb5
SHA256

7921430bd122856c7a586729109f1ffac679071ac91f1c345d1942157ce10c5a
SHA512

31b2293aabd8ead15603459f874be22cf25dc12a29565930283f95942df9e798e79d213dd0a6195d9a0ec6fff58a32c70d15c1fb5d24ebb7aea9be7d341fff9a
SSDEEP

6144:m4EmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9Eir4Xd5Md:8mWhND9yJz+b1FcMLmp2ATTSsdr4NW

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.7ff3fb48f73f8481b359382afbd44acb.exe
- Size
  
  399KB
- MD5
  
  7ff3fb48f73f8481b359382afbd44acb
- SHA1
  
  4666a392b15186da0b04f4246e977ff7ae846fb5
- SHA256
  
  7921430bd122856c7a586729109f1ffac679071ac91f1c345d1942157ce10c5a
- SHA512
  
  31b2293aabd8ead15603459f874be22cf25dc12a29565930283f95942df9e798e79d213dd0a6195d9a0ec6fff58a32c70d15c1fb5d24ebb7aea9be7d341fff9a
- SSDEEP
  
  6144:m4EmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9Eir4Xd5Md:8mWhND9yJz+b1FcMLmp2ATTSsdr4NW
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2