b422ac9edf4150e75cd7fdb1f99645907f6159f9612f2c84ba4baaf9b5dd2c19 | Triage

Sharing

General

Target

NEAS.34b90e5e2d10b264d660f575ccd74220.exe
Size

6.3MB
Sample

231107-xtfmqsdg9z
MD5

34b90e5e2d10b264d660f575ccd74220
SHA1

0d9ab19a2d73c9c5b44af2b402e3076e20248146
SHA256

b422ac9edf4150e75cd7fdb1f99645907f6159f9612f2c84ba4baaf9b5dd2c19
SHA512

6781c4e8e4e7a9100a43537e7a208ceb6c65dd6e7ea7f7227396070f20fcfacf2be36742905cd1acbedbdee63673ba38c880514910f1893e33a4062699453e8b
SSDEEP

196608:v52KiK/e7nsHSihD6QFzApS2z0EV5xqr0Z:v5Hsbm6QFMSKIgZ

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  NEAS.34b90e5e2d10b264d660f575ccd74220.exe
- Size
  
  6.3MB
- MD5
  
  34b90e5e2d10b264d660f575ccd74220
- SHA1
  
  0d9ab19a2d73c9c5b44af2b402e3076e20248146
- SHA256
  
  b422ac9edf4150e75cd7fdb1f99645907f6159f9612f2c84ba4baaf9b5dd2c19
- SHA512
  
  6781c4e8e4e7a9100a43537e7a208ceb6c65dd6e7ea7f7227396070f20fcfacf2be36742905cd1acbedbdee63673ba38c880514910f1893e33a4062699453e8b
- SSDEEP
  
  196608:v52KiK/e7nsHSihD6QFzApS2z0EV5xqr0Z:v5Hsbm6QFMSKIgZ
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2