86a66c197c0b4719ca7b45d9e79b61355a3ad31d9c0f80b0883c1fe70f2728d7 | Triage

Sharing

General

Target

a94d878967602414e1614ab667fd4f29ac6ccd063ac10efb9eb992b1bd8e4545.zip
Size

478KB
Sample

231113-hlg39sbd28
MD5

6a5e0d488d066af18e5c59d49b9b92ae
SHA1

b4549feb6ab638d990706291be888d5d70292524
SHA256

86a66c197c0b4719ca7b45d9e79b61355a3ad31d9c0f80b0883c1fe70f2728d7
SHA512

268d2a50c8c88d0e2a623d017327b4b17a72ae0fd3158e04575b1f279cd7edd48861c4242aeb8ff0936864d647ef5802bfe4e26c9c5104086e441d28856e6784
SSDEEP

12288:2NixfEabay3ADRX/8LhDFfx3sXyvtrwtIqK96W5j:eiVE28RXULdFfqXewab96W1

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  a94d878967602414e1614ab667fd4f29ac6ccd063ac10efb9eb992b1bd8e4545
- Size
  
  1.2MB
- MD5
  
  7485e2d35e9cb2b032f9092817d81bba
- SHA1
  
  cdad68882fb26ee34553acf561c01bbe8817f3d6
- SHA256
  
  a94d878967602414e1614ab667fd4f29ac6ccd063ac10efb9eb992b1bd8e4545
- SHA512
  
  9fb13ca68836ce05c4beb6dca93723a2a46000f3d15a54e87c55cd7543505029c2410b1a2ea2e82b5354e8bd92aab2074e89af22b9dbdbd87c3b4f3d88692250
- SSDEEP
  
  24576:OUl8U9Sv4t0WhD6vQr317sHlLXON8SUC:RlBnDDB4b
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2