a6320d82830e7f5e29a80342019dc44272096f8473afec272dfd1bfc5c4d80a0 | Triage

Sharing

General

Target

b35e1b1fa32a323b029b01b9cf136309.exe
Size

209KB
Sample

231126-kpqkxsga24
MD5

b35e1b1fa32a323b029b01b9cf136309
SHA1

1e2ce20398031c3ca7af5bc37e8db72210c3eae8
SHA256

a6320d82830e7f5e29a80342019dc44272096f8473afec272dfd1bfc5c4d80a0
SHA512

a136fe87a6941056117328056bd80bab2b8e653d57dc4a76e5998bf6ad253aaa3e01536a78cf4194f3b97e496cbb9d42beaa2eb428a34a8dc77c9ed820b70690
SSDEEP

6144:YOB8K/S3r3FfK3yDrjQVEzUIVhK+2aZyRO:YBKKzFfKCbQVEzNz4R

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  b35e1b1fa32a323b029b01b9cf136309.exe
- Size
  
  209KB
- MD5
  
  b35e1b1fa32a323b029b01b9cf136309
- SHA1
  
  1e2ce20398031c3ca7af5bc37e8db72210c3eae8
- SHA256
  
  a6320d82830e7f5e29a80342019dc44272096f8473afec272dfd1bfc5c4d80a0
- SHA512
  
  a136fe87a6941056117328056bd80bab2b8e653d57dc4a76e5998bf6ad253aaa3e01536a78cf4194f3b97e496cbb9d42beaa2eb428a34a8dc77c9ed820b70690
- SSDEEP
  
  6144:YOB8K/S3r3FfK3yDrjQVEzUIVhK+2aZyRO:YBKKzFfKCbQVEzNz4R
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2