16054e404ec3eab8c6ce1cad6d52ab35b0642781f4cb60416798dd06346bf7f6 | Triage

Sharing

General

Target

2091602d930b824fb07d349446ce1610
Size

1.0MB
Sample

231219-pkvfjaahdl
MD5

2091602d930b824fb07d349446ce1610
SHA1

40418ed0a371c8e6ec61ff942d92a0d2f34b4a4c
SHA256

16054e404ec3eab8c6ce1cad6d52ab35b0642781f4cb60416798dd06346bf7f6
SHA512

72f8d0dabd2cf71ca48ecc46e39f715e2da80a3c72f2ff36fbf1347fcf1b9a2b137774b5293cea2a5254ac2b8734facd7dce30c144e0ec1b09826dccf304f683
SSDEEP

24576:JmUNJyJqb1FcMap2ATT5umUNJyJqb1FcMap2ATT5umUNJyJqb1FcMap2ATT5:JmV2ApumV2ApumV2Ap

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  2091602d930b824fb07d349446ce1610
- Size
  
  1.0MB
- MD5
  
  2091602d930b824fb07d349446ce1610
- SHA1
  
  40418ed0a371c8e6ec61ff942d92a0d2f34b4a4c
- SHA256
  
  16054e404ec3eab8c6ce1cad6d52ab35b0642781f4cb60416798dd06346bf7f6
- SHA512
  
  72f8d0dabd2cf71ca48ecc46e39f715e2da80a3c72f2ff36fbf1347fcf1b9a2b137774b5293cea2a5254ac2b8734facd7dce30c144e0ec1b09826dccf304f683
- SSDEEP
  
  24576:JmUNJyJqb1FcMap2ATT5umUNJyJqb1FcMap2ATT5umUNJyJqb1FcMap2ATT5:JmV2ApumV2ApumV2Ap
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2