51c2d268bfa50f68f7d7bffcc755d5da07a8d110e79f3bc540d179a791a9478c | Triage

Sharing

General

Target

12b0a232a809b9ce95dbbd993927c9a6
Size

276KB
Sample

231224-z5ntlagah3
MD5

12b0a232a809b9ce95dbbd993927c9a6
SHA1

66983468c5dfe5776ec15bf6f6b74183c0266f86
SHA256

51c2d268bfa50f68f7d7bffcc755d5da07a8d110e79f3bc540d179a791a9478c
SHA512

b719146969b3b03d945858a198894a58e66939bc43e151c206301678b3b938337bffd85ff80b30f9aa04e06030d5d9b22cc745da524b4027d04920667573ebe0
SSDEEP

6144:k/1HnOBywO+PnbfMIQFSQMX0Wy6XtdFCGJvi5w:kNQuU1XXdyvGJo

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  12b0a232a809b9ce95dbbd993927c9a6
- Size
  
  276KB
- MD5
  
  12b0a232a809b9ce95dbbd993927c9a6
- SHA1
  
  66983468c5dfe5776ec15bf6f6b74183c0266f86
- SHA256
  
  51c2d268bfa50f68f7d7bffcc755d5da07a8d110e79f3bc540d179a791a9478c
- SHA512
  
  b719146969b3b03d945858a198894a58e66939bc43e151c206301678b3b938337bffd85ff80b30f9aa04e06030d5d9b22cc745da524b4027d04920667573ebe0
- SSDEEP
  
  6144:k/1HnOBywO+PnbfMIQFSQMX0Wy6XtdFCGJvi5w:kNQuU1XXdyvGJo
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2