73ef6cff6f7e7b9d7da3f36ead5160297c358c7dce9bef5d5ca39b91ae713e18 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

166979528ee9b8f18e5dbacba9d2ad83
Size

935KB
Sample

231225-l9rjdseab8
MD5

166979528ee9b8f18e5dbacba9d2ad83
SHA1

d7f8165d8631895bb6ab0dbfbe6b78edc7460b5f
SHA256

73ef6cff6f7e7b9d7da3f36ead5160297c358c7dce9bef5d5ca39b91ae713e18
SHA512

84403a08e832427c1a8644664177e5e3f22311086d90317d7fb2b22738919e6c0cf7bf50b32922cfff94c7ff597a2d884725ae6e989d323517b8aa9dac99d4ea
SSDEEP

24576:9jNJijNb/H3rPMoUAqXIbBTDicNDAhITJFHHK:lNgnMHASIVTJDAhITzHHK

Score

10^/10

persistence upx

Malware Config

Targets

- Target
  
  166979528ee9b8f18e5dbacba9d2ad83
- Size
  
  935KB
- MD5
  
  166979528ee9b8f18e5dbacba9d2ad83
- SHA1
  
  d7f8165d8631895bb6ab0dbfbe6b78edc7460b5f
- SHA256
  
  73ef6cff6f7e7b9d7da3f36ead5160297c358c7dce9bef5d5ca39b91ae713e18
- SHA512
  
  84403a08e832427c1a8644664177e5e3f22311086d90317d7fb2b22738919e6c0cf7bf50b32922cfff94c7ff597a2d884725ae6e989d323517b8aa9dac99d4ea
- SSDEEP
  
  24576:9jNJijNb/H3rPMoUAqXIbBTDicNDAhITJFHHK:lNgnMHASIVTJDAhITzHHK
Score

10^/10

persistence upx
- Modifies WinLogon for persistence
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2