75eb4221c5e05745d53794f1daae16084fc41666422ba26300aaf541622799d4 | Triage

Sharing

General

Target

1d30ad94980d763353f9d329b119c683
Size

814KB
Sample

231225-pbxvasheap
MD5

1d30ad94980d763353f9d329b119c683
SHA1

3b6bab5e7a0558a24dd27608dbc27f4707fe0bd7
SHA256

75eb4221c5e05745d53794f1daae16084fc41666422ba26300aaf541622799d4
SHA512

af8382d700d894c7e132763045fbc11cff62f1c753c060c01a84085f1b05927066c8e358bb8fa423459404fa8df7d3c8fe0b33e25ad44905dbd97ad89c32f6f4
SSDEEP

24576:q7A/jSOJad323/52hx/hpHMvu71kcz24PXKrp:q7A/j1ad32v5Y+Sl1ad

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  1d30ad94980d763353f9d329b119c683
- Size
  
  814KB
- MD5
  
  1d30ad94980d763353f9d329b119c683
- SHA1
  
  3b6bab5e7a0558a24dd27608dbc27f4707fe0bd7
- SHA256
  
  75eb4221c5e05745d53794f1daae16084fc41666422ba26300aaf541622799d4
- SHA512
  
  af8382d700d894c7e132763045fbc11cff62f1c753c060c01a84085f1b05927066c8e358bb8fa423459404fa8df7d3c8fe0b33e25ad44905dbd97ad89c32f6f4
- SSDEEP
  
  24576:q7A/jSOJad323/52hx/hpHMvu71kcz24PXKrp:q7A/j1ad32v5Y+Sl1ad
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2