42ab2b67980cc8483d646aa15ec6e95fc4009adf84f8fb47378f200ba561b233 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

303c98f19b037b69d9ce9f351747de8b
Size

647KB
Sample

231225-vtyr7seeg2
MD5

303c98f19b037b69d9ce9f351747de8b
SHA1

b4c3d9cc4648790055a7fbfab2f36829fc3528f2
SHA256

42ab2b67980cc8483d646aa15ec6e95fc4009adf84f8fb47378f200ba561b233
SHA512

47587f080dad6ddc235ca9027516a06b1ad126fad9bc5227e11ec8891cfacdb1d3e3a59f010eff595df71258b8922b16d5421bed163a2dec7a33af44152d3591
SSDEEP

12288:WICudNZUlUso9rLqTYseCenpfgtfS+tCfe/twW+3kYev4NY:WICkTKTnepfI9seW53yv4+

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  303c98f19b037b69d9ce9f351747de8b
- Size
  
  647KB
- MD5
  
  303c98f19b037b69d9ce9f351747de8b
- SHA1
  
  b4c3d9cc4648790055a7fbfab2f36829fc3528f2
- SHA256
  
  42ab2b67980cc8483d646aa15ec6e95fc4009adf84f8fb47378f200ba561b233
- SHA512
  
  47587f080dad6ddc235ca9027516a06b1ad126fad9bc5227e11ec8891cfacdb1d3e3a59f010eff595df71258b8922b16d5421bed163a2dec7a33af44152d3591
- SSDEEP
  
  12288:WICudNZUlUso9rLqTYseCenpfgtfS+tCfe/twW+3kYev4NY:WICkTKTnepfI9seW53yv4+
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2