75f0eb813491e5cd7fdfceeb6efd4769304484d14a3cc51b84bc9d4069d5a511 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

31ee3c91e3648622ec5ee81a9fc1161e
Size

61KB
Sample

231225-wbwesshfg8
MD5

31ee3c91e3648622ec5ee81a9fc1161e
SHA1

6f7e1c05369c41f95cf9417ed90513335d8c5393
SHA256

75f0eb813491e5cd7fdfceeb6efd4769304484d14a3cc51b84bc9d4069d5a511
SHA512

2bddabc7deec56abb00235fd3b6ac3224d8fa87fe22624cabbd54ff81ca9c68b87cfb4bc7af31988b85452395d0e0ddc167db4ff3bae44fe648d7a7a7c1d3616
SSDEEP

768:wR4KNw36I2yXhXWzovu4+LgWo+5PXaxeqZOqU1azziamIsx+Q96vvU8LolVheJET:v0wKTnSAD5yxdZOqVEQ0heCKsz1UM3

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  31ee3c91e3648622ec5ee81a9fc1161e
- Size
  
  61KB
- MD5
  
  31ee3c91e3648622ec5ee81a9fc1161e
- SHA1
  
  6f7e1c05369c41f95cf9417ed90513335d8c5393
- SHA256
  
  75f0eb813491e5cd7fdfceeb6efd4769304484d14a3cc51b84bc9d4069d5a511
- SHA512
  
  2bddabc7deec56abb00235fd3b6ac3224d8fa87fe22624cabbd54ff81ca9c68b87cfb4bc7af31988b85452395d0e0ddc167db4ff3bae44fe648d7a7a7c1d3616
- SSDEEP
  
  768:wR4KNw36I2yXhXWzovu4+LgWo+5PXaxeqZOqU1azziamIsx+Q96vvU8LolVheJET:v0wKTnSAD5yxdZOqVEQ0heCKsz1UM3
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2