ddbc9adb658b2d8ed8161f66f0bd2712ce920bd45c1977ff742a9ca19a082e8a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

481e464fecd9f2369bc20bd486eaf4a0
Size

117KB
Sample

231226-bh891sach4
MD5

481e464fecd9f2369bc20bd486eaf4a0
SHA1

b7fdac92b826799326bead100b39694697fe2536
SHA256

ddbc9adb658b2d8ed8161f66f0bd2712ce920bd45c1977ff742a9ca19a082e8a
SHA512

5b334bb5b8df397b409714f767c149d3933795f23565d4d5bebc7dfb79e90efc52d8ae956892e4f0f693efe960b4f868b65f66196bef4eb10204b291175ec823
SSDEEP

1536:UeuEarAQ6xRoM9A65gBDg5LN+SpEFqhcEXD2wEm140O3aETVBO52+S+DEBBBBBBB:huEarAXoRN6IcfCEXD2wEm1STV85v

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  481e464fecd9f2369bc20bd486eaf4a0
- Size
  
  117KB
- MD5
  
  481e464fecd9f2369bc20bd486eaf4a0
- SHA1
  
  b7fdac92b826799326bead100b39694697fe2536
- SHA256
  
  ddbc9adb658b2d8ed8161f66f0bd2712ce920bd45c1977ff742a9ca19a082e8a
- SHA512
  
  5b334bb5b8df397b409714f767c149d3933795f23565d4d5bebc7dfb79e90efc52d8ae956892e4f0f693efe960b4f868b65f66196bef4eb10204b291175ec823
- SSDEEP
  
  1536:UeuEarAQ6xRoM9A65gBDg5LN+SpEFqhcEXD2wEm140O3aETVBO52+S+DEBBBBBBB:huEarAXoRN6IcfCEXD2wEm1STV85v
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2