37b9281aec1b35f30624b93b22e6b1a3a46f539bf53f8e7a0aa5da8ff1a421f7 | Triage

Sharing

General

Target

5d84217b92f3ec80f65373a7242401ef
Size

236KB
Sample

231226-jnradsehg3
MD5

5d84217b92f3ec80f65373a7242401ef
SHA1

a074395ef948582f93aab6f3612c6f364e3669f9
SHA256

37b9281aec1b35f30624b93b22e6b1a3a46f539bf53f8e7a0aa5da8ff1a421f7
SHA512

69a8e7ed70421ea62e468894c557e843200757ef212c71136fa4326c074b518b4c3fb45f63a5aaf10e05fd436aeea509d424c8dd349fbb1d5ac19628bcef3981
SSDEEP

1536:drf1zwQVg5buCEUlYevnjy3kk+oef6bpPf1zwQVgvraD+:x1zwL5buCE+njbk+o9pH1zwLvr

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  5d84217b92f3ec80f65373a7242401ef
- Size
  
  236KB
- MD5
  
  5d84217b92f3ec80f65373a7242401ef
- SHA1
  
  a074395ef948582f93aab6f3612c6f364e3669f9
- SHA256
  
  37b9281aec1b35f30624b93b22e6b1a3a46f539bf53f8e7a0aa5da8ff1a421f7
- SHA512
  
  69a8e7ed70421ea62e468894c557e843200757ef212c71136fa4326c074b518b4c3fb45f63a5aaf10e05fd436aeea509d424c8dd349fbb1d5ac19628bcef3981
- SSDEEP
  
  1536:drf1zwQVg5buCEUlYevnjy3kk+oef6bpPf1zwQVgvraD+:x1zwL5buCE+njbk+o9pH1zwLvr
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2