a3080cebc1bab4ea8be638963d3439fac6a5af479a5a29ac32492cf86e4aa108 | Triage

Sharing

General

Target

0010bd0a9b634182476fdb935642348a
Size

43KB
Sample

231229-wq19lafbbp
MD5

0010bd0a9b634182476fdb935642348a
SHA1

6e069a19a3a70461c222ec0bce66b4833a90f3af
SHA256

a3080cebc1bab4ea8be638963d3439fac6a5af479a5a29ac32492cf86e4aa108
SHA512

9ec9e28444defb1e6b5893a5c0679fe5b6ddf5433c04275a646d00eb2abd3bd182bb828a6922ae6caffc046a943c9ab7291a7debaf725944bd0d43ee81d254a1
SSDEEP

768:SZEjDK74mYreL0GJ0i+Yh2Yv3LE5d2hQXxqqMV7f5z8DSFyXg8twc3fCs:ZXK74BiLxJHZPLE+QXxGh8yyXV

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  0010bd0a9b634182476fdb935642348a
- Size
  
  43KB
- MD5
  
  0010bd0a9b634182476fdb935642348a
- SHA1
  
  6e069a19a3a70461c222ec0bce66b4833a90f3af
- SHA256
  
  a3080cebc1bab4ea8be638963d3439fac6a5af479a5a29ac32492cf86e4aa108
- SHA512
  
  9ec9e28444defb1e6b5893a5c0679fe5b6ddf5433c04275a646d00eb2abd3bd182bb828a6922ae6caffc046a943c9ab7291a7debaf725944bd0d43ee81d254a1
- SSDEEP
  
  768:SZEjDK74mYreL0GJ0i+Yh2Yv3LE5d2hQXxqqMV7f5z8DSFyXg8twc3fCs:ZXK74BiLxJHZPLE+QXxGh8yyXV
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2