52e90cd3377d1c20f529cce5a94a03c83a8d8196df6dd1ca062a76a16196b21f | Triage

Sharing

General

Target

001531dccf5d0762b2de9cfc79b7672c
Size

54KB
Sample

231229-wrmgtsagb4
MD5

001531dccf5d0762b2de9cfc79b7672c
SHA1

7e2c760695dcc59a0a57d55a25089154bd55a811
SHA256

52e90cd3377d1c20f529cce5a94a03c83a8d8196df6dd1ca062a76a16196b21f
SHA512

57a7be11309a7d3e682b38f93f6a9779cd1db5877a6e46573877a00a9f48a9f7505c9b9ec529bd9a28b644261fb677bc8bf64000702a2ec04a6a98c8d550792b
SSDEEP

1536:ZXlqeEo6JeaFRSfXBYO7ifRkB+HFECKGRv:ZXlqto6gy2XBYO5BkFESR

Score

10^/10

persistence upx

Malware Config

Targets

- Target
  
  001531dccf5d0762b2de9cfc79b7672c
- Size
  
  54KB
- MD5
  
  001531dccf5d0762b2de9cfc79b7672c
- SHA1
  
  7e2c760695dcc59a0a57d55a25089154bd55a811
- SHA256
  
  52e90cd3377d1c20f529cce5a94a03c83a8d8196df6dd1ca062a76a16196b21f
- SHA512
  
  57a7be11309a7d3e682b38f93f6a9779cd1db5877a6e46573877a00a9f48a9f7505c9b9ec529bd9a28b644261fb677bc8bf64000702a2ec04a6a98c8d550792b
- SSDEEP
  
  1536:ZXlqeEo6JeaFRSfXBYO7ifRkB+HFECKGRv:ZXlqto6gy2XBYO5BkFESR
Score

10^/10

persistence upx
- Modifies WinLogon for persistence
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2