c9f7abc2b0f10a9cf0633d253b87095afc6cc738aaacc561c32bb3889c318d28 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0176f08a83852d54bc840b52a8480b74
Size

43KB
Sample

231229-xzp4cshddj
MD5

0176f08a83852d54bc840b52a8480b74
SHA1

d3a4565f149c0445b2907a1ad653e6ef03843e5d
SHA256

c9f7abc2b0f10a9cf0633d253b87095afc6cc738aaacc561c32bb3889c318d28
SHA512

fe0fbe3e39d42f2055d169bb205a767bac2f4b57de3bcc79381e837db9820af0351583fde57c0c9fb8b1ba6ec025ab9ba562bd496bcc33c082340c2e789f607e
SSDEEP

768:bkykWA7n+dmzVIyU1t/VLxez49bDVXNxFQyUFr23Og9pKtgnMsXRVCWJaZhse8H:bkyC+d6DKVNez49b/xFYl23OYnfDC

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  0176f08a83852d54bc840b52a8480b74
- Size
  
  43KB
- MD5
  
  0176f08a83852d54bc840b52a8480b74
- SHA1
  
  d3a4565f149c0445b2907a1ad653e6ef03843e5d
- SHA256
  
  c9f7abc2b0f10a9cf0633d253b87095afc6cc738aaacc561c32bb3889c318d28
- SHA512
  
  fe0fbe3e39d42f2055d169bb205a767bac2f4b57de3bcc79381e837db9820af0351583fde57c0c9fb8b1ba6ec025ab9ba562bd496bcc33c082340c2e789f607e
- SSDEEP
  
  768:bkykWA7n+dmzVIyU1t/VLxez49bDVXNxFQyUFr23Og9pKtgnMsXRVCWJaZhse8H:bkyC+d6DKVNez49b/xFYl23OYnfDC
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2