39e518bdbeda45efb8481b4f4a4bfcebed51587813f8fd3a4c8472237c374ef0 | Triage

Sharing

General

Target

0a4138a18cbc6580814f0acc36a8f596
Size

43KB
Sample

231230-bz2w9secf2
MD5

0a4138a18cbc6580814f0acc36a8f596
SHA1

07d7d374afab5adc13fff1b06b59edb13f3922d0
SHA256

39e518bdbeda45efb8481b4f4a4bfcebed51587813f8fd3a4c8472237c374ef0
SHA512

06cbcdd71a9c0c930895e7a8b95e58330c3469fd6cc081e3309670d02e743d0950c29326f2680bbc72dbd0282b42e59f79410ac9e211d79231d9bc436d5e371a
SSDEEP

768:RFhBAwauHlbmPywcOzrqH47UnsZOhEqbVcW66dQiVgoctjkzoDd7Vglh53J:P3tauHlbmPKwrqSUs0THVVgogjFyP5Z

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  0a4138a18cbc6580814f0acc36a8f596
- Size
  
  43KB
- MD5
  
  0a4138a18cbc6580814f0acc36a8f596
- SHA1
  
  07d7d374afab5adc13fff1b06b59edb13f3922d0
- SHA256
  
  39e518bdbeda45efb8481b4f4a4bfcebed51587813f8fd3a4c8472237c374ef0
- SHA512
  
  06cbcdd71a9c0c930895e7a8b95e58330c3469fd6cc081e3309670d02e743d0950c29326f2680bbc72dbd0282b42e59f79410ac9e211d79231d9bc436d5e371a
- SSDEEP
  
  768:RFhBAwauHlbmPywcOzrqH47UnsZOhEqbVcW66dQiVgoctjkzoDd7Vglh53J:P3tauHlbmPKwrqSUs0THVVgogjFyP5Z
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2