a59cc82c8655e6e3cf3e5127dda2754afedec66e7f056c0d40c8f75e1be4956c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0db680950a45d004285ef5db16c4e5cb
Size

51KB
Sample

231230-ekgvbsgedm
MD5

0db680950a45d004285ef5db16c4e5cb
SHA1

a3bc2248a69c8080a5c267936d9a0ce3a97180a9
SHA256

a59cc82c8655e6e3cf3e5127dda2754afedec66e7f056c0d40c8f75e1be4956c
SHA512

412a63878540f8a0ea437667d4a3a0b2484ee6d0973091ed384dc0ed99754f5f9addac0384194eaf8f7629df07aa73c3ce19778ab9f831a8017434379d11840c
SSDEEP

1536:Jt+JXI/TS6X2cb+IZgxjYfhDibxQ1jDhPpiY0XHEe:Jt2I/u6X2cb+Iz1jVIXk

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  0db680950a45d004285ef5db16c4e5cb
- Size
  
  51KB
- MD5
  
  0db680950a45d004285ef5db16c4e5cb
- SHA1
  
  a3bc2248a69c8080a5c267936d9a0ce3a97180a9
- SHA256
  
  a59cc82c8655e6e3cf3e5127dda2754afedec66e7f056c0d40c8f75e1be4956c
- SHA512
  
  412a63878540f8a0ea437667d4a3a0b2484ee6d0973091ed384dc0ed99754f5f9addac0384194eaf8f7629df07aa73c3ce19778ab9f831a8017434379d11840c
- SSDEEP
  
  1536:Jt+JXI/TS6X2cb+IZgxjYfhDibxQ1jDhPpiY0XHEe:Jt2I/u6X2cb+Iz1jVIXk
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2