6b1f25d7df4d7d1b61a558ab8d28612581f67b411f14bd9620449bc04a73445b | Triage

Sharing

General

Target

10d75fc23bd105a98b8d952be81593f0
Size

36KB
Sample

231230-g1cxesback
MD5

10d75fc23bd105a98b8d952be81593f0
SHA1

f3ce99466acbc8ad10a0cf61d0a74d8cfd0a9eae
SHA256

6b1f25d7df4d7d1b61a558ab8d28612581f67b411f14bd9620449bc04a73445b
SHA512

17835ad523c48c00841978cc804f488b19f2234771c58f35c71b45a45083f0016186287a04d63364baa4464829507b5b496f3a4c5dd20c08ac5083ab89aa7d10
SSDEEP

768:IkXioTU27ZB/nbcuyD7U5lSFIFhbFPiBHFUgoUn6C+bW:FDU2L/nouy85cYrPiBHFUgJn5+bW

Score

10^/10

persistence upx

Malware Config

Targets

- Target
  
  10d75fc23bd105a98b8d952be81593f0
- Size
  
  36KB
- MD5
  
  10d75fc23bd105a98b8d952be81593f0
- SHA1
  
  f3ce99466acbc8ad10a0cf61d0a74d8cfd0a9eae
- SHA256
  
  6b1f25d7df4d7d1b61a558ab8d28612581f67b411f14bd9620449bc04a73445b
- SHA512
  
  17835ad523c48c00841978cc804f488b19f2234771c58f35c71b45a45083f0016186287a04d63364baa4464829507b5b496f3a4c5dd20c08ac5083ab89aa7d10
- SSDEEP
  
  768:IkXioTU27ZB/nbcuyD7U5lSFIFhbFPiBHFUgoUn6C+bW:FDU2L/nouy85cYrPiBHFUgJn5+bW
Score

10^/10

persistence upx
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2