e91d48473126558ecdd83c9f2f0480b646302a03d135d7eb17f31906efc13b43 | Triage

Sharing

General

Target

117ba643cf7e1d50e230267a738597e1
Size

104KB
Sample

231230-hmpjqshdb9
MD5

117ba643cf7e1d50e230267a738597e1
SHA1

1338327fb014f28126b90402845bb1a25e12554a
SHA256

e91d48473126558ecdd83c9f2f0480b646302a03d135d7eb17f31906efc13b43
SHA512

24e1163dc8654a9c624ca8cbca5be3644848802752931df3111e3006f88bf0d55eb71546d35017d3b50d231fa1f574bcf9b0844a3784a8950effc7ce9abcb7b8
SSDEEP

3072:5/qdCnQ1XrfMbM5uEc91YXeJ+B+URstSlW:ALX5uEda+EURW

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  117ba643cf7e1d50e230267a738597e1
- Size
  
  104KB
- MD5
  
  117ba643cf7e1d50e230267a738597e1
- SHA1
  
  1338327fb014f28126b90402845bb1a25e12554a
- SHA256
  
  e91d48473126558ecdd83c9f2f0480b646302a03d135d7eb17f31906efc13b43
- SHA512
  
  24e1163dc8654a9c624ca8cbca5be3644848802752931df3111e3006f88bf0d55eb71546d35017d3b50d231fa1f574bcf9b0844a3784a8950effc7ce9abcb7b8
- SSDEEP
  
  3072:5/qdCnQ1XrfMbM5uEc91YXeJ+B+URstSlW:ALX5uEda+EURW
Score

10^/10

evasion persistence
- Modifies WinLogon for persistence
  persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence