26a9f7f666d3fc8f58c9fa7217caea85afaac8cd9c140494669fcdd2d3bf6293 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14020514437bcd0948b94af5c5be0539
Size

81KB
Sample

231230-kzss2agec7
MD5

14020514437bcd0948b94af5c5be0539
SHA1

cdd4e2cda4cceb61b4fb24f8001b96c3ea867846
SHA256

26a9f7f666d3fc8f58c9fa7217caea85afaac8cd9c140494669fcdd2d3bf6293
SHA512

aac7f66f61e9401c0408123c54c58a9e8ed3e7db5c300a18ce793ced70da6eb7adfa35fe6e88e32530364f55ec0e10aaf94f9d1019cdbdf5697e41888879c0ab
SSDEEP

1536:PYI1lA8IC6QjV2kSUNLyJPXju5ahnDscNvCdj/up1TduJG23z8HJMZyY:ndIC6QjV2kjwlK5ahnD1NvCdjmZEz8H2

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  14020514437bcd0948b94af5c5be0539
- Size
  
  81KB
- MD5
  
  14020514437bcd0948b94af5c5be0539
- SHA1
  
  cdd4e2cda4cceb61b4fb24f8001b96c3ea867846
- SHA256
  
  26a9f7f666d3fc8f58c9fa7217caea85afaac8cd9c140494669fcdd2d3bf6293
- SHA512
  
  aac7f66f61e9401c0408123c54c58a9e8ed3e7db5c300a18ce793ced70da6eb7adfa35fe6e88e32530364f55ec0e10aaf94f9d1019cdbdf5697e41888879c0ab
- SSDEEP
  
  1536:PYI1lA8IC6QjV2kSUNLyJPXju5ahnDscNvCdj/up1TduJG23z8HJMZyY:ndIC6QjV2kjwlK5ahnD1NvCdjmZEz8H2
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2