f643ce0df7bdc75b262f5bb0ebe6da9ebbdef814ca3bad98a540a701dcde0184 | Triage

Sharing

General

Target

15e4a59c8b9f29f37398d40dbe546666
Size

168KB
Sample

231230-mhhb3sbfd5
MD5

15e4a59c8b9f29f37398d40dbe546666
SHA1

acaa46166c0fec57bb52cd94d86e1b726e526417
SHA256

f643ce0df7bdc75b262f5bb0ebe6da9ebbdef814ca3bad98a540a701dcde0184
SHA512

d1845512c06a00e4ff5f781abebe1719417278d85546143232ff4a0c4ba826a0574764dd2533b1c2760b70e64c94bcb3cc7356a7ac540e9ec6ffafdf7e1bb189
SSDEEP

3072:Ed1tkglSArPZrrYjSI4cEiwSanHo5WryQ0pJ9Aro0vKX0NFv6vmlv1:21t88RrsJ5aHo5WryQaSozXyR6v

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  15e4a59c8b9f29f37398d40dbe546666
- Size
  
  168KB
- MD5
  
  15e4a59c8b9f29f37398d40dbe546666
- SHA1
  
  acaa46166c0fec57bb52cd94d86e1b726e526417
- SHA256
  
  f643ce0df7bdc75b262f5bb0ebe6da9ebbdef814ca3bad98a540a701dcde0184
- SHA512
  
  d1845512c06a00e4ff5f781abebe1719417278d85546143232ff4a0c4ba826a0574764dd2533b1c2760b70e64c94bcb3cc7356a7ac540e9ec6ffafdf7e1bb189
- SSDEEP
  
  3072:Ed1tkglSArPZrrYjSI4cEiwSanHo5WryQ0pJ9Aro0vKX0NFv6vmlv1:21t88RrsJ5aHo5WryQaSozXyR6v
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2