fef872d5e0d076d0d8fba2c682d28c3e03e83141c52269d32bed9fe3498fdf74 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1a2ddfdd1aaef211917d7593b0773524
Size

43KB
Sample

231230-qvjbpacea9
MD5

1a2ddfdd1aaef211917d7593b0773524
SHA1

f9ddb5ff3f1e182813ff64b532bebe8cb65590fa
SHA256

fef872d5e0d076d0d8fba2c682d28c3e03e83141c52269d32bed9fe3498fdf74
SHA512

4131e84c16cd2ea0347d7169382bd9b090dd74196fa86cd152fd7db8b2985dc5580e8066d048324106da5c73439fba2bb3a4347d4f7a93475822d751217b4551
SSDEEP

768:V9pb382ZUpoE2kqdea804j8njxfZVOklPMgCIVNthKU5FnAg4rHcX8U:vpw2ZZE3qdQ/MlSklPMgpN31IQ8U

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  1a2ddfdd1aaef211917d7593b0773524
- Size
  
  43KB
- MD5
  
  1a2ddfdd1aaef211917d7593b0773524
- SHA1
  
  f9ddb5ff3f1e182813ff64b532bebe8cb65590fa
- SHA256
  
  fef872d5e0d076d0d8fba2c682d28c3e03e83141c52269d32bed9fe3498fdf74
- SHA512
  
  4131e84c16cd2ea0347d7169382bd9b090dd74196fa86cd152fd7db8b2985dc5580e8066d048324106da5c73439fba2bb3a4347d4f7a93475822d751217b4551
- SSDEEP
  
  768:V9pb382ZUpoE2kqdea804j8njxfZVOklPMgCIVNthKU5FnAg4rHcX8U:vpw2ZZE3qdQ/MlSklPMgpN31IQ8U
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2