9da21a10ee92c29bed80bf6f9522610bab144136577a5940abdca305de7c65f2 | Triage

Sharing

General

Target

1b020f492a6399c3594b5e3375996c03
Size

141KB
Sample

231230-rfvlvaegak
MD5

1b020f492a6399c3594b5e3375996c03
SHA1

11e60fb39a6b6b0d8ebe14fd647ed8837bc37647
SHA256

9da21a10ee92c29bed80bf6f9522610bab144136577a5940abdca305de7c65f2
SHA512

694aa79f6dd2b8ebf25645c5007d5d0dba2288ae3a8d2d956cb89c02d54b0821f040976ab81b61d21d2d8106b7c3e64b80f3091986d1101d32d3df9a87d6932a
SSDEEP

3072:k/OCfemnikiv9jZgJrA2DfDIaxR/dM2gGeSNi4p0/j:kmqdiRZ4rA2QaXdMAeSNi4p0/j

Score

6^/10

persistence

Malware Config

Targets

- Target
  
  1b020f492a6399c3594b5e3375996c03
- Size
  
  141KB
- MD5
  
  1b020f492a6399c3594b5e3375996c03
- SHA1
  
  11e60fb39a6b6b0d8ebe14fd647ed8837bc37647
- SHA256
  
  9da21a10ee92c29bed80bf6f9522610bab144136577a5940abdca305de7c65f2
- SHA512
  
  694aa79f6dd2b8ebf25645c5007d5d0dba2288ae3a8d2d956cb89c02d54b0821f040976ab81b61d21d2d8106b7c3e64b80f3091986d1101d32d3df9a87d6932a
- SSDEEP
  
  3072:k/OCfemnikiv9jZgJrA2DfDIaxR/dM2gGeSNi4p0/j:kmqdiRZ4rA2QaXdMAeSNi4p0/j
Score

6^/10

persistence
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2