3f63b0136b5afb1e29d8dc6d9755d85139291355ce0889139164bcc87f2ddf38 | Triage

Sharing

General

Target

353d4e92b98f4ff46a1559f8f2f23e2d.exe
Size

150KB
Sample

231230-xgbs1sdee6
MD5

353d4e92b98f4ff46a1559f8f2f23e2d
SHA1

525ebc52d796fd8d32a42844ebff603c37cc6641
SHA256

3f63b0136b5afb1e29d8dc6d9755d85139291355ce0889139164bcc87f2ddf38
SHA512

51f88883d1a08c520e747d24dd964440aa1c33250a125511820503ddaf1e5f6240ebf31d791e3a7ae70c3d9883fe86cb699f5b987d1c50794f207cfb55849c56
SSDEEP

3072:VuuczBGY3j4nLXhfRf70MCRRb85TFcMo7xQGHMOfAVTzXW:VlcEY3iLXXgvRG5TFZoFQaMrHX

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  353d4e92b98f4ff46a1559f8f2f23e2d.exe
- Size
  
  150KB
- MD5
  
  353d4e92b98f4ff46a1559f8f2f23e2d
- SHA1
  
  525ebc52d796fd8d32a42844ebff603c37cc6641
- SHA256
  
  3f63b0136b5afb1e29d8dc6d9755d85139291355ce0889139164bcc87f2ddf38
- SHA512
  
  51f88883d1a08c520e747d24dd964440aa1c33250a125511820503ddaf1e5f6240ebf31d791e3a7ae70c3d9883fe86cb699f5b987d1c50794f207cfb55849c56
- SSDEEP
  
  3072:VuuczBGY3j4nLXhfRf70MCRRb85TFcMo7xQGHMOfAVTzXW:VlcEY3iLXXgvRG5TFZoFQaMrHX
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2