d8c4a82e69d87d9e5a2cc5fad5e47854104df2d6989efc6685c348c3128fa061 | Triage

Sharing

General

Target

1c0f5afba06355ef242cd0ecc1e880c1
Size

97KB
Sample

231230-zhg3jahbh6
MD5

1c0f5afba06355ef242cd0ecc1e880c1
SHA1

6149d9f7cbbeecf65a5a83bb474a8b5ee28efb52
SHA256

d8c4a82e69d87d9e5a2cc5fad5e47854104df2d6989efc6685c348c3128fa061
SHA512

c98fe4f714279452785ffda24956b19e99dc006cf5ba537ff8b125bfb6957765dd9cfac5156d4589220ddb09286985a1260c898683eb6bd7ff8cfa2e6394e3f9
SSDEEP

1536:KC0OMcamTaWf1zwQVgv6I83yDIjU6J8UlrmfvttU5Hn:JnamTa+1zwLv65CWLnJmXjU5H

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  1c0f5afba06355ef242cd0ecc1e880c1
- Size
  
  97KB
- MD5
  
  1c0f5afba06355ef242cd0ecc1e880c1
- SHA1
  
  6149d9f7cbbeecf65a5a83bb474a8b5ee28efb52
- SHA256
  
  d8c4a82e69d87d9e5a2cc5fad5e47854104df2d6989efc6685c348c3128fa061
- SHA512
  
  c98fe4f714279452785ffda24956b19e99dc006cf5ba537ff8b125bfb6957765dd9cfac5156d4589220ddb09286985a1260c898683eb6bd7ff8cfa2e6394e3f9
- SSDEEP
  
  1536:KC0OMcamTaWf1zwQVgv6I83yDIjU6J8UlrmfvttU5Hn:JnamTa+1zwLv65CWLnJmXjU5H
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2