cb911a654c52a48d72d70016a5cea17ca4810373910411a1f3a7a5a87f5a4dbf | Triage

Sharing

General

Target

25c3d1158567521f180fda6fa3918b1f
Size

355KB
Sample

231231-dmq1cagfd5
MD5

25c3d1158567521f180fda6fa3918b1f
SHA1

e1f8b032f2c3a732acc99db12c53cb662046ad20
SHA256

cb911a654c52a48d72d70016a5cea17ca4810373910411a1f3a7a5a87f5a4dbf
SHA512

2797b837627ab56dcb55e940862dfdf52c4c047f0f8ee412eac139e89c45b566be2421b0d7bf67ddb4ae35fa345feb6a6760b8c64a669b19736fba14377db7e3
SSDEEP

6144:f3EmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9EiS:cmWhND9yJz+b1FcMLmp2ATTSsdS

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  25c3d1158567521f180fda6fa3918b1f
- Size
  
  355KB
- MD5
  
  25c3d1158567521f180fda6fa3918b1f
- SHA1
  
  e1f8b032f2c3a732acc99db12c53cb662046ad20
- SHA256
  
  cb911a654c52a48d72d70016a5cea17ca4810373910411a1f3a7a5a87f5a4dbf
- SHA512
  
  2797b837627ab56dcb55e940862dfdf52c4c047f0f8ee412eac139e89c45b566be2421b0d7bf67ddb4ae35fa345feb6a6760b8c64a669b19736fba14377db7e3
- SSDEEP
  
  6144:f3EmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9EiS:cmWhND9yJz+b1FcMLmp2ATTSsdS
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2