704ca76249641608ea1112306224b9540dfdc9d6e6b140a0ce81305c2409c8d5 | Triage

Sharing

General

Target

2d02cb3494e26237d528e57bf3463226
Size

260KB
Sample

231231-h3qfzagcb7
MD5

2d02cb3494e26237d528e57bf3463226
SHA1

ac1e02830f34a8814ba0d225b5cc8065566a0cab
SHA256

704ca76249641608ea1112306224b9540dfdc9d6e6b140a0ce81305c2409c8d5
SHA512

47585a57315eff073e7cd643f96c81ff97b22423b92180f42fc7447fcadd40e6ec469f8c94059e73b4bde7ebd9d42539289e677bb68172b659c36a594a98ffe4
SSDEEP

6144:ptd2nPvq7vfS6VNVjNJHJ7lSnF6YRv1YFOl5FS12:JEPvKd3R7WRv1rC2

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  2d02cb3494e26237d528e57bf3463226
- Size
  
  260KB
- MD5
  
  2d02cb3494e26237d528e57bf3463226
- SHA1
  
  ac1e02830f34a8814ba0d225b5cc8065566a0cab
- SHA256
  
  704ca76249641608ea1112306224b9540dfdc9d6e6b140a0ce81305c2409c8d5
- SHA512
  
  47585a57315eff073e7cd643f96c81ff97b22423b92180f42fc7447fcadd40e6ec469f8c94059e73b4bde7ebd9d42539289e677bb68172b659c36a594a98ffe4
- SSDEEP
  
  6144:ptd2nPvq7vfS6VNVjNJHJ7lSnF6YRv1YFOl5FS12:JEPvKd3R7WRv1rC2
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2