690f78742435c1042854860aecd77c057a6ad756fdc5124c73bd0b0e00584167 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d329b14d4da040cc088d671fe7b2555
Size

54KB
Sample

231231-h68rqafaer
MD5

2d329b14d4da040cc088d671fe7b2555
SHA1

504d5ae8f0cbf245b5339791c5dde02170de6a7e
SHA256

690f78742435c1042854860aecd77c057a6ad756fdc5124c73bd0b0e00584167
SHA512

5aad81ab3de5e2dca243469af92a63b7b62d917317d5570b7e9b0cee3cdd06700d670bb81576fb19cdf0af585c9151e8ebb59a9d3fe0ab690940cad2dcaccdc7
SSDEEP

1536:xFP3XkKW62F5L1Zh7y9ZYKn1fpQznj7WfCA:nvXErLTh8YK1OOZ

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  2d329b14d4da040cc088d671fe7b2555
- Size
  
  54KB
- MD5
  
  2d329b14d4da040cc088d671fe7b2555
- SHA1
  
  504d5ae8f0cbf245b5339791c5dde02170de6a7e
- SHA256
  
  690f78742435c1042854860aecd77c057a6ad756fdc5124c73bd0b0e00584167
- SHA512
  
  5aad81ab3de5e2dca243469af92a63b7b62d917317d5570b7e9b0cee3cdd06700d670bb81576fb19cdf0af585c9151e8ebb59a9d3fe0ab690940cad2dcaccdc7
- SSDEEP
  
  1536:xFP3XkKW62F5L1Zh7y9ZYKn1fpQznj7WfCA:nvXErLTh8YK1OOZ
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2