d99dd7ef86e410fe43c5d292ced64524e46ba4c1316b5043069b1b4bc7d18077 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a349349dca927f2a00399386df7c255
Size

46KB
Sample

231231-r4ns7sahf9
MD5

3a349349dca927f2a00399386df7c255
SHA1

be6667c7bda954bc5bd309a78c5adf17c65ef8c4
SHA256

d99dd7ef86e410fe43c5d292ced64524e46ba4c1316b5043069b1b4bc7d18077
SHA512

4e92fcbc3c5ccd54cf769c0151818be3bf85130c126a780cbb572aa1c25dc730d9146d9a46e4460a98250026956362845f86d89f2cc1e4acb7fc4d0cb1e94d94
SSDEEP

768:PJ4uaYLNkn+6A6Xuzil7QV6lvCDoLElVVbynScSxQGSq9W2Un04e5DtAdM0o:FRxkn+6Ru+7QVDDoLEXhynmr9W2Un0t3

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  3a349349dca927f2a00399386df7c255
- Size
  
  46KB
- MD5
  
  3a349349dca927f2a00399386df7c255
- SHA1
  
  be6667c7bda954bc5bd309a78c5adf17c65ef8c4
- SHA256
  
  d99dd7ef86e410fe43c5d292ced64524e46ba4c1316b5043069b1b4bc7d18077
- SHA512
  
  4e92fcbc3c5ccd54cf769c0151818be3bf85130c126a780cbb572aa1c25dc730d9146d9a46e4460a98250026956362845f86d89f2cc1e4acb7fc4d0cb1e94d94
- SSDEEP
  
  768:PJ4uaYLNkn+6A6Xuzil7QV6lvCDoLElVVbynScSxQGSq9W2Un04e5DtAdM0o:FRxkn+6Ru+7QVDDoLEXhynmr9W2Un0t3
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2