b04865295172d7ac57d30ac063a4656158e18796951c1da4cd988e0db07c2d44 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b0195031c062bd315012c0c8256d54c
Size

46KB
Sample

231231-zhw7fsgcf7
MD5

3b0195031c062bd315012c0c8256d54c
SHA1

058148b0621465d9f90727888a51bf5023af071e
SHA256

b04865295172d7ac57d30ac063a4656158e18796951c1da4cd988e0db07c2d44
SHA512

877df7bad98e728fbd88c0588e5ed5f0ce88beb3544cf9a731135aa87a5a3c9aba92f58cc37de832bce80674e9c58d4a70c868d730aea8e0f05707f56308524f
SSDEEP

768:RQQUito+iGqcZjD63niVlf8Qw9hfiOaVRoS4I580LB5e4u0c9mUQyr:GikcZjD2niVlEQwi9oS4IipmByr

Score

10^/10

persistence upx

Malware Config

Targets

- Target
  
  3b0195031c062bd315012c0c8256d54c
- Size
  
  46KB
- MD5
  
  3b0195031c062bd315012c0c8256d54c
- SHA1
  
  058148b0621465d9f90727888a51bf5023af071e
- SHA256
  
  b04865295172d7ac57d30ac063a4656158e18796951c1da4cd988e0db07c2d44
- SHA512
  
  877df7bad98e728fbd88c0588e5ed5f0ce88beb3544cf9a731135aa87a5a3c9aba92f58cc37de832bce80674e9c58d4a70c868d730aea8e0f05707f56308524f
- SSDEEP
  
  768:RQQUito+iGqcZjD63niVlf8Qw9hfiOaVRoS4I580LB5e4u0c9mUQyr:GikcZjD2niVlEQwi9oS4IipmByr
Score

10^/10

persistence upx
- Modifies WinLogon for persistence
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2