f722e4d2b82460af90e987d9192ebfd4c5c1614d39adda10889266495cf78f3f | Triage

Sharing

General

Target

3ba363e27f85e5b4c60cbec1d37ee82a
Size

449KB
Sample

240101-crlezscfd5
MD5

3ba363e27f85e5b4c60cbec1d37ee82a
SHA1

978c5512dca4d8166c359f206a81c2877bbfd422
SHA256

f722e4d2b82460af90e987d9192ebfd4c5c1614d39adda10889266495cf78f3f
SHA512

5d8fdca251bad5d008070becb38db50758c362c822158f4efc4327049a4d6cff0b57acd78d4ae63fc3b368b383dc1cac867e2fa1cf68faa6c8f53882bbca1c25
SSDEEP

12288:CPIGBkc1UziJLtVYvec+sZK98VcrEITdh:pDiUziJ5VYX+btRTdh

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  3ba363e27f85e5b4c60cbec1d37ee82a
- Size
  
  449KB
- MD5
  
  3ba363e27f85e5b4c60cbec1d37ee82a
- SHA1
  
  978c5512dca4d8166c359f206a81c2877bbfd422
- SHA256
  
  f722e4d2b82460af90e987d9192ebfd4c5c1614d39adda10889266495cf78f3f
- SHA512
  
  5d8fdca251bad5d008070becb38db50758c362c822158f4efc4327049a4d6cff0b57acd78d4ae63fc3b368b383dc1cac867e2fa1cf68faa6c8f53882bbca1c25
- SSDEEP
  
  12288:CPIGBkc1UziJLtVYvec+sZK98VcrEITdh:pDiUziJ5VYX+btRTdh
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2