61f7de94de78e5f56bac7dc2ff6719fe7786d8acbbf5215aa18729f24a8cd0db | Triage

Sharing

General

Target

097ffcef08922f90e664c366679133aa.exe
Size

63KB
Sample

240101-ym865sbea3
MD5

097ffcef08922f90e664c366679133aa
SHA1

3eba442bb42fe25153b96c5d1d91dc4bf23f89f3
SHA256

61f7de94de78e5f56bac7dc2ff6719fe7786d8acbbf5215aa18729f24a8cd0db
SHA512

3efc22eb8e3369e9676ad7f41e2e4d4b049fbf8557824d209a59d2e68b8c8a2a2b3d18a51b6f45f2f503dc2186345c71cda8efb304a131f5a1b909bd37a8c9aa
SSDEEP

1536:pY8KpQL5eYFGp+kOj+GyjBazkaskwkzLdtuFIoGBaXYEKG:EpQL5etrOyGaBazFsiz+NGBquG

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  097ffcef08922f90e664c366679133aa.exe
- Size
  
  63KB
- MD5
  
  097ffcef08922f90e664c366679133aa
- SHA1
  
  3eba442bb42fe25153b96c5d1d91dc4bf23f89f3
- SHA256
  
  61f7de94de78e5f56bac7dc2ff6719fe7786d8acbbf5215aa18729f24a8cd0db
- SHA512
  
  3efc22eb8e3369e9676ad7f41e2e4d4b049fbf8557824d209a59d2e68b8c8a2a2b3d18a51b6f45f2f503dc2186345c71cda8efb304a131f5a1b909bd37a8c9aa
- SSDEEP
  
  1536:pY8KpQL5eYFGp+kOj+GyjBazkaskwkzLdtuFIoGBaXYEKG:EpQL5etrOyGaBazFsiz+NGBquG
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2