4833ceaa1bf82dde9757312b26f0ad596873e2361de203e2cf5d20ef4ef870e0 | Triage

Sharing

General

Target

7e1686574d7d218527e8990c8c474a64.exe
Size

244KB
Sample

240102-tkpmhacce7
MD5

7e1686574d7d218527e8990c8c474a64
SHA1

07fa7d34653172e6c6b00c038f57c038abd6c6ff
SHA256

4833ceaa1bf82dde9757312b26f0ad596873e2361de203e2cf5d20ef4ef870e0
SHA512

63afbc023869da1c3b3b988f3b5e972bb25c2038dd9ce3e54efb335dd71c517e0e6555edc7c3b4987b28890cf415b19d1d8308daf18aa80f338b0663bab850a2
SSDEEP

1536:wvf1zwQVgdYYuAXyeHl0BTFXEqkEgOUXhQp1of1zwQVgvKa60+:wn1zwLyYuAXyeaTFbkEg1Qp1o1zwLvK

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  7e1686574d7d218527e8990c8c474a64.exe
- Size
  
  244KB
- MD5
  
  7e1686574d7d218527e8990c8c474a64
- SHA1
  
  07fa7d34653172e6c6b00c038f57c038abd6c6ff
- SHA256
  
  4833ceaa1bf82dde9757312b26f0ad596873e2361de203e2cf5d20ef4ef870e0
- SHA512
  
  63afbc023869da1c3b3b988f3b5e972bb25c2038dd9ce3e54efb335dd71c517e0e6555edc7c3b4987b28890cf415b19d1d8308daf18aa80f338b0663bab850a2
- SSDEEP
  
  1536:wvf1zwQVgdYYuAXyeHl0BTFXEqkEgOUXhQp1of1zwQVgvKa60+:wn1zwLyYuAXyeaTFbkEg1Qp1o1zwLvK
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2