9a29e0362a040138a4674a16559578222b2f771b05c38d5f30dda6ed5f1f67ba | Triage

Sharing

General

Target

3e9d6a13fd625587526205a455670c8f
Size

254KB
Sample

240102-wdkq3sahep
MD5

3e9d6a13fd625587526205a455670c8f
SHA1

24d3899f55176cc770115a5af98b9433cec1a94d
SHA256

9a29e0362a040138a4674a16559578222b2f771b05c38d5f30dda6ed5f1f67ba
SHA512

925aad5e65948906caab94797e46465d30b4042b821867b0006dfcacb3348aafbf2a0edbf7f4dfc8c81da8462bf559d4d6f0de4cf893efa890456104a3d1c811
SSDEEP

6144:YZx4wXije2Pyp4qHv5e4xrnMdyaIlrAB/M+IJGSC8e:YZx3XiLap42xDXFrAJMHGt

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  3e9d6a13fd625587526205a455670c8f
- Size
  
  254KB
- MD5
  
  3e9d6a13fd625587526205a455670c8f
- SHA1
  
  24d3899f55176cc770115a5af98b9433cec1a94d
- SHA256
  
  9a29e0362a040138a4674a16559578222b2f771b05c38d5f30dda6ed5f1f67ba
- SHA512
  
  925aad5e65948906caab94797e46465d30b4042b821867b0006dfcacb3348aafbf2a0edbf7f4dfc8c81da8462bf559d4d6f0de4cf893efa890456104a3d1c811
- SSDEEP
  
  6144:YZx4wXije2Pyp4qHv5e4xrnMdyaIlrAB/M+IJGSC8e:YZx3XiLap42xDXFrAJMHGt
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2