afa261342008550d0f0db57b654b7a5aceb85426c485ec236f8d8c16a070181d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

406f17aaf80ada8caf4d88e87fc3d1d0
Size

49KB
Sample

240104-kyke9scdgn
MD5

406f17aaf80ada8caf4d88e87fc3d1d0
SHA1

370fd393e37678e1512274b8655205a52535a125
SHA256

afa261342008550d0f0db57b654b7a5aceb85426c485ec236f8d8c16a070181d
SHA512

9e5801f13fd5f00d3d20796cdd028901688ec45481566926b04f93a8ca25df763a2cdafe0c310aa290c991945aa1d592594353f35d6b359589c77935e7389554
SSDEEP

1536:o2vOWOUxbbEc26RJysEYtYSIvIielu440U3Nmu:LOWOU9e6RJytE4vIZA440Udmu

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  406f17aaf80ada8caf4d88e87fc3d1d0
- Size
  
  49KB
- MD5
  
  406f17aaf80ada8caf4d88e87fc3d1d0
- SHA1
  
  370fd393e37678e1512274b8655205a52535a125
- SHA256
  
  afa261342008550d0f0db57b654b7a5aceb85426c485ec236f8d8c16a070181d
- SHA512
  
  9e5801f13fd5f00d3d20796cdd028901688ec45481566926b04f93a8ca25df763a2cdafe0c310aa290c991945aa1d592594353f35d6b359589c77935e7389554
- SSDEEP
  
  1536:o2vOWOUxbbEc26RJysEYtYSIvIielu440U3Nmu:LOWOU9e6RJytE4vIZA440Udmu
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2