49aed16325ad3527dbc5c579ecd75798aefc4298c7d1e75d9d68c1f80f78115e | Triage

Sharing

General

Target

f3aa834ccaf8483aacdceef56b36e114.exe
Size

243KB
Sample

240109-w5f7zafehm
MD5

f3aa834ccaf8483aacdceef56b36e114
SHA1

075a68b840a90f1ad016abd610cd6b222ffad968
SHA256

49aed16325ad3527dbc5c579ecd75798aefc4298c7d1e75d9d68c1f80f78115e
SHA512

772c49e0f1f8b1a1a82de99ea7e552c6723dcd225039c2b2302b99a0032dcb06dbbea98251c0fafe84a548a4883e0a56e22af12b1dfc0e32fc7933d4f1421bfb
SSDEEP

6144:znScTKd/ASzisjWzxCyEBQFyTrfdiaXuQtqc7YKqkYh:1TKCS2sjWC1rfd/Rtqc7HqkYh

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  f3aa834ccaf8483aacdceef56b36e114.exe
- Size
  
  243KB
- MD5
  
  f3aa834ccaf8483aacdceef56b36e114
- SHA1
  
  075a68b840a90f1ad016abd610cd6b222ffad968
- SHA256
  
  49aed16325ad3527dbc5c579ecd75798aefc4298c7d1e75d9d68c1f80f78115e
- SHA512
  
  772c49e0f1f8b1a1a82de99ea7e552c6723dcd225039c2b2302b99a0032dcb06dbbea98251c0fafe84a548a4883e0a56e22af12b1dfc0e32fc7933d4f1421bfb
- SSDEEP
  
  6144:znScTKd/ASzisjWzxCyEBQFyTrfdiaXuQtqc7YKqkYh:1TKCS2sjWC1rfd/Rtqc7HqkYh
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2