5664b10782bf2be8f9a5da5de78b175e1fca29ef8ecad81ed4655ff2ce265ef0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36da64a6409cd377f26e7b90f75b39c6.exe
Size

46KB
Sample

240110-xxakwsfab3
MD5

36da64a6409cd377f26e7b90f75b39c6
SHA1

32abc318a310cbd12a26f150ffe067c2bb7de4b8
SHA256

5664b10782bf2be8f9a5da5de78b175e1fca29ef8ecad81ed4655ff2ce265ef0
SHA512

a40089bf0ba8b5d45d201e20ad65ed56518e81983a316fe7f41f885263b343c555dd72404e7fc07abda052b3588b8f046c5959c2b3dfa0ab7d81f95f25af607e
SSDEEP

768:J87tomxsdgajRyTM0Ma58X46n44eu8xDo9gEPBCLBmEAhOYmwZejKqbHnax1:ytogaEQPX4s4nDUtCLruZemeHnar

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  36da64a6409cd377f26e7b90f75b39c6.exe
- Size
  
  46KB
- MD5
  
  36da64a6409cd377f26e7b90f75b39c6
- SHA1
  
  32abc318a310cbd12a26f150ffe067c2bb7de4b8
- SHA256
  
  5664b10782bf2be8f9a5da5de78b175e1fca29ef8ecad81ed4655ff2ce265ef0
- SHA512
  
  a40089bf0ba8b5d45d201e20ad65ed56518e81983a316fe7f41f885263b343c555dd72404e7fc07abda052b3588b8f046c5959c2b3dfa0ab7d81f95f25af607e
- SSDEEP
  
  768:J87tomxsdgajRyTM0Ma58X46n44eu8xDo9gEPBCLBmEAhOYmwZejKqbHnax1:ytogaEQPX4s4nDUtCLruZemeHnar
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2