3a6a16dfeb1495b59d77b9725922997393ab38bad7a19c69cc07993f38525fac | Triage

Sharing

General

Target

522f0c8b9597614f652f7dfc7d00e3cd
Size

282KB
Sample

240111-bz1dfadab7
MD5

522f0c8b9597614f652f7dfc7d00e3cd
SHA1

af28dc919f5b4ae7f00beed9f9dba7187b8f2838
SHA256

3a6a16dfeb1495b59d77b9725922997393ab38bad7a19c69cc07993f38525fac
SHA512

2cde04fceec2e5a4792876dbeb0bb22fe3d42071b787ee3370ad8021c81aad016340f3b34f8e00dda7c44df0f27c6ae00343423adf5da360bb05483675de611b
SSDEEP

6144:7Zw2TxWX/f48zO7gtwua+Japo5iCb8lseuxw/6YF1M:tFTxWYMh5qoLb8LCy9E

Score

10^/10

persistence upx

Malware Config

Targets

- Target
  
  522f0c8b9597614f652f7dfc7d00e3cd
- Size
  
  282KB
- MD5
  
  522f0c8b9597614f652f7dfc7d00e3cd
- SHA1
  
  af28dc919f5b4ae7f00beed9f9dba7187b8f2838
- SHA256
  
  3a6a16dfeb1495b59d77b9725922997393ab38bad7a19c69cc07993f38525fac
- SHA512
  
  2cde04fceec2e5a4792876dbeb0bb22fe3d42071b787ee3370ad8021c81aad016340f3b34f8e00dda7c44df0f27c6ae00343423adf5da360bb05483675de611b
- SSDEEP
  
  6144:7Zw2TxWX/f48zO7gtwua+Japo5iCb8lseuxw/6YF1M:tFTxWYMh5qoLb8LCy9E
Score

10^/10

persistence upx
- Modifies WinLogon for persistence
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2