eeb768dc1d076566a0cbc25620a6d10053ad82e7b3543d215c9e518f7f8032df | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5595f3009f7b65c03d767d5fd97c1676
Size

66KB
Sample

240112-fwnbxsfbcl
MD5

5595f3009f7b65c03d767d5fd97c1676
SHA1

f90a151a0443a0c1e83b357551ccbc5f43aaa9cc
SHA256

eeb768dc1d076566a0cbc25620a6d10053ad82e7b3543d215c9e518f7f8032df
SHA512

caecaaba93168da21f5cb12f0760d4a189deff07b9223bb96fde5664f146f9ebc06291260391761c06d54abda613626be92f94fa4b589bce1d98eaece829620d
SSDEEP

1536:l7sOedJZN7wEWhJ2aoZXe7VqYz/Pi7sqHFdKtI97:l7F07wpZ7T3zCFdz5

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  5595f3009f7b65c03d767d5fd97c1676
- Size
  
  66KB
- MD5
  
  5595f3009f7b65c03d767d5fd97c1676
- SHA1
  
  f90a151a0443a0c1e83b357551ccbc5f43aaa9cc
- SHA256
  
  eeb768dc1d076566a0cbc25620a6d10053ad82e7b3543d215c9e518f7f8032df
- SHA512
  
  caecaaba93168da21f5cb12f0760d4a189deff07b9223bb96fde5664f146f9ebc06291260391761c06d54abda613626be92f94fa4b589bce1d98eaece829620d
- SSDEEP
  
  1536:l7sOedJZN7wEWhJ2aoZXe7VqYz/Pi7sqHFdKtI97:l7F07wpZ7T3zCFdz5
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2