d3c5dfc940753fc819ace0c55216442a7cb090fec27e856071da176efdbc87c0 | Triage

Sharing

General

Target

56392089cbf8187636317ab83a2c12aa
Size

15KB
Sample

240112-mmsnlsebhk
MD5

56392089cbf8187636317ab83a2c12aa
SHA1

29dde0eba73888ebdb049278829862be70d2dc1e
SHA256

d3c5dfc940753fc819ace0c55216442a7cb090fec27e856071da176efdbc87c0
SHA512

fb6e9b85d4067d109cec37546c545e1dbac29d528912b2189b368e663fd4ad66b2f5dc34e117ef53cfc3674e8bcae8a1e4a4282ced9664f261b5ac967793472b
SSDEEP

384:AERvojPXWhimbGz7RyaWtugEzCkLAExM842:LRksghxMN

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  56392089cbf8187636317ab83a2c12aa
- Size
  
  15KB
- MD5
  
  56392089cbf8187636317ab83a2c12aa
- SHA1
  
  29dde0eba73888ebdb049278829862be70d2dc1e
- SHA256
  
  d3c5dfc940753fc819ace0c55216442a7cb090fec27e856071da176efdbc87c0
- SHA512
  
  fb6e9b85d4067d109cec37546c545e1dbac29d528912b2189b368e663fd4ad66b2f5dc34e117ef53cfc3674e8bcae8a1e4a4282ced9664f261b5ac967793472b
- SSDEEP
  
  384:AERvojPXWhimbGz7RyaWtugEzCkLAExM842:LRksghxMN
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Deletes itself
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2