707289b2c45e45103ce501ad13058bce5791b16527e6cccae74f110aff6c1dac | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ac9ea4cfbf320fa2cacac9a9db6f0f5
Size

11KB
Sample

240114-kh9p8afben
MD5

5ac9ea4cfbf320fa2cacac9a9db6f0f5
SHA1

719a3f402da66af6caf16031061efdf12080b30c
SHA256

707289b2c45e45103ce501ad13058bce5791b16527e6cccae74f110aff6c1dac
SHA512

b619980052e1012263faf0b5a4e3ad9d5080c7f4a90f2453f7ddf8e5c6591d55b9411baf21dd4415ca905a4fe1d2d6f0caa2db4205a3fc3ee976dd96c2a36eea
SSDEEP

96:KYXsxRmrImEaRTynyEa7HvyDxyByZgyNzKO2VHvfC0gvH7EnmIQUweGWP7imM:KY8xRm2aOacnZuQI7y

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  5ac9ea4cfbf320fa2cacac9a9db6f0f5
- Size
  
  11KB
- MD5
  
  5ac9ea4cfbf320fa2cacac9a9db6f0f5
- SHA1
  
  719a3f402da66af6caf16031061efdf12080b30c
- SHA256
  
  707289b2c45e45103ce501ad13058bce5791b16527e6cccae74f110aff6c1dac
- SHA512
  
  b619980052e1012263faf0b5a4e3ad9d5080c7f4a90f2453f7ddf8e5c6591d55b9411baf21dd4415ca905a4fe1d2d6f0caa2db4205a3fc3ee976dd96c2a36eea
- SSDEEP
  
  96:KYXsxRmrImEaRTynyEa7HvyDxyByZgyNzKO2VHvfC0gvH7EnmIQUweGWP7imM:KY8xRm2aOacnZuQI7y
Score

10^/10

evasion persistence
- Modifies WinLogon for persistence
  persistence
- Disables RegEdit via registry modification
  evasion
- Disables Task Manager via registry modification
  evasion
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence