b56d8bc09931aa0380754a344a35132293b0ec4f76635842c67fa1395b8b7e7c | Triage

Sharing

General

Target

63aefabb6af4ae68083d579a17be09f3.bin
Size

49KB
Sample

240119-c8tspaegb2
MD5

63aefabb6af4ae68083d579a17be09f3
SHA1

2971fecc8434c5c831cceab749f49f9d60c5eb8f
SHA256

b56d8bc09931aa0380754a344a35132293b0ec4f76635842c67fa1395b8b7e7c
SHA512

5324d5f9a7256c1bb3674f28d0691f339d8e366945c2aea030150decd1fde9e5d10f9e06bf9bdfa108ab7b3e37bbc0297baf213e338844f8a05b2648a3021e9b
SSDEEP

1536:I5M0FUqL+XCnJK5NCyY5ibLca2h1orNKCO6oU:WM0FUiNnI/zbLcRK8l6

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  63aefabb6af4ae68083d579a17be09f3.bin
- Size
  
  49KB
- MD5
  
  63aefabb6af4ae68083d579a17be09f3
- SHA1
  
  2971fecc8434c5c831cceab749f49f9d60c5eb8f
- SHA256
  
  b56d8bc09931aa0380754a344a35132293b0ec4f76635842c67fa1395b8b7e7c
- SHA512
  
  5324d5f9a7256c1bb3674f28d0691f339d8e366945c2aea030150decd1fde9e5d10f9e06bf9bdfa108ab7b3e37bbc0297baf213e338844f8a05b2648a3021e9b
- SSDEEP
  
  1536:I5M0FUqL+XCnJK5NCyY5ibLca2h1orNKCO6oU:WM0FUiNnI/zbLcRK8l6
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2