9b275b16dba4f8714d8618da965daec8af9c1e3be6ebc2d0285b079471cf2550 | Triage

Sharing

General

Target

7c603ad1f3386aefa20c302b18e8af6f
Size

60KB
Sample

240128-g421qaegfp
MD5

7c603ad1f3386aefa20c302b18e8af6f
SHA1

3b515541d91f763a34ce548943011a6dddb7c91d
SHA256

9b275b16dba4f8714d8618da965daec8af9c1e3be6ebc2d0285b079471cf2550
SHA512

39bd36d92473057f45f212fe6a94906ba5391e0e6a820d8dd10099590783a04f3215e2928edc1bacb3dbd06e5f47f5f12adb23fc68441992925c717ea1e81290
SSDEEP

768:/ZFSQpwJn0afaJgY9rl4ujLDtY/uVLq+BpfldFNR1IAY:/ZFqY9rl4ujLD+/uVq6lDIAY

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  7c603ad1f3386aefa20c302b18e8af6f
- Size
  
  60KB
- MD5
  
  7c603ad1f3386aefa20c302b18e8af6f
- SHA1
  
  3b515541d91f763a34ce548943011a6dddb7c91d
- SHA256
  
  9b275b16dba4f8714d8618da965daec8af9c1e3be6ebc2d0285b079471cf2550
- SHA512
  
  39bd36d92473057f45f212fe6a94906ba5391e0e6a820d8dd10099590783a04f3215e2928edc1bacb3dbd06e5f47f5f12adb23fc68441992925c717ea1e81290
- SSDEEP
  
  768:/ZFSQpwJn0afaJgY9rl4ujLDtY/uVLq+BpfldFNR1IAY:/ZFqY9rl4ujLD+/uVq6lDIAY
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2