d0057df0cd13877defd02490ec9b4558458533dec39fb4d34c7b5ab5a3b1a08f | Triage

Sharing

General

Target

7d7d90ca3d347671783fcc2cba3a7078
Size

184KB
Sample

240128-t9xpeafdfr
MD5

7d7d90ca3d347671783fcc2cba3a7078
SHA1

f3ccd008dcc6525dbf8b331212b1b68d4e1b6056
SHA256

d0057df0cd13877defd02490ec9b4558458533dec39fb4d34c7b5ab5a3b1a08f
SHA512

03fd3913375802884047a6cfbdbcc8e19842fc70d797c7b09f19734b00588db2237789937e568a9d5b4211db332598f347e40a93f52121a4a515e701f24bcac3
SSDEEP

3072:5bTkHUZ4AgcaEM8FrrOovKei+LhNnGGlCVRTkwIOSHNr8lr2bj6:dkHUZ4eJrOovKT+LhlGWITkF8lr2bj

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  7d7d90ca3d347671783fcc2cba3a7078
- Size
  
  184KB
- MD5
  
  7d7d90ca3d347671783fcc2cba3a7078
- SHA1
  
  f3ccd008dcc6525dbf8b331212b1b68d4e1b6056
- SHA256
  
  d0057df0cd13877defd02490ec9b4558458533dec39fb4d34c7b5ab5a3b1a08f
- SHA512
  
  03fd3913375802884047a6cfbdbcc8e19842fc70d797c7b09f19734b00588db2237789937e568a9d5b4211db332598f347e40a93f52121a4a515e701f24bcac3
- SSDEEP
  
  3072:5bTkHUZ4AgcaEM8FrrOovKei+LhNnGGlCVRTkwIOSHNr8lr2bj6:dkHUZ4eJrOovKT+LhlGWITkF8lr2bj
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2