68668836b274f6c7e7c969243140649966acd6130a72ec99b669c499b1c461fc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7fc70cfe9387a27156f3e2cbda0ebefa
Size

1001KB
Sample

240129-n46ggahcf8
MD5

7fc70cfe9387a27156f3e2cbda0ebefa
SHA1

710e1f3d4a08948847036887184d7e09f0c8978a
SHA256

68668836b274f6c7e7c969243140649966acd6130a72ec99b669c499b1c461fc
SHA512

51d5251f0e0bf0080dba6efe6063aa6dd9f046b18db6edb50487ecadde23efce32e3d7397bd55fb9104e5983798dda72fe318e4b82007b6124a817bcf1c92eea
SSDEEP

24576:k7oMkWbZJxO8JBe5W5Y0ECbTmd9TKGgDKewWph1:aoWZ62Bni9Ruh3

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  7fc70cfe9387a27156f3e2cbda0ebefa
- Size
  
  1001KB
- MD5
  
  7fc70cfe9387a27156f3e2cbda0ebefa
- SHA1
  
  710e1f3d4a08948847036887184d7e09f0c8978a
- SHA256
  
  68668836b274f6c7e7c969243140649966acd6130a72ec99b669c499b1c461fc
- SHA512
  
  51d5251f0e0bf0080dba6efe6063aa6dd9f046b18db6edb50487ecadde23efce32e3d7397bd55fb9104e5983798dda72fe318e4b82007b6124a817bcf1c92eea
- SSDEEP
  
  24576:k7oMkWbZJxO8JBe5W5Y0ECbTmd9TKGgDKewWph1:aoWZ62Bni9Ruh3
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2