0ee3580e666b0c35cfaaa02fef541f44507d04d2dd52a9735455284bbce970f4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8c5aac6860701bfed2d013b3dd76ba4f
Size

78KB
Sample

240203-pyanaahdb4
MD5

8c5aac6860701bfed2d013b3dd76ba4f
SHA1

ac4fbac04248cee4c382425ab2b8fb282762e105
SHA256

0ee3580e666b0c35cfaaa02fef541f44507d04d2dd52a9735455284bbce970f4
SHA512

296e72ec9509f413d5d87205452b243c6b272525445170ff0a9ff01a6e03b7f7f2a658caa4a76c4a3304d0410ed9b2726e0f675358cb82f11e4705432f623113
SSDEEP

1536:PH8W80bDWr2gE2mtRlVpj2xSu3wi0PhEVM44/fmuXp+:P67qgEtRljj2xKBPmVMnQ

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  8c5aac6860701bfed2d013b3dd76ba4f
- Size
  
  78KB
- MD5
  
  8c5aac6860701bfed2d013b3dd76ba4f
- SHA1
  
  ac4fbac04248cee4c382425ab2b8fb282762e105
- SHA256
  
  0ee3580e666b0c35cfaaa02fef541f44507d04d2dd52a9735455284bbce970f4
- SHA512
  
  296e72ec9509f413d5d87205452b243c6b272525445170ff0a9ff01a6e03b7f7f2a658caa4a76c4a3304d0410ed9b2726e0f675358cb82f11e4705432f623113
- SSDEEP
  
  1536:PH8W80bDWr2gE2mtRlVpj2xSu3wi0PhEVM44/fmuXp+:P67qgEtRljj2xKBPmVMnQ
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2