ff33c207cdf78dc7f1b8f3ba6998054439aaf1ad0608dbaed0b51e376da26caa | Triage

Sharing

General

Target

975b62dab787e8d2e537dd35950b2540
Size

355KB
Sample

240212-rl3jmshd98
MD5

975b62dab787e8d2e537dd35950b2540
SHA1

463aaf6aaaa1534ebd1894fab50cebca5bc90bd4
SHA256

ff33c207cdf78dc7f1b8f3ba6998054439aaf1ad0608dbaed0b51e376da26caa
SHA512

99a948999b390d161c411a324e3811a65c07c547c0f761cde7a96cc94be9a9d331a691eacbaf5b9bbef0106470be2bcea87d8908f4b4ae67dc00d23b2e298cd3
SSDEEP

6144:w3EmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9EiS:LmWhND9yJz+b1FcMLmp2ATTSsdS

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  975b62dab787e8d2e537dd35950b2540
- Size
  
  355KB
- MD5
  
  975b62dab787e8d2e537dd35950b2540
- SHA1
  
  463aaf6aaaa1534ebd1894fab50cebca5bc90bd4
- SHA256
  
  ff33c207cdf78dc7f1b8f3ba6998054439aaf1ad0608dbaed0b51e376da26caa
- SHA512
  
  99a948999b390d161c411a324e3811a65c07c547c0f761cde7a96cc94be9a9d331a691eacbaf5b9bbef0106470be2bcea87d8908f4b4ae67dc00d23b2e298cd3
- SSDEEP
  
  6144:w3EmWPDNND9yRPzLq+YXFqaZiMLic9kzVd7EAC4TSs9EiS:LmWhND9yJz+b1FcMLmp2ATTSsdS
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2