e66acf2a2750d42c2a1201254488873ff54b41b20ce27dfb9606674ce204cd1f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9b22dc3d3524a271f04fe01bd350b450
Size

456KB
Sample

240214-jgsjwaea64
MD5

9b22dc3d3524a271f04fe01bd350b450
SHA1

26f06c6dd1ba07514500975f57f773e09c6ee7c4
SHA256

e66acf2a2750d42c2a1201254488873ff54b41b20ce27dfb9606674ce204cd1f
SHA512

2d342035352f1f2c3ab0c2de09691d32d96f57f3eb6401a57b9d15d7e560478f3a2eda996993fc68acfaf18e2d7490bd7015886ef0f47df4e029726a8f28589c
SSDEEP

3072:sU1zwLJ2JkuSBe7aojkafD4phU1zwLvS:sU1zi2OQRjkk4phU1z

Score

10^/10

persistence

Malware Config

Targets

- Target
  
  9b22dc3d3524a271f04fe01bd350b450
- Size
  
  456KB
- MD5
  
  9b22dc3d3524a271f04fe01bd350b450
- SHA1
  
  26f06c6dd1ba07514500975f57f773e09c6ee7c4
- SHA256
  
  e66acf2a2750d42c2a1201254488873ff54b41b20ce27dfb9606674ce204cd1f
- SHA512
  
  2d342035352f1f2c3ab0c2de09691d32d96f57f3eb6401a57b9d15d7e560478f3a2eda996993fc68acfaf18e2d7490bd7015886ef0f47df4e029726a8f28589c
- SSDEEP
  
  3072:sU1zwLJ2JkuSBe7aojkafD4phU1zwLvS:sU1zi2OQRjkk4phU1z
Score

10^/10

persistence
- Modifies WinLogon for persistence
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2